Privacy Policy

Last updated: June 11, 2026

1. Introduction and Scope

This Privacy Policy describes how Chopstick308 ("we," "us," or "our"), the operator of Sentinel, collects, uses, stores, and shares information in connection with the Sentinel Discord bot and web dashboard (collectively, the "Service"). By using the Service, you agree to the practices described in this Policy.

This Policy applies to all users of the Service, including Discord server administrators, server members whose servers have Sentinel installed, and individuals who access the Sentinel web dashboard. It does not apply to third-party services that Sentinel integrates with — please review the privacy policies of Discord, Stripe, OpenAI, and Anthropic separately.

2. Information We Collect

We collect information only to the extent necessary to provide and improve the Service.

2.1 Information you provide directly

  • Dashboard configuration: When you configure Sentinel through the web dashboard, we store your settings including channel IDs, role IDs, welcome message text, auto-moderation sensitivity levels, automation rule content, embed template content, custom command responses, and any other options you explicitly save. This is treated as server data, not personal data.
  • Discord OAuth authentication: When you sign in to the dashboard using Discord, we receive your Discord user ID, display name (global name or username), and avatar URL from Discord's OAuth API. We store these for the duration of your session to display your profile and verify your permissions, along with the list of Discord servers (guild IDs) you belong to and which servers you are permitted to manage. We do not receive your email address, phone number, or Discord password.

2.2 Information collected automatically through use of the Service

  • XP and leveling data: When the leveling system is enabled in a server, we record message activity to calculate experience points and assign levels. This data is associated with your Discord user ID and the server's guild ID.
  • Infraction records: When a server moderator issues a warn, timeout, kick, or ban through Sentinel, we log the action, the target user's Discord ID, the moderator's Discord ID, and any reason provided. This data serves as the server's moderation history.
  • Giveaway and reaction role entries: We store user IDs in association with giveaway entries and reaction role assignments as needed to operate those features.
  • Message content (transient): When AI Auto-Moderation is enabled in a server, each message posted in that server is forwarded to a third-party AI provider (OpenAI and/or Anthropic) for real-time content analysis. Sentinel does not store message content on our servers after the analysis is complete — the content is not logged, retained, or indexed by us. However, the AI provider may process and retain data in accordance with their own privacy policies.
  • AI Website Tracking: When AI Website Tracking is enabled, we store the configured URL, tracking description, check interval, alert channel ID, and the latest extracted value, summary, content hash, and check status for each tracker. To perform checks, Sentinel fetches the public webpage and sends extracted page text to OpenAI and/or Anthropic for analysis. We do not retain full page archives of every check — only the data needed to operate the tracker and detect changes. The AI provider may process fetched content under their own privacy policies.
  • Community and server feature data: Depending on which features are enabled, we may store Discord user IDs together with related server data such as: birthday month/day and optional birth year; ticket thread metadata and opener user IDs; invite counts and inviter associations; LFG post host IDs and descriptions; giveaway and reaction-role participation; voice-linked role assignments; and custom command or automation configuration you save.

2.3 Payment and billing information

  • If you purchase a Premium subscription, we store your Stripe Customer ID, Stripe subscription ID, subscription status (active, cancelled, past-due), and the Discord user ID of the Premium purchaser (premium buyer) to verify and manage billing access. If Premium or Fast Tracking is activated through a License Key, we store key expiry information and redemption metadata associated with the server. Full payment card details are collected, processed, and stored exclusively by Stripe — we never receive, see, or store your card number, CVV, or bank account details.
  • If you use Premium transfer, we log your Discord user ID, source guild ID, destination guild ID, and transfer timestamp to enforce monthly transfer limits. If you submit a subscription cancellation reason through the billing dashboard, we store that reason together with your Discord user ID and guild ID.

2.4 Technical and session data

  • The web dashboard uses an encrypted session cookie to maintain your login state after authenticating with Discord. This cookie contains only a signed session token — it holds no personally identifiable information on its own. We may log server-side errors (without message content) for debugging purposes.

3. How We Use Your Information

We use the information we collect only for the following purposes:

  • Service delivery: To operate and deliver the features you and your server administrators configure, including moderation actions, welcome messages, leveling, giveaways, tickets, and all other Sentinel features.
  • Authentication and authorization: To verify your identity and permissions when you access the web dashboard, and to determine which servers and settings you are permitted to manage.
  • Billing and subscription management: To process and manage Premium subscription payments through Stripe, verify active subscriptions, and handle billing inquiries.
  • Service improvement and debugging: To diagnose errors, investigate abuse or policy violations, and improve the reliability and security of the Service.
  • Legal compliance: To comply with applicable laws, respond to lawful requests from authorities, and enforce our Terms of Service.

We do not use your data for advertising, behavioral profiling, or any sale to third parties.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

  • AI providers (OpenAI / Anthropic): Message content is forwarded to these providers for real-time analysis when AI Auto-Moderation is enabled in a server. Each provider processes this data under their own privacy policy and data processing terms. We recommend reviewing their policies if you are concerned about how message data is handled.
  • Stripe: Billing information necessary to process Premium subscriptions is shared with Stripe, Inc. Stripe may collect additional information from you directly during checkout. Stripe is subject to its own privacy policy.
  • Discord: Sentinel interacts with Discord's API to function. Discord's privacy policy governs their collection and use of data arising from those interactions.
  • Legal requirements: We may disclose your information if required to do so by applicable law, regulation, legal process, or a valid governmental or law enforcement request. Where permitted, we will attempt to notify you of such requests.
  • Protection of rights: We may disclose information where we believe disclosure is necessary to protect the rights, property, or safety of us, our users, or others, or to detect, prevent, or address fraud, security, or technical issues.
  • Business transfers: If the Service is acquired by or merged with another entity, your information may be transferred as part of that transaction. We will notify you of any such change and any changes to this Privacy Policy.

