Privacy Policy

Effective date: June 21, 2025

Your messages should be private

We believe you should be able to talk without compromising your privacy. But to provide effective AI moderation with Watchtower, we sometimes need to analyze message content — like checking for toxicity or harmful behavior.

Here's how Watchtower works: your server data is stored securely on our servers in Europe. When Watchtower analyzes a message for moderation, only the message content is briefly sent to our trusted AI partners (Jigsaw and OpenAI). These partners analyze the content and return moderation scores in seconds, helping keep your server safe.

Our goal is to keep your data secure while keeping your server protected.

Privacy by design

Watchtower is built to protect your data. These four principles guide everything we do:

1. Your data stays minimal.
   We only collect what's necessary: server IDs, user IDs for moderation actions, and server configurations. Message content is never stored by Watchtower — it's only sent for analysis and then discarded.
2. Your data is only shared when needed.
   When a message needs moderation analysis, we only send the message content to our AI partners (Jigsaw and OpenAI). They are instructed not to store your data — we have have an agreement with Jigsaw to not store your messages, and OpenAI doesn't store data from their moderation endpoint. Analysis happens in real-time for safety.
3. You can control your data.
   Server administrators can configure Watchtower's settings or remove the bot entirely. Moderation logs are automatically deleted after a few days. You can request data deletion by contacting us, and we'll process it promptly.
4. Your data is not for sale.
   We will never sell your personal data. Period. We only use it to provide accurate and helpful moderation for your Discord server.

When we analyze messages

Message content is analyzed in real-time when Watchtower's AI moderation features are triggered. This helps us identify potentially harmful content like toxicity, harassment, or spam. We really appreciate your trust, and take extra steps to maintain your privacy throughout the process.

Here's how it works:

• When message content is analyzed, it's sent to AI partners but never stored by Watchtower or the AI services.
• Only moderation results are kept temporarily in memory to inform moderation decisions.
• Moderation logs are automatically deleted from our servers after a few days.
• Watchtower avoids processing messages from sensitive contexts when possible.

As your server uses Watchtower, you remain in control. Server administrators can adjust moderation settings or remove the bot at any time in Discord's server settings.

Want the full details? Read our full Privacy Policy below.

Questions? Don't hesitate to reach out at wok-unsigned-wool@duck.com

Welcome to Watchtower! This privacy policy explains how Watchtower ("we," "us," "our") collects, uses, shares, and protects information in relation to our Watchtower Discord bot ("bot," "service"). This privacy policy should be read in conjunction with our terms of service. By adding Watchtower to your Discord server or using its commands, you agree to the collection and use of information in accordance with this policy.

1. Who we are

All data for the Watchtower bot is controlled by Tiago Rangel. If you have any questions about this privacy policy or our data practices, please contact us using the email above.

2. Information we collect

We collect certain information to provide and improve the Watchtower service. The information we collect includes:

• Server information:
  • Server ID: We collect the Discord server ID when Watchtower is added to a server. This is necessary to associate bot configurations and operations with the correct server.
  • Server configurations: Any settings you configure for Watchtower on your server (e.g., moderation thresholds, enabled features, log channels) are stored to ensure the bot functions as you've customized it.
• User information:
  • User ID: We collect Discord user IDs of individuals interacting with or affected by the bot's moderation features. This is used to apply moderation actions correctly and to log such actions.
  • Record of previous automated moderation actions: We store a record of automated moderation actions taken by the bot concerning a user ID. This helps in contextualizing future moderation decisions and providing a moderation history.
• Message content (for moderation):
  • Watchtower itself does not store the content of user messages on its own servers.
  • For its AI moderation features, full message content is sent for analysis to:
    • Perspective API (Google/Jigsaw): We use the Perspective API to analyze message content for potential toxicity or harmful content. doNotStore is set to true for these requests, instructing Perspective API not to store the message content. You can learn more about Google's privacy practices here
    • OpenAI moderation endpoint: We use OpenAI's moderation endpoint to analyze message content. OpenAI's policy states they do not store data sent to their moderation endpoint. You can learn more about OpenAI's privacy practices here
  • The analysis results from these services (e.g., a toxicity score, flags) are used by Watchtower to determine if moderation action is needed.
• Moderation action logs:
  • When Watchtower takes a moderation action (either automatically via AI or based on server configuration), we log the following:
    • The user ID of the user affected.
    • The reason for the action (e.g., AI trigger, specific rule violated).
    • The timestamp of the action.
  • This information is stored in our database to provide the service (e.g., for server administrators to review moderation history).
• IP address hashing (for anti-raid):
  • To help protect servers from coordinated malicious activity (raids), we may collect user IDs and process associated IP addresses to generate and store a cryptographic hash of the IP address.
  • This hashed IP data, linked with user IDs, is used solely for the purpose of identifying and mitigating raid activity.
  • Raw IP addresses are not stored by Watchtower. The hashing process is non-reversible.
• Commands and interactions:
  • We do not log the specific command strings users input to interact with Watchtower (e.g., configuration commands). However, actions resulting from commands that lead to moderation are logged as described under "moderation action logs."

