Privacy Policy

1. Information We Collect

Karen collects the minimum data necessary to operate: Discord user IDs, guild IDs, and moderation action records. We do not collect message content unless explicitly required by a command you invoke (e.g., snipe).

When you authenticate via Discord OAuth, we store an encrypted access token used solely to retrieve your guild membership list for the dashboard. We do not read your DMs, messages, or any data beyond what Discord's API exposes to bot integrations in servers where Karen is installed.

2. How We Use Your Data

Data is used exclusively to provide Karen's moderation and security features:

• Enforcing moderation actions (bans, kicks, timeouts)
• Maintaining audit logs for server administrators
• Identifying no-prefix users for command access
• Providing the live dashboard experience

3. Data Retention

Audit log entries are retained for 90 days by default. Guild owners may request earlier deletion via the dashboard. OAuth tokens are rotated automatically and expired when you log out.

4. Data Sharing

We do not sell, rent, or share your data with third parties. Data is stored on infrastructure we control and is not accessible to external advertisers or analytics platforms.

5. Security

OAuth tokens are encrypted at rest using AES-256-GCM. Database connections are TLS-encrypted. Access to production infrastructure is restricted to authorized personnel only.

6. Your Rights

You may request deletion of your data at any time by contacting us or using the dashboard's account deletion flow. Guild owners can request full server data purge independently.

7. Contact

Questions about this policy? Reach us via our support server or at the contact information listed in our Discord server profile.