Last updated: March 26, 2025
This Privacy Policy explains how SaferChatAI (the "Bot" or "Service") collects, uses, and protects your personal data. We process data in accordance with the General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG), and all other applicable data protection laws.
Responsible for data processing:
Anton Eitenbichler
Dreiheiligenstraße 9
6020 Innsbruck
Austria
Email: [email protected]
SaferChatAI is a Discord bot that helps moderate communities by analyzing messages for potentially harmful content. The bot uses artificial intelligence (AI) to detect toxicity, hate speech, self-harm language, NSFW content, spam, and piracy.
The bot is installed by Discord server administrators. When active on a server, it processes messages sent by users in that server.
We do not collect IP addresses, device information, or other technical connection data beyond what is necessary for the bot to function through Discord's API.
Important Warning About Sensitive Data:
We do not intentionally collect special categories of personal data under GDPR Article 9 (health data, racial or ethnic origin, political opinions, religious beliefs, biometric data, etc.). However, because users can write anything in their messages, such sensitive data could be included.
Do not include sensitive personal data in your messages. If you do include such data, it may be processed as part of the moderation system. By using servers where SaferChatAI is active, you acknowledge this risk.
Purpose: To detect and report potentially harmful content to server moderators.
Legal basis: Legitimate interest (GDPR Article 6(1)(f)). Our legitimate interest is providing server administrators with an effective moderation tool to create safer communities. Server administrators have a legitimate interest in protecting their communities from harassment, hate speech, and other harmful content.
Purpose: To analyze messages using AI that considers conversation context, reducing false positives compared to simple keyword filtering.
Legal basis: Legitimate interest (GDPR Article 6(1)(f)). Context-aware moderation benefits both server operators and users by reducing incorrect flags.
Purpose: To store messages flagged as problematic for moderator review and documentation.
Legal basis: Legitimate interest (GDPR Article 6(1)(f)). This allows moderators to review and respond to potential violations, and provides accountability for moderation decisions.
Purpose: To use feedback (especially false positive reports) to improve AI accuracy and adapt to specific community cultures.
Legal basis: Legitimate interest (GDPR Article 6(1)(f)). Improving accuracy benefits all users by reducing false flags.
Purpose: To detect self-harm language and provide crisis resources to users while alerting moderators.
Legal basis: Legitimate interest (GDPR Article 6(1)(f)) in connection with protecting vital interests. This serves to protect users' physical and mental wellbeing.
To perform AI-powered content analysis, we use services from OpenAI, L.L.C. (San Francisco, California, USA). Messages that need analysis are sent to OpenAI's API for processing.
Data transmitted: Message text, context messages, technical metadata.
Purpose: AI-powered content analysis.
Data retention by OpenAI: According to OpenAI's published policies, API data is retained for 30 days for abuse monitoring and is not used to train AI models. This policy may change - refer to OpenAI's documentation for current information: https://openai.com/policies/data-processing-addendum/
International transfer: See Section 6.
SaferChatAI operates as a Discord bot, meaning it relies on Discord's platform infrastructure. Discord Inc. (San Francisco, California, USA) processes user data independently as the platform operator.
Note: Discord's data processing is governed by Discord's own privacy policy, available at: https://discord.com/privacy. We do not control how Discord processes data and are not responsible for their data practices.
Server administrators and moderators can access flagged messages and moderation data through the moderation dashboard. They are responsible for their own use and handling of this data on their servers.
We use third-party hosting services to operate our infrastructure. These providers act as data processors and are contractually obligated to process data only according to our instructions.
We may disclose data to law enforcement or government authorities when legally required or to protect our legal rights.
We do not sell, rent, or otherwise share your personal data with third parties beyond what is described above.
Data processed through OpenAI and Discord is transferred to servers in the United States. The USA is considered a third country without an adequacy decision from the European Commission under GDPR Article 45.
Legal basis for transfer: OpenAI and Discord are certified under the EU-U.S. Data Privacy Framework (DPF), which the European Commission recognizes as providing adequate protection for data transfers to the USA.
Despite protective measures, there is a residual risk that U.S. authorities may access data under certain circumstances. We have assessed this risk and believe the transfer is lawful given the protections in place and the limited scope of processing.
SaferChatAI uses artificial intelligence (Large Language Models) to automatically analyze message content. The AI assesses whether a message potentially violates community guidelines and categorizes it.