3. How we use your information

We use the information we collect for the following purposes:

• To provide and maintain the service: To operate Watchtower's automatic AI moderation features, apply server-specific configurations, and ensure the bot functions as intended.
• To enforce server rules: To automatically detect and act upon content or behavior that violates configured server rules or general safety guidelines, based on AI analysis and server settings.
• For server administration: To allow server administrators to view moderation logs and understand actions taken by the bot.
• For security and anti-raid: To protect servers from abuse, such as spam, raids, or other malicious activities, including through the use of IP address hashing.
• To improve the service: While raw message content is not stored by us, aggregated or anonymized insights from moderation actions may help us understand common issues and refine the bot's effectiveness (though this is not the primary use of individual data points).

Our legal basis for processing this data is primarily our legitimate interest in providing a functional, secure, and effective moderation bot, and to fulfill our service obligations to users who add the bot to their server.

4. How we share your information

We do not sell your personal information. We share information only in the following limited circumstances:

• With third-party AI service providers:
  • As detailed in section 2, full message content is sent to Perspective API (Google/Jigsaw) and OpenAI's moderation endpoint for analysis. This sharing is solely for the purpose of enabling the AI moderation features of Watchtower. Both services are instructed not to store the message content (Perspective via the doNotStore=true flag, and OpenAI by their policy for the moderation endpoint). We are not responsible for the privacy practices of these third parties, and we encourage you to review their privacy policies linked in section 2.
• With server administrators:
  • Moderation logs (including the affected user ID, reason, and timestamp) are accessible to the administrators of the Discord server where the action occurred. This is essential for server management and transparency. Server configurations are also inherently tied to the server.
• For legal reasons:
  • We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to: comply with a legal obligation (e.g., a subpoena or court order); protect and defend our rights or property; prevent or investigate possible wrongdoing in connection with the service; protect the personal safety of users of the service or the public; or protect against legal liability.

Watchtower is self-hosted on a server located in the jurisdiction of Portugal. Beyond the AI service providers mentioned above, we do not share data with other third-party hosting services for the primary storage of bot data.

5. Data storage, security, and retention

• Data storage location: Data collected and managed directly by Watchtower (such as server configurations, moderation action logs, and IP hashes) is stored on a self-hosted server located in the jurisdiction of Portugal.
• Data security: We take reasonable measures to protect the information we store from loss, misuse, unauthorized access, disclosure, alteration, and destruction. As Watchtower is open-source, its code is available for public review, which can contribute to identifying and addressing security vulnerabilities. However, no internet-based service is 100% secure, and we cannot guarantee absolute security.
• Data retention: We retain data for the following periods:
  • Server configurations: Retained as long as Watchtower is on your server, or until you request deletion of specific configurations.
  • Moderation action logs (including user ID, reason, timestamp): Retained for approximately 1 to 7 days to allow server administrators adequate time for review and then automatically deleted.
  • IP hashes (linked to user IDs for anti-raid): Retained as long as necessary for active anti-raid protection or for a period aligning with moderation action logs if an action results from this data (typically 1 to 7 days).
  • User IDs and associated past moderation actions (as a general record): Retained in line with the moderation action logs to provide context for ongoing moderation.

6. Your data protection rights

Depending on your location (particularly if you are in the European Economic Area - EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data.

• Right to access: You have the right to request copies of your personal data that we hold.
• Right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• Right to erasure (right to be forgotten): You have the right to request that we erase your personal data, under certain conditions. For example, moderation logs are automatically deleted after a short period, but you can request earlier deletion.
• Right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• Right to object to processing: You have the right to object to our processing of your personal data, under certain conditions, particularly where we rely on legitimate interests as our legal basis.
• Right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us at wok-unsigned-wool@duck.com . We may need to verify your identity before responding to such requests. Please note that some data may be exempt from such requests if we have a legal right or obligation to retain it (e.g., to maintain the integrity of server moderation logs for the brief period they are kept, or for security purposes).

7. Children's privacy

Watchtower is not intended for use by individuals under the age of 13 (or the applicable minimum age requirement in your jurisdiction and as per Discord's terms of service). We do not knowingly collect personally identifiable information from children under this age. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

8. International data transfers

While Watchtower's primary data storage is in Portugal (EEA), the use of third-party AI services (Perspective API by Google and OpenAI moderation endpoint) involves the transfer of message content to these providers, which may operate servers outside of the EEA (e.g., in the United States).

These transfers are necessary for providing the AI moderation features of the bot. Google and OpenAI have their own measures in place to ensure that data transferred internationally is protected in accordance with applicable data protection laws (e.g., through standard contractual clauses or other approved transfer mechanisms). By using Watchtower, you acknowledge that your message content will be processed by these services as described.

Encryption (HTTPS) is used for data in transit to these services.

9. Changes to this privacy policy

We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on the dedicated webpage where this policy is hosted. We will update the "effective date" at the top of this privacy policy.

You are advised to review this privacy policy periodically for any changes. Changes to