Privacy Policy

Last updated: June 26, 2026

1. Introduction and Scope

This Privacy Policy describes how Chopstick308 ("we," "us," or "our"), the operator of Sentinel, collects, uses, stores, and shares information in connection with the Sentinel Discord bot and web dashboard (collectively, the "Service"). By using the Service, you agree to the practices described in this Policy.

This Policy applies to all users of the Service, including Discord server administrators, server members whose servers have Sentinel installed, and individuals who access the Sentinel web dashboard at sentinelbot.gg. It does not apply to third-party services that Sentinel integrates with — please review the privacy policies of Discord, Stripe, OpenAI, Anthropic, Twitch, and feed publishers separately.

2. Information We Collect

We collect information only to the extent necessary to provide and improve the Service.

2.1 Information you provide directly

  • Dashboard configuration: When you configure Sentinel through the web dashboard, we store your settings including channel IDs, role IDs, welcome message text, auto-moderation sensitivity levels, automation rule content, embed template content, custom command responses, and any other options you explicitly save. This is treated as server data, not personal data.
  • Discord OAuth authentication: When you sign in to the dashboard using Discord, we receive your Discord user ID, display name (global name or username), and avatar URL from Discord's OAuth API. We store these for the duration of your session to display your profile and verify your permissions, along with the list of Discord servers (guild IDs) you belong to and which servers you are permitted to manage. We do not receive your email address, phone number, or Discord password.

2.2 Information collected automatically through use of the Service

  • XP and leveling data: When the leveling system is enabled in a server, we record message activity to calculate experience points and assign levels. This data is associated with your Discord user ID and the server's guild ID.
  • Infraction records: When a server moderator issues a warn, timeout, kick, or ban through Sentinel, we log the action, the target user's Discord ID, the moderator's Discord ID, and any reason provided. This data serves as the server's moderation history.
  • Giveaway and reaction role entries: We store user IDs in association with giveaway entries and reaction role assignments as needed to operate those features.
  • Message content (transient): When AI Auto-Moderation or Full AI is enabled in a server, message content from scanned messages is forwarded to a third-party AI provider (OpenAI and/or Anthropic) for real-time content analysis. Sentinel does not store message content on our servers after the analysis is complete — the content is not logged, retained, or indexed by us. However, the AI provider may process and retain data in accordance with their own privacy policies.
  • AI Website Tracking: When AI Website Tracking is enabled, we store the configured URL, tracking description, check interval, alert channel ID, and the latest extracted value, summary, content hash, and check status for each tracker. To perform checks, Sentinel fetches the public webpage and sends extracted page text to OpenAI and/or Anthropic for analysis. We do not retain full page archives of every check — only the data needed to operate the tracker and detect changes. The AI provider may process fetched content under their own privacy policies.
  • Community and server feature data: Depending on which features are enabled, we may store Discord user IDs together with related server data such as: birthday month/day and optional birth year; ticket thread metadata and opener user IDs; invite counts and inviter associations; LFG post host IDs and descriptions; giveaway and reaction-role participation; voice-linked role assignments; and custom command or automation configuration you save.
  • Guild and server metadata: When Sentinel joins or rejoins a Discord server, we record the guild ID, guild name, guild owner Discord user ID, and join timestamps (initial join and most recent rejoin). If Sentinel is removed from a server, we retain this metadata together with removal timestamps and tenure information for operational, analytics, and service-improvement purposes even after the bot no longer has access to the server.
  • Direct messages to server owners: When Sentinel joins a server, we may post a welcome message in a server channel and/or send an optional onboarding direct message to the server owner with setup links and feature information. When Sentinel is removed from a server after meeting a minimum tenure threshold, we may send an optional direct message to the server owner soliciting voluntary feedback. If the owner replies within the active reply window (currently twenty-four (24) hours from the outreach message), we forward the reply content — and any attachment filenames or files the owner included — to our internal operator support channel. We record outreach metadata (owner user ID, guild ID, guild name, tenure, send time, and whether a reply was received) to route replies correctly and prevent duplicate forwarding.
  • Growth and churn analytics (operator-only): We maintain aggregated bot-wide metrics such as server join and leave counts, member join and leave events, and periodic snapshots of total servers and members. For servers from which Sentinel was removed, we retain guild ID, guild name, owner Discord user ID (where available), join and removal dates, and tenure. These records are used exclusively for internal operational analytics and are not sold or used for advertising.
  • Welcome captcha verification (Premium): When enabled by a server administrator, new members may be required to complete a captcha verification flow before receiving full access. We store verification configuration (channel, role, and embed settings) and process verification interactions needed to assign or withhold roles. Temporary role restrictions applied during verification are configured by the server administrator.
  • Server backups (Premium): When enabled, we create and store compressed snapshots of server structure — including roles, channels, permission overwrites, and related Sentinel plugin configuration metadata — to support restore operations initiated by server administrators. Snapshots are stored on our infrastructure and associated with the guild ID.
  • MEE6 XP import: When a server administrator initiates a MEE6 import, we fetch publicly available leaderboard data from MEE6's API and/or process administrator-uploaded JSON or CSV export files. We store imported XP, level, and username mappings, and optional role-reward associations, solely to apply them to the server's leveling configuration. We do not guarantee the accuracy or completeness of imported data.
  • RSS and news feed polling: When the news feed feature is enabled, we store configured feed URLs, display labels, target channel IDs, polling schedule metadata, and the identifiers of the most recently seen items. On a recurring schedule, Sentinel fetches those publicly accessible third-party RSS or Atom feeds to detect and post new entries.
  • Twitch integration and OAuth: For Twitch stream alerts, we store alert configuration (broadcaster login, target channel, message template, and polling state). If a server enables Twitch subscriber role linking, members who authorize access through Twitch OAuth provide OAuth tokens that we store (access token, refresh token, and expiry) together with their Discord user ID, Twitch user ID, Twitch login, guild ID, and subscription-check status. Short-lived OAuth state tokens used during the authorization handshake are discarded after use or expiry (currently ten (10) minutes).

