Privacy Policy

Effective Date: August 12, 2025

1. Controller & Contact

The data controller is MinimalPulse ("we", "us"). Contact: contact@sentinelai.dev. This Policy explains how we process personal data when you use the SentinelAI bot and website (the "Service").

2. What We Collect

  • Server & User Identifiers: Discord Server IDs, Channel IDs (where needed), and User IDs to store settings and apply moderation actions.
  • Moderation Logs: Records of automated actions (e.g., deletions, timeouts, kicks/bans) with timestamps and minimal context for audit/security. Default retention in Section 7.
  • Content Analysis: For moderation, we analyze messages, images, and links in real time (including via third‑party AI/moderation APIs). Unless explicitly stated, analyzed content is processed ephemerally and not stored beyond the operation.
  • Website Login: Discord OAuth profile (ID, username, avatar), and OAuth access/refresh tokens (stored securely until expiry), plus essential session cookies.
  • Security Logs: IP addresses and similar event data collected for abuse prevention and debugging.
  • Payments: Stripe provides us payment status, amount, currency, purchaser Discord ID, Server ID, session/intent IDs, and timestamps. We do not receive or store full card numbers.

3. Purposes & Legal Bases (GDPR)

  • Provide the Service (operate the bot, dashboard, and Premium) - Art. 6(1)(b) contract necessity.
  • Security & Abuse Prevention (rate limiting, fraud/chargeback monitoring) - Art. 6(1)(f) legitimate interests.
  • Legal/Tax Compliance (payment record keeping) - Art. 6(1)(c) legal obligation.
  • Optional Features (where you opt in) - Art. 6(1)(a) consent.

4. Storage, Security & Locations

  • Hosting: We use Supabase (primary region: US‑East‑1) with encryption at rest and strict access controls.
  • Transport: All data in transit is protected by HTTPS/TLS.
  • Access: Production access is limited to authorized personnel using MFA and least‑privilege principles.

5. Sharing with Third Parties

We do not sell personal data. We share limited data with:

  • Supabase (database, authentication, storage provider).
  • Stripe (payment processing; acts as an independent controller for payment details).
  • Moderation/AI APIs used to analyze content for policy violations. These providers typically process data ephemerally and do not retain it.
  • Logging/Monitoring providers (if used) to maintain reliability and security.

6. International Transfers

Where data is transferred outside your country (e.g., to the United States), we rely on appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and supplier commitments. By using the Service, you acknowledge such transfers.

7. Retention

  • Server settings & IDs: retained until you delete the Server configuration or your account.
  • Moderation logs: retained up to 30 days by default for audit/security, unless your Server configuration specifies otherwise.
  • OAuth tokens: stored until expiration or revocation.
  • IP addresses: retained for 30 days for security and abuse prevention.
  • Payment metadata: retained for the period required by applicable tax and accounting laws (often 5–10 years).

8. Automated Decisions

Certain actions (e.g., message deletion, timeouts) may be taken automatically based on your configuration.

9. Your Rights

  • Access, rectification, erasure, and portability of your personal data.
  • Restriction of processing and objection to processing (including where based on legitimate interests).
  • Withdraw consent at any time where processing is based on consent.
  • File a complaint with your local supervisory authority. If we are established in the EU, you may also contact the authority where we are established.

To exercise rights, use your profile page tools (Download Data / Delete Account) or email contact@sentinelai.dev.

10. Children

The Service is intended for users who meet Discord’s minimum age requirement (13+). We do not knowingly collect personal data from children under this age threshold.

11. Cookies & Tracking

We use only essential cookies for authentication and session management. We do not use third‑party advertising cookies. If we introduce analytics or non‑essential cookies in the future, we will request your consent where required.

12. Changes to this Policy

We may update this Policy. Changes will be posted on this page and announced via our website or Discord for material updates. Continued use after updates constitutes acceptance.

13. Contact

Email: contact@sentinelai.dev
Discord: Support Server