!deletedata.| Where does CrypGuard operate? | Only in Discord servers that explicitly invited the bot |
|---|---|
| Can it read your DMs? | No — Discord's permission model physically prevents this |
| What messages are stored? | Only confirmed threat messages — normal messages are scanned and immediately discarded. Flagged message text: 30 days, wiped instantly on !deletedata |
| Personal data retention | Detection logs: 30 days • Threat history: 30 days • Nicknames & fusion sessions: 30 days • VIP profiles: while permissions held |
| Are user IDs hashed in audit records? | Yes — one-way HMAC hashed (not reversible); raw IDs are never stored in audit logs |
| False positive archiving | Only !dismiss (full delete) is currently available. Archiving feature is temporarily unavailable. |
| Who do we share data with? | Nobody — except LemonSqueezy (payments) and third-party AI services for real-time threat verification (inference only, no retention) |
| Can you delete your data? | Yes — run !deletedata in any server with CrypGuard |
| Do we sell your data? | Never |
| Contact | crypguard.com — Get in Touch |
CrypGuard Genesis (“we”, “our”, “the bot”) is a Discord security bot designed to protect your server from scams, impersonation attacks, and malicious content. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your personal information.
By adding CrypGuard Genesis to your Discord server or interacting with the bot, you agree to this Privacy Policy.
Contact: For privacy concerns or data requests, submit a request at crypguard.com — Get in Touch
To detect impersonation attacks against server administrators and moderators, we collect and store the following information about users with elevated permissions:
Why we collect this: This data enables our impersonation detection system to identify when a new user attempts to mimic a server administrator’s name, avatar, or identity—a common scam tactic.
Retention: VIP data is stored as long as you maintain VIP permissions in a server where CrypGuard is active. It is automatically deleted when the bot is removed from the server, you lose all VIP-qualifying permissions, or you request data deletion via !deletedata.
When our security detectors flag potential threats, we log:
Why we collect this: Detection logs are the foundation of our security operations — they enable admin review, Trust & Safety reporting via !report-scammer, and forensic investigation of incidents.
Retention: 30 days, then automatically deleted. All detection logs are immediately anonymized upon !deletedata request, regardless of the retention window.
For each server where CrypGuard is installed, we store:
Why we collect this: This data enables tier-based features and allows server administrators to configure CrypGuard’s behavior.
Retention: Server settings are deleted when the bot is removed. Trial/subscription history (guild ID and dates only) is retained permanently to prevent trial abuse. This contains no personal user data.
When users change their Discord nickname or display name in a server, we log:
Why we collect this: Nickname cycling (rapidly changing names to impersonate different staff members) is a common impersonation tactic. Tracking nickname changes allows our Identity Shield to detect suspicious patterns.
Retention: Nickname history is retained for 30 days and then automatically deleted.
When multiple security Shields flag the same user during a security event, we store:
Why we collect this: Multi-factor threat analysis (combining signals from multiple Shields) improves detection accuracy and reduces false positives.
Retention: Fusion sessions are retained for 30 days and then automatically deleted.
If you subscribe to Sentry Pro, payment processing is handled by LemonSqueezy. We do NOT store credit card numbers or full payment details. LemonSqueezy retains payment history, billing information, and transaction records.
Why LemonSqueezy retains this: Financial regulations require payment processors to retain transaction records for 7 years for tax and legal compliance. This is a LemonSqueezy policy, not a CrypGuard policy.
What we receive and store from LemonSqueezy webhooks: Subscription status (active, cancelled, trial), subscription tier, LemonSqueezy order and customer identifiers (for webhook deduplication), subscription dates, and amount. We do not store your payment method, billing address, or any other personal payment details.
When CrypGuard incorrectly flags a legitimate message (a “false positive”), server administrators can dismiss the alert using:
!dismiss <user_id>: All data associated with the detection is permanently deleted — detection logs, ML session data, alerts, and reactions. Nothing is retained anywhere.
!dismiss (full delete) is available. This feature will be re-enabled when a compliant consent mechanism is confirmed.
Legal Basis for !dismiss: Deletion performed at administrator request. No data retained, no legal basis required.
