1. Who are we?
SlakBot is a free Discord bot developed and operated by Luca as a private individual (Netherlands). This policy covers the SlakBot Discord bot and the website at slakbot.nl.
Under GDPR I am the data controller. SlakBot is not a legal entity โ it's a hobby project of a private individual.
Contact for privacy requests (in order of preference):
- ๐ง Email:
privacy@slakbot.nl(formal channel, response within 30 days) - ๐ฌ Discord:
luca_046(faster, no guarantee during holidays)
2. What data do we collect?
2.1 Discord user data
When you use SlakBot in a server or log in to the web panel, we store:
- Discord user ID (numeric ID, no email or password)
- Username (to display in mod log, leveling, tickets, etc.)
- Avatar URL (for display in the web panel)
- Server IDs where you are an admin (for proper access)
2.2 Server-specific data
Per Discord server we store:
- Server ID and name
- Configuration settings (channel IDs, role IDs, embed colors, templates)
- Moderation history (warns, kicks, bans, mutes โ including moderator + user)
- Leveling data (XP per user per server)
- Economy data (balance, daily streak)
- Tickets and suggestions
- Custom commands
- Stream goal progress and stream stats (only anonymous aggregates)
2.3 Security data (anti-scam)
For anti-scam protection we store:
- Hashes (SHA-256) of analysed images โ to detect the same scam image without re-scanning
- Scam attempts (user, type, timestamp) for mod-log purposes
Important: OCR scanning runs 100% locally on our server via Tesseract.js. Images are never sent to Google, OpenAI or any other external AI service. We only store a hash, not a copy of the image.
2.4 Web panel data
- Login history (user, IP address, browser, timestamp) โ for security monitoring
- Session cookies (to keep you logged in)
We use no tracking cookies, no Google Analytics, no ad networks and no third-party trackers.
2.5 What we do NOT store
- โ Content of private messages (DMs)
- โ Messages in channels where the bot isn't active
- โ Passwords (we use Discord OAuth โ we never see your password)
- โ Email addresses
- โ Phone numbers
- โ Payment data (nothing to pay for)
3. Why do we collect this data?
We use your data solely to run the bot:
| Data | Purpose |
|---|---|
| User ID + name | Display in mod log, leaderboards, tickets |
| Server config | Bot knows which channels, roles, templates to use |
| Warnings + mod log | Mods can review history |
| Leveling XP | Calculate levels, show /rank and /top |
| Economy balance | Power /daily, /balance, /shop |
| Login log | Bot owner sees who logs into the panel (security) |
| Image hashes | Anti-scam: scan same image only once |
4. Who do we share data with?
We never share your personal data with third parties for commercial purposes.
| Sub-processor | Purpose | Data sent |
|---|---|---|
| Discord Inc. (US) Privacy | Bot platform โ to execute commands and post messages | User ID, server ID, message content (bot responses) |
| EU host | Server hosting โ where bot + database runs | All data stored on this EU server (encrypted disk) |
| YouTube/Twitch/TikTok | Stream alerts | Channel handle you configure (public) |
5. Your GDPR rights
Under GDPR you have the right to:
- Access โ request a copy of all data we have about you
- Rectification โ request correction of incorrect data
- Erasure โ request deletion ("right to be forgotten")
- Portability โ receive your data in a machine-readable format
- Object โ object to processing
- File a complaint with the Dutch DPA (Autoriteit Persoonsgegevens)
Send requests to privacy@slakbot.nl. We aim to respond within 14 days, max 30 days as per GDPR.
6. Retention
- Active server data โ kept as long as the bot is in your server
- After bot removal โ deleted within 90 days
- Mod log โ kept up to 2 years (per typical legal retention norms)
- Login log โ kept 6 months for security
- Image hashes โ kept 12 months
7. Security
- EU VPS with encrypted disk
- HTTPS everywhere (TLS 1.3)
- Discord OAuth โ we never see your password
- Regular backups (encrypted)
- Security disclosure:
security@slakbot.nl/ security.txt
8. Children
SlakBot follows Discord's terms โ minimum age 13 (16 in some EU countries). We don't knowingly process data from children below that age. Found a child using our service? Email privacy@slakbot.nl and we'll delete.
9. Changes to this policy
If we change this policy materially, we'll announce it in our Discord support server and via this page (with a new version number at the top).
10. Questions
Email privacy@slakbot.nl or DM @luca_046.