Privacy Policy

kesarAI is a Discord bot and operates inside Discord servers that have explicitly invited it. The information we process is the minimum needed to run the requested feature.

Collected automatically

• Guild metadata— numeric guild IDs, channel IDs, role IDs, and the names attached to them, so configuration can be displayed and applied.
• User identifiers— numeric Discord user IDs used for permission checks, per-user AI rate limits, and audit trail attribution.
• Command invocations— the slash command invoked, the channel it was used in, and the timestamp.

Collected only when relevant

• Message content is read on demand for features such as /summarise, /fallacy, and /modadvice. It is forwarded to the configured AI backend, used to produce the response, and not retained beyond that exchange except where audit logging is explicitly enabled.
• Audit events— moderation actions, member joins and leaves, and AI usage events are written to audit.db when the corresponding category is enabled for your guild.

We use collected information to provide the features you request, to enforce per-user and per-guild rate limits, to maintain an auditable record of moderation actions, and to prevent abuse of the AI surface.

We do not sell user data, we do not use it to train external models, and we do not build cross-server profiles of individual Discord users.

Persistent data lives in SQLite databases on our hosting infrastructure:

• config.db— guild configuration (channel mappings, role grants, feature toggles).
• audit.db— audit trail events, subject to the retention policy configured per guild.
• spy_index.db— opt-in member-screening index, available only to the bot owner for cross-server safety checks.

Audit retention defaults to a rolling window, and server administrators can shorten or lengthen it. Deleted configuration is purged on a routine schedule. When the Bot is removed from a guild, its configuration becomes eligible for deletion after a short grace period.

The Bot relies on two upstream services to function:

Discord API

All bot activity flows through the official Discord API. Discord’s own Privacy Policy governs how Discord itself handles message data, identifiers, and server membership.

Google Gemini API

AI-assisted commands send prompts — which may include message content scoped to the request — to the Google Gemini API. Google’s handling of those requests is governed by their Gemini API terms and associated privacy documentation. We do not enrol the Bot in model-training programmes.

Avoid sharing information through AI commands that you would not paste into a third-party service.

Depending on your jurisdiction, you may have rights to access, correct, export, or delete personal data we hold about you. To exercise these rights, contact us through the support channels listed below with enough information to identify the relevant Discord user ID and guild.

Server administrators can clear audit logs and configuration for their own guild via the Bot’s built-in controls. End users who wish to be removed from a guild’s audit history should contact that guild’s administrators in the first instance.

The Bot itself does not set cookies — it operates entirely within Discord. This marketing website may use a minimal set of first-party analytics to understand aggregate traffic patterns. We do not run third-party advertising trackers.

The Bot is intended for use on Discord, which requires users to be at least 13 years old (or the higher minimum age specified by their jurisdiction). We do not knowingly collect data from users below that age. If you believe a minor has interacted with the Bot in a way that requires intervention, please contact us so we can act.

We may revise this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and, for material changes, announce the update through the Bot’s official support server.

For privacy questions, data-subject requests, or security reports, reach out via the kesarAI support server linked from the project’s docs. We aim to respond to privacy inquiries within a reasonable timeframe.