2.3 Payment and billing information

  • If you purchase a Premium subscription, we store your Stripe Customer ID, Stripe subscription ID, subscription status (active, cancelled, past-due), and the Discord user ID of the Premium purchaser (premium buyer) to verify and manage billing access. If Premium or Fast Tracking is activated through a License Key, we store key expiry information and redemption metadata associated with the server. Full payment card details are collected, processed, and stored exclusively by Stripe — we never receive, see, or store your card number, CVV, or bank account details.
  • If you purchase Full AI credit packs, we store the pack purchased, credit amount, Stripe payment identifiers, guild ID, purchaser Discord user ID, and resulting credit balance and transaction history for that server. Stripe processes the payment; we do not store card details.
  • If you use Premium transfer, we log your Discord user ID, source guild ID, destination guild ID, and transfer timestamp to enforce monthly transfer limits. If you submit a subscription cancellation reason through the billing dashboard, we store that reason together with your Discord user ID and guild ID.

2.4 Full AI usage statistics

  • On Premium servers with Full AI enabled, we store credit balance, credit purchase and consumption records, scans used in the current billing period (where applicable), and optional scan-limit settings configured by server administrators. These statistics are used to operate billing, enforce limits, and display usage in the dashboard.

2.5 Technical and session data

  • The web dashboard uses an encrypted session cookie to maintain your login state after authenticating with Discord. This cookie contains only a signed session token — it holds no personally identifiable information on its own. We may log server-side errors (without message content) for debugging purposes.

3. How We Use Your Information

We use the information we collect only for the following purposes:

  • Service delivery: To operate and deliver the features you and your server administrators configure, including moderation actions, welcome messages, leveling, giveaways, tickets, and all other Sentinel features.
  • Authentication and authorization: To verify your identity and permissions when you access the web dashboard, and to determine which servers and settings you are permitted to manage.
  • Billing and subscription management: To process and manage Premium subscription payments through Stripe, verify active subscriptions, and handle billing inquiries.
  • Service improvement and debugging: To diagnose errors, investigate abuse or policy violations, and improve the reliability and security of the Service — including analyzing voluntary removal feedback and aggregated growth/churn metrics to understand how servers adopt and leave the Service.
  • Legal compliance: To comply with applicable laws, respond to lawful requests from authorities, and enforce our Terms of Service.