To identify repeat offenders within a server, we maintain per-user threat counters:
Why we collect this: Repeat offender detection within each server. A user flagged multiple times in a short window is significantly more likely to be a genuine threat.
Retention: 30 days, then automatically deleted. Justified under Legitimate Interest (GDPR Art. 6(1)(f)): this aligns with the standard 30-day incident response window used for detection logs, enabling consistent forensic review across all threat data. This data is entirely server-scoped — never shared cross-server.
To avoid redundant re-scanning of the same URLs, we cache URL reputation results:
Why we collect this: Performance optimization — scanning the same URL once per 30 days rather than on every message reduces latency and API costs.
Personal data: None. URL hashes are one-way and contain no user or server identifiers.
Retention: 30 days, then automatically deleted.
To maintain an accountability trail for GDPR compliance operations, we log:
Why we collect this: Legal obligation — GDPR requires a demonstrable record of compliance actions. Raw user IDs are never stored in audit records. Only one-way HMAC hashes are used, making reverse lookup impossible.
Retention: 90 days, then automatically deleted.
When you submit a !deletedata request, we record:
Why we collect this: Proof of GDPR compliance (legal obligation). This record demonstrates we honored your erasure request. Raw user IDs are never stored here.
Retention: 3 years (legal obligation under GDPR accountability principle — Art. 5(2)).
When our security detectors flag a message at HIGH or CRITICAL confidence, the text of that message is stored alongside the detection log for forensic review:
!report-scammer Trust & Safety reports, and incident investigationRetention: 30 days for all confirmed threat detections — the standard cybersecurity incident response window. Volunteer server administrators may not check alerts daily; a scam detected on Friday that an admin reviews on Monday has already consumed 3 days. Flat 30-day retention ensures consistent forensic coverage regardless of threat severity.
Override: !deletedata immediately wipes all message content regardless of retention window. Your right to erasure takes precedence over retention periods.
Legal Basis: GDPR Article 6(1)(f) — Legitimate Interest (security and fraud prevention). GDPR Recital 47 explicitly names fraud prevention as a legitimate interest. This processing is necessary, proportionate, and immediately overrideable by your data rights.
How message scanning works: Every message sent in a server where CrypGuard is active is scanned in real-time for threats. The vast majority of messages — normal conversation, legitimate links, regular activity — are scanned and immediately discarded from memory. We do not store, log, or retain any message that does not trigger a security alert.
For HIGH and CRITICAL threat detections, flagged message content may be processed by third-party AI services as part of our security analysis pipeline. This processing occurs in real-time at the point of detection, is limited to confirmed threat events only, and no message content is retained by these services beyond the analysis call. All content is deleted from our own systems within 30 days per our standard retention policy, and immediately upon !deletedata request.
Why AI verification: A secondary AI analysis of confirmed threats helps identify false positives before alerts reach administrators and improves detection accuracy over time.
What we do NOT do:
We do NOT sell, rent, or trade your personal data. Limited sharing occurs only in these scenarios:
We use Discord’s API to fetch member data and send alerts. Discord’s own privacy policy governs their data practices.
If you subscribe to Sentry Pro, your payment is processed through LemonSqueezy. LemonSqueezy’s privacy policy applies to payment data.
Flagged message content from confirmed threat detections may be processed by third-party AI services for real-time threat verification. Processing is inference-only — no message content is retained by these services beyond the API call. These services act as data processors under a Data Processing Agreement (DPA) in accordance with GDPR Art. 28. We do not disclose which specific AI provider is used in order to protect the integrity of our detection pipeline.
We may disclose data if required by law (e.g., valid subpoena, court order) or to protect against fraud, abuse, or security threats.
You can request a copy of all data we store about you via our contact form. We will respond within 30 days.
You can delete your personal data using the !deletedata command in any Discord server where CrypGuard is present.
How it works:
!deletedata in a Discord serverWhat happens to each data type:
!deletedata.
Trial/Subscription History Exemption: Trial history (guild ID and dates only) is not deleted as it prevents trial abuse and contains no personal user data.
If your stored data is inaccurate, you can trigger an update by changing your Discord profile (updates automatically within 24 hours) or asking your server admin to contact support.
Request a machine-readable export of your data via our contact form.