By default, SaferChatAI does not make automated moderation decisions. It reports potentially problematic content to server moderators, who then make human decisions.
Optional auto-delete: Server administrators can optionally enable automatic deletion of flagged messages. When this feature is enabled, messages may be deleted immediately upon detection without human review. This is not the default setting.
No other automated actions (warnings, timeouts, bans) are performed by the bot. These decisions are always made by human moderators.
AI analysis is not perfect. False positives (incorrect flags) and false negatives (missed violations) can occur. The AI considers message content and conversation context to improve accuracy.
You have the right to request human review of any AI decision and to express your perspective. Contact the server moderators or us at the address in Section 1.
Messages that the system considers harmless are not permanently stored. They are processed in real-time for analysis and then discarded.
Messages flagged as potentially problematic are stored in our database for up to 90 days from the time they are flagged, unless:
After 90 days, flagged messages are automatically deleted from our systems.
Note: Flagged messages are also posted to the server's moderation channel on Discord. These messages remain in Discord according to Discord's own retention practices and the server's settings. We do not control deletion of messages within Discord channels.
According to OpenAI's published policies, API data is retained for 30 days and then automatically deleted. This policy is set by OpenAI and may change - refer to their current documentation.
Aggregated, anonymized statistics (e.g., number of flagged messages per category, false positive rates) may be stored permanently as they cannot identify individuals.
We implement appropriate technical and organizational measures to protect your personal data:
Under GDPR, you have comprehensive rights regarding your personal data. You can exercise these rights at any time by contacting us at the address in Section 1.
You have the right to obtain confirmation of whether we process your personal data and, if so, to receive information about that data and additional details about the processing.
You have the right to request correction of inaccurate personal data and completion of incomplete data.
You have the right to request deletion of your personal data when:
The right to erasure does not apply when processing is necessary for exercising the right of freedom of expression, complying with legal obligations, or establishing, exercising, or defending legal claims.
You have the right to request restriction of processing when:
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller, where processing is based on consent or contract and carried out by automated means.
You have the right to object at any time to processing of your personal data based on legitimate interest (GDPR Article 6(1)(f)).
If you object, we will no longer process your data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.
How to exercise this right: If you do not want your messages analyzed on servers where SaferChatAI is active, you should leave those servers or request that the server administrator remove the bot. Individual opt-out from processing while remaining on the server is not currently possible.
Where processing is based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
You have the right to lodge a complaint with a data protection supervisory authority. The supervisory authority responsible for us is:
Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
Austria
Phone: +43 1 52 152-0
Email: [email protected]
Website: https://www.dsb.gv.at
You may also contact the supervisory authority in your country of residence or workplace.
SaferChatAI processes content freely written by users. We have no control over what information users include in their messages. While our system is designed to detect problematic content, we cannot guarantee that all potentially harmful or privacy-sensitive content will be identified.
Important reminders:
SaferChatAI is a Discord bot and uses Discord's platform as its technical foundation. Use of Discord is subject to Discord Inc.'s Terms of Service and Privacy Policy. We have no control over Discord's own data processing.
Discord Inc. processes your data as an independent controller. Information about Discord's data processing is available in their privacy policy: https://discord.com/privacy
Our service is not directed at persons under 16 years of age. We do not knowingly collect personal data from children under 16. Discord's minimum age requirement is 13 years (in the EU: 16 years or with parental consent).
If you are a parent or guardian and believe your child has provided us with personal data without consent, please contact us immediately so we can delete it.
We do not create user profiles for advertising or marketing purposes. Data processing is solely for the moderation and system improvement purposes described in this privacy policy.
We reserve the right to update this privacy policy to reflect changes in legal requirements, technical developments, or changes to our service. The current version is always available on our website.
For significant changes affecting your rights, we will notify you appropriately (e.g., through a notification on Discord or our website). We recommend reviewing this privacy policy regularly.
The effective date of this privacy policy is stated at the beginning of this document.
For questions about processing of your personal data, to exercise your rights, or for data protection inquiries, please contact:
Anton Eitenbichler
Dreiheiligenstraße 9
6020 Innsbruck
Austria
Email: [email protected]
We will respond to your request promptly and within one month of receipt. In complex cases, this period may be extended by up to two additional months, and we will inform you of any extension and the reasons for it.