# Privacy Policy
Last updated: June 30, 2026# Table of Contents
# Introduction
Panoptes is a Discord app that helps communities detect and remove image-based spam. To do that, we need to process images that people send in servers where the bot is installed.
This Privacy Policy explains what data we collect, how and why we handle it, how long we keep it, and the choices available to you.
# The data we collect
We collect the following data:Image content. Panoptes processes images from messages in servers where it has been added. The bot does not process direct messages, and does not collect or process any message text or non-image content.
Guild Information. To provide moderation features, we store information about the servers where Panoptes is installed (namely guild names and IDs) and server-specific configuration which can contain server role IDs.
Temporary Operational Data. To help moderators deal with spam campaigns, the bot temporarily stores message and channel IDs for up to 24 hours. This allows it to quickly locate and remove other spam messages sent by the same account within a short period of time.
We also temporarily cache attachment URLs in memory to avoid downloading the same image multiple times. This cache exists only for performance reasons and isn't used to track users or build a history of their activity.
# What We Don't Do
We do not:
- process or store any text content or other non-image content found in messages
- sell or share your data with advertisers
- send images to third-party AI or image analysis services
- build user profiles
- track users across Discord servers
All image processing is performed on infrastructure that we operate within the European Union.
# Why We Process This Information
We process information only to operate and improve Panoptes.
This includes:
- detecting known spam images
- identifying similar spam images
- removing spam more effectively
- allowing moderators to report spam
- improving detection accuracy over time
# Data Retention
We retain collected information until we determine it is no longer needed for the processing purposes for which we collected or retain it or for legal compliance. For each type of information, we set these data retention periods based on the reason for its collection:
To detect spam. We keep non-reversible fingerprints generated from processed images, for as long as they're useful for detecting spam and improving said detection. We also may keep image content, depending on the following:
- If a processed image is not identified as spam, the image is discarded immediately, while any fingerprints are kept.
- If a processed image is identified as spam, a downscaled version of said image may be kept for up to 7 days, to further improve our services.
- To provide moderation features. We keep user & message IDs to support quick deletion of messages sent by flagged spam users. Guild, role, and user IDs are also stored to provide relevant server configuration around moderation actions, which is kept until they are no longer needed to provide the service to a given guild.
- To operate the service. Operational logs are generally retained for no longer than 30 days. Temporary in-memory caches, such as attachment URLs used to avoid repeated downloads, are kept only as long as needed for normal operation.
# Third Parties
- We don't share or sell any data collected or processed by us with third parties.
- All processing is performed on infrastructure that we operate ourselves.
- We may disclose information if required to comply with applicable law or a valid legal request.
# Your Choices
Server administrators can remove Panoptes from their server at any time, which stops the bot from processing new messages in that server.
If you believe an image has been incorrectly identified as spam, or you have questions about information we may hold, you can contact us using the email address below.
Where reasonably possible, we'll review requests to remove incorrectly flagged images or other stored information. Because Discord attachments may no longer be available after a message has been deleted, we encourage you to contact us as soon as possible if you believe a mistake has been made.
# Contact
If you have questions about this Privacy Policy or would like to make a privacy-related request, you can contact us at: privacy at alanp dot me
# GDPR
If you are a resident of the European Union, United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data. In this event, please refer to our GDPR Privacy Notice, as it applies to you too.
# Changes to This Policy
We may update this Privacy Policy from time to time as Panoptes evolves or as legal requirements change.
When we make material changes, we'll update the "Last updated" date at the top of this page.