You can object to data processing based on Legitimate Interest at any time. To exercise this right:
!deletedata to immediately stop processing and delete your dataYou have the right to request restriction of processing in circumstances where you contest the accuracy of data, the processing is unlawful but you prefer restriction over deletion, or you have objected to processing pending verification of our legitimate grounds. Contact us via our contact form to exercise this right.
If you believe we are processing your personal data unlawfully, you have the right to lodge a complaint with your national supervisory authority. For users in the EU, a list of national supervisory authorities is available at edpb.europa.eu.
We implement industry-standard security measures:
CrypGuard only operates in servers that have explicitly invited the bot. We have no ability to access, monitor, or read messages in any server that has not added CrypGuard. If you remove the bot, access stops immediately and your data is deleted within 24 hours.
CrypGuard never reads private Direct Messages (DMs). Discord’s permission model physically prevents bots from accessing DMs unless a user explicitly opens a DM with the bot. CrypGuard does not request this permission.
What We Request:
What We DON’T Request:
| Data Type | Retention Period | Auto-Deletion |
|---|---|---|
| VIP Profiles | While you have VIP permissions | Yes (on role/bot removal) |
| Detection Logs | 30 days | Yes (automatic) |
| Nickname History | 30 days | Yes (automatic) |
| Fusion Analysis Sessions | 30 days | Yes (automatic) |
| Threat History | 30 days | Yes (automatic) |
| URL Cache | 30 days | Yes (automatic) |
| Detection Feedback | 30 days | Yes (automatic) |
| ML Session Logs (hashed) | 90 days | Yes (automatic) |
| Audit Records (hashed IDs) | 90 days | Yes (automatic) |
| Deletion Request Records (hashed) | 3 years | Yes (automatic) |
| Guild Settings | While bot is installed | Yes (on bot removal) |
| Trial/Subscription History | Permanent | No (prevents trial abuse) |
| Payment Records (LemonSqueezy) | 7 years | LemonSqueezy’s requirement |
All personal data retention periods are immediately overridden by a !deletedata request.
If you run !deletedata but still have admin/mod permissions, your VIP profile will be automatically recreated when the bot restarts, you change your Discord profile, or role permission changes trigger a VIP scan.
To permanently prevent recreation:
!deletedataCrypGuard Genesis does not knowingly collect data from users under 13 years old. Discord’s Terms of Service prohibit users under 13. If we discover we’ve collected data from a child, we will delete it immediately.
We may update this Privacy Policy to reflect new features, legal changes, or user feedback. Major changes will be announced in our official Discord server and via the bot’s status message.
Continued use of CrypGuard after changes constitutes acceptance.
CrypGuard’s bot infrastructure is hosted within the European Union by Hetzner Online GmbH (Industriestr. 25, 91710 Gunzenhausen, Germany). A Data Processing Agreement (DPA) in accordance with Art. 28 GDPR is in place with Hetzner.
If you are located outside the EU, your data may be transferred to EU servers for processing. We comply with all GDPR requirements for such transfers.
CrypGuard integrates with the following third-party services and data processors:
| Service | Role | Location | Privacy/DPA |
|---|---|---|---|
| Discord API | Bot operation (mandatory) | USA | discord.com/privacy |
| Hetzner Online GmbH | Server infrastructure (VPS hosting) | Germany, EU | DPA signed (Art. 28 GDPR) |
| LemonSqueezy | Payment processing (Sentry Pro) | USA | lemonsqueezy.com/privacy |
| Third-Party AI Services | Real-time threat verification (inference only) | USA | DPA signed (Art. 28 GDPR) • No training on your data |
| PostgreSQL | Secure database engine | Hosted on Hetzner (EU) | N/A (open-source software) |
Each third-party service has its own privacy policy. We are not responsible for their independent data practices.
For privacy questions, data access requests, or deletion inquiries:
Contact: crypguard.com — Get in Touch
Response Time: Within 30 days (per GDPR requirements)
What to include in your request:
We process your data under these legal bases:
The !dismissallow consent-based false positive archive is temporarily unavailable while we review the appropriate legal basis for this processing.
!dismiss <user_id> = full delete, nothing kept. Archive option temporarily unavailable.!deletedata command (immediately anonymizes/deletes all personal data types)Contact: crypguard.com — Get in Touch for data requests