Privacy Policy

We collect the following categories of information:

• Discord User IDs — collected when a user joins a monitored server or interacts with the bot. Used to identify accounts in our moderation database.
• Discord Usernames & Avatars — collected transiently via the Discord API for display purposes in the dashboard and appeals. Not stored independently.
• Server Membership Data — records of which servers a flagged user has been detected in, including server name and join timestamps.
• Appeal Submissions — Discord ID, username, avatar URL, reason text, and additional information provided voluntarily during the appeal process.
• Server Configuration — moderation settings (auto-action, notification channels, whitelisted users) configured by server administrators.

Information collected is used solely to:

• Identify and flag accounts associated with condo communities
• Execute automated moderation actions as configured by server admins
• Process and review database removal requests and appeals
• Display moderation analytics to authorized server administrators
• Maintain audit logs for accountability and dispute resolution

We do not sell, rent, or share your personal data with third parties for marketing purposes.

The Service integrates with the following third-party moderation databases to identify flagged accounts:

• ISB (Insurrection Scanner Base)
• TASE
• Rotector

We do not control the data held by these databases. If you believe your information in a third-party database is incorrect, you should contact that service directly in addition to submitting an appeal with us.

Flagged user records are retained indefinitely unless a removal request is approved. Appeal records are retained for auditing purposes. Server configuration data is retained while the bot remains in your server and may be deleted upon removal.

You may request deletion of your data by submitting a removal request through our appeal system.

The web dashboard uses Discord OAuth2 for authentication (powered by NextAuth). We receive your Discord user ID, username, and avatar from Discord during sign-in. We store a session token in an HTTP-only cookie on your device. We do not store your Discord password or access token beyond the active session.

The Service uses session cookies for authentication purposes only. These cookies are strictly necessary for dashboard functionality and are not used for tracking or advertising. They expire when your session ends or after 30 days, whichever comes first.

We use industry-standard practices to protect stored data, including access controls, encrypted connections (HTTPS/TLS), and limited data access on a need-to-know basis. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Depending on your jurisdiction, you may have the right to:

• Request access to the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data (right to erasure)
• Object to processing of your data

To exercise these rights, submit an appeal or removal request via the dashboard, or contact a system administrator through Discord.

The Service is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us so we can delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. Continued use of the Service after changes are posted constitutes acceptance of the revised policy.

If you have questions or concerns about this Privacy Policy or how we handle your data, please reach out via the appeal page or by contacting a system administrator on Discord.