We do not use your data for advertising, behavioral profiling, or any sale to third parties.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

  • AI providers (OpenAI / Anthropic): Message content is forwarded to these providers for real-time analysis when AI Auto-Moderation is enabled in a server. Each provider processes this data under their own privacy policy and data processing terms. We recommend reviewing their policies if you are concerned about how message data is handled.
  • Stripe: Billing information necessary to process Premium subscriptions is shared with Stripe, Inc. Stripe may collect additional information from you directly during checkout. Stripe is subject to its own privacy policy.
  • Discord: Sentinel interacts with Discord's API to function. Discord's privacy policy governs their collection and use of data arising from those interactions.
  • Legal requirements: We may disclose your information if required to do so by applicable law, regulation, legal process, or a valid governmental or law enforcement request. Where permitted, we will attempt to notify you of such requests.
  • Protection of rights: We may disclose information where we believe disclosure is necessary to protect the rights, property, or safety of us, our users, or others, or to detect, prevent, or address fraud, security, or technical issues.
  • Operator support (removal feedback): If you voluntarily reply to a removal feedback direct message within the active reply window, your reply content is shared only with the Service operator through our internal Discord support channel. It is not sold or shared with unrelated third parties.
  • Twitch: When you authorize Twitch OAuth for subscriber role linking, token exchange occurs directly with Twitch's authorization servers under Twitch's privacy policy. We store the resulting tokens solely to verify subscription status and assign roles as configured.
  • Business transfers: If the Service is acquired by or merged with another entity, your information may be transferred as part of that transaction. We will notify you of any such change and any changes to this Privacy Policy.

5. Data Retention

We retain data for as long as necessary to operate the Service and fulfill the purposes described in this Policy, subject to the following:

  • Server configuration data is retained for as long as Sentinel remains in your server, and for a reasonable period thereafter in case of re-addition. Permanently deleted server data will be removed within 90 days.
  • XP and leveling data is retained until a server administrator resets it or you submit a deletion request.
  • Infraction records are retained as part of server moderation history until a server administrator deletes them or you submit a deletion request.
  • Session data (username and avatar URL) is stored only for the duration of your active login session and is discarded when your session expires or you log out.
  • Billing data (Stripe Customer ID, subscription status, premium buyer ID, credit balances, credit transaction history, and key expiry dates) is retained for as long as your subscription or credit balance is active and for a reasonable period afterward to handle billing inquiries or disputes.
  • Full AI usage statistics are retained while Sentinel remains in the server and for up to 90 days after removal or credit exhaustion, unless a server administrator requests earlier deletion.
  • AI Website Tracking data is retained until a server administrator deletes the tracker or removes Sentinel from the server.
  • Premium transfer and cancellation logs are retained as long as needed to enforce transfer limits, investigate abuse, and resolve billing disputes.
  • Guild metadata after removal (guild ID, guild name, owner Discord user ID, join and removal timestamps, and tenure) is retained for up to ninety (90) days after Sentinel is removed from a server, or longer in aggregated form that does not expand beyond the identifiers needed for operational analytics.
  • Removal feedback outreach records (owner user ID, guild ID, guild name, tenure, send time, and reply status) are retained for the duration of the reply window and for up to ninety (90) days thereafter, after which they are deleted unless needed to resolve an active support inquiry.
  • Voluntary removal feedback message content forwarded to our operator support channel is retained only as long as needed to review and improve the Service, typically not exceeding ninety (90) days.
  • Growth and churn analytics (aggregated join/leave counters and per-guild removal records) are retained for internal operational purposes; individual removal records follow the guild metadata retention period above.
  • Server backup snapshots (Premium) are retained until a server administrator deletes them, Sentinel is removed from the server, or they are rotated out by the snapshot limit (currently five per server), after which they are deleted within ninety (90) days.
  • MEE6 import data is retained as part of the server's leveling configuration until reset by a server administrator or deleted pursuant to a server data deletion request.
  • News feed configuration and last-seen item IDs are retained while the feature remains enabled and for up to ninety (90) days after the feed is disabled or Sentinel is removed.
  • Twitch OAuth tokens and link records are retained while subscriber role linking remains enabled for the member and server. Tokens are deleted when a member unlinks their account, the feature is disabled, or Sentinel is removed from the server.

