Privacy Policy
This Privacy Policy explains what data the Discord bot AutoMod+ collects, why it is processed, the legal basis, how long it is kept, and your rights under the EU General Data Protection Regulation (GDPR).
1. Data Controller
The data controller is the operator of the bot and/or the administrator of the Discord server on which the bot is used.
Contact: privacy@lena4x.dev
2. What data we process
Always processed
| Data | Purpose |
|---|---|
| Discord User ID | Attribute moderation actions, bans, logs |
| Username / display name | Display in moderation logs |
| Server & channel IDs | Per-server configuration |
| Moderation actions | Accountability, audit trail |
| Ban reports | Network ban system |
Only when a feature is enabled
| Data | Enabled by |
|---|---|
| Message content | Message Logging (per server) |
| Image/GIF content (transient) | AI Image Moderation — not stored after scanning |
We do not collect
- IP addresses, email addresses, passwords or tokens
- Payment or financial data
- Private direct messages (unless the bot is a direct recipient)
3. Legal basis (GDPR Art. 6)
Art. 6(1)(f) — Legitimate interests: keeping the community safe, preventing abuse, and enforcing server rules. Processing is limited to what is necessary.
4. Message Logging
When Message Logging is enabled for a server, the bot stores all public messages in that server (text, channel, author, timestamp).
5. Data sharing
We do not sell or share personal data. Data is only transmitted to:
- Discord — the underlying platform.
- Security services, for link checking only (urlscan.io, Sinking Yachts, Bitflow anti-fish) — only the URL is sent, no user data.
- AWS Rekognition — image data for the automated NSFW/gore scan.
6. Data retention
| Data | Retention |
|---|---|
| Message logs | 30 days (auto-deleted) |
| Moderation & ban reports | Until manually deleted |
| Server settings | While the bot is on the server |
| Database backups | 14 days |
7. Storage & security
- Self-hosted PostgreSQL database, reachable only locally — not publicly exposed.
- Dashboard access restricted to authorised accounts via Discord OAuth.
- Regular automated backups.
8. Your rights (GDPR Art. 15–22)
- Access — obtain a copy of your data
- Rectification — correct inaccurate data
- Erasure — request deletion ("right to be forgotten")
- Restriction & Objection — limit or object to processing
- Portability — receive your data in a portable format
You may also lodge a complaint with a supervisory authority.
9. How to exercise your rights
Contact us at privacy@lena4x.dev with your Discord User ID. We respond within one month. Data is deleted on request unless a legal obligation requires retention.
10. Children
Discord requires users to be at least 13 (or older where local law requires). The bot is not intended for children below the applicable minimum age.
11. Changes
This policy may be updated. The "Last updated" date reflects the current version.