5. Data Retention

We retain data for as long as necessary to operate the Service and fulfill the purposes described in this Policy, subject to the following:

  • Server configuration data is retained for as long as Sentinel remains in your server, and for a reasonable period thereafter in case of re-addition. Permanently deleted server data will be removed within 90 days.
  • XP and leveling data is retained until a server administrator resets it or you submit a deletion request.
  • Infraction records are retained as part of server moderation history until a server administrator deletes them or you submit a deletion request.
  • Session data (username and avatar URL) is stored only for the duration of your active login session and is discarded when your session expires or you log out.
  • Billing data (Stripe Customer ID, subscription status, premium buyer ID, and key expiry dates) is retained for as long as your subscription is active and for a reasonable period afterward to handle billing inquiries or disputes.
  • AI Website Tracking data is retained until a server administrator deletes the tracker or removes Sentinel from the server.
  • Premium transfer and cancellation logs are retained as long as needed to enforce transfer limits, investigate abuse, and resolve billing disputes.

6. Data Security

We implement reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted session cookies, private server infrastructure, and access controls limiting who can interact with stored data.

However, no method of electronic storage or internet transmission is 100% secure. We cannot guarantee absolute security of your data. In the event of a data breach that affects your personal information, we will notify affected users through the dashboard or Discord as soon as reasonably practicable and as required by applicable law.

7. Cookies and Tracking

The Sentinel web dashboard uses a single first-party session cookie to maintain your authenticated state after you log in with Discord. This cookie:

  • Contains only an encrypted session token — no personal data is embedded directly in the cookie;
  • Is deleted when you log out or your session expires;
  • Is required for the dashboard to function; it cannot be disabled while using the authenticated portions of the site.

We do not use advertising cookies, third-party tracking cookies, analytics pixels, or fingerprinting technologies. We do not respond to "Do Not Track" (DNT) browser signals at this time because we do not engage in the cross-site tracking that such signals are designed to prevent.

8. Children's Privacy

The Service is not directed to children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that a child under 13 has provided personal information to us, please contact us through our support server immediately and we will take steps to delete that information promptly.

Server Administrators are responsible for ensuring their use of Sentinel complies with the Children's Online Privacy Protection Act (COPPA) and any other applicable laws regarding minors.

9. Your Rights and Choices

Depending on where you are located, you may have the following rights with respect to your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data. Note that your username and avatar URL are sourced from Discord and must be updated there.
  • Deletion: Request deletion of your personal data. See Section 10 for details.
  • Restriction: Request that we restrict processing of your data in certain circumstances.
  • Portability: Request a copy of your data in a structured, machine-readable format.
  • Objection: Object to our processing of your data in certain circumstances.

To exercise any of these rights, please contact us through our Discord support server. We will respond to verified requests within 30 days. We may need to verify your identity before fulfilling a request.

10. Data Deletion Requests

You may request deletion of specific personal data associated with your Discord user ID at any time:

  • XP and level data: Can be reset by a server administrator through the dashboard, or by contacting us.
  • Infraction records: Can be deleted by a server administrator through the dashboard, or by contacting us.
  • All personal data: To request full deletion of all data associated with your Discord user ID across all servers, contact us through our support server. We will fulfill verified requests within 30 days. Note that we cannot delete data that server administrators are required to retain for their own legal compliance purposes.

11. California Residents — CCPA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following additional rights:

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you in the past 12 months, the sources of that information, the purposes for which it was collected, and the categories of third parties with whom it was shared.
  • Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights. We will not deny you the Service, charge you different prices, or provide a different quality of service because you exercised your privacy rights.
  • Right to Opt-Out of Sale: We do not sell personal information. You do not need to opt out.

To exercise your California privacy rights, contact us through our Discord support server. We will verify your identity before fulfilling any request.

12. International Users

The Service is operated from the State of Florida, United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using the Service, you consent to the transfer and processing of your information in the United States, which may have data protection laws that differ from those in your country.

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you may have additional rights under the General Data Protection Regulation (GDPR) and similar laws, including the right to access, correct, delete, or restrict processing of your personal data, and the right to lodge a complaint with your local supervisory authority. We process personal data as necessary to provide the Service (contract), to secure and improve the Service (legitimate interests), and, where Server Administrators enable AI or monitoring features, based on their configuration of the Service for their community. To exercise GDPR-related rights, contact us through our support server.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes — particularly those that affect how we use your personal data or your rights — we will make reasonable efforts to notify active users through the dashboard or Discord before the changes take effect. Your continued use of the Service after changes are posted constitutes your acceptance of the revised Policy.

14. Contact

For privacy-related inquiries, data access requests, data deletion requests, or to report a potential privacy issue, please contact us through our Discord support server or via the /support command in any server with Sentinel. We aim to respond to all privacy inquiries within 30 days.