6. Data Security

We implement reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted session cookies, private server infrastructure, and access controls limiting who can interact with stored data.

However, no method of electronic storage or internet transmission is 100% secure. We cannot guarantee absolute security of your data. In the event of a data breach that affects your personal information, we will notify affected users through the dashboard or Discord as soon as reasonably practicable and as required by applicable law.

7. Cookies and Tracking

The Sentinel web dashboard uses a single first-party session cookie to maintain your authenticated state after you log in with Discord. This cookie:

  • Contains only an encrypted session token — no personal data is embedded directly in the cookie;
  • Is deleted when you log out or your session expires;
  • Is required for the dashboard to function; it cannot be disabled while using the authenticated portions of the site.

We do not use advertising cookies, third-party tracking cookies, analytics pixels, or fingerprinting technologies. We do not respond to "Do Not Track" (DNT) browser signals at this time because we do not engage in the cross-site tracking that such signals are designed to prevent.

8. Children's Privacy

The Service is not directed to children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that a child under 13 has provided personal information to us, please contact us through our support server immediately and we will take steps to delete that information promptly.

Server Administrators are responsible for ensuring their use of Sentinel complies with the Children's Online Privacy Protection Act (COPPA) and any other applicable laws regarding minors.

9. Your Rights and Choices

Depending on where you are located, you may have the following rights with respect to your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data. Note that your username and avatar URL are sourced from Discord and must be updated there.
  • Deletion: Request deletion of your personal data. See Section 10 for details.
  • Restriction: Request that we restrict processing of your data in certain circumstances.
  • Portability: Request a copy of your data in a structured, machine-readable format.
  • Objection: Object to our processing of your data in certain circumstances.

To exercise any of these rights, please contact us through our Discord support server. We will respond to verified requests within 30 days. We may need to verify your identity before fulfilling a request.

10. Data Deletion Requests

You may request deletion of specific personal data associated with your Discord user ID at any time:

  • XP and level data: Can be reset by a server administrator through the dashboard, or by contacting us.
  • Infraction records: Can be deleted by a server administrator through the dashboard, or by contacting us.
  • All personal data: To request full deletion of all data associated with your Discord user ID across all servers, contact us through our support server. We will fulfill verified requests within 30 days. Note that we cannot delete data that server administrators are required to retain for their own legal compliance purposes.

11. California Residents — CCPA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following additional rights:

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you in the past 12 months, the sources of that information, the purposes for which it was collected, and the categories of third parties with whom it was shared.
  • Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights. We will not deny you the Service, charge you different prices, or provide a different quality of service because you exercised your privacy rights.
  • Right to Opt-Out of Sale: We do not sell personal information. You do not need to opt out.

To exercise your California privacy rights, contact us through our Discord support server. We will verify your identity before fulfilling any request.

12. International Users

The Service is operated from the State of Florida, United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using the Service, you consent to the transfer and processing of your information in the United States, which may have data protection laws that differ from those in your country.

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you may have additional rights under the General Data Protection Regulation (GDPR) and similar laws, including the right to access, correct, delete, or restrict processing of your personal data, and the right to lodge a complaint with your local supervisory authority. We process personal data as necessary to provide the Service (contract), to secure and improve the Service (legitimate interests), and, where Server Administrators enable AI or monitoring features, based on their configuration of the Service for their community. To exercise GDPR-related rights, contact us through our support server.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes — particularly those that affect how we use your personal data or your rights — we will make reasonable efforts to notify active users through the dashboard or Discord before the changes take effect. Your continued use of the Service after changes are posted constitutes your acceptance of the revised Policy.

14. Contact

For privacy-related inquiries, data access requests, data deletion requests, or to report a potential privacy issue, please contact us through our Discord support server or via the /support command in any server with Sentinel. We aim to respond to all privacy inquiries within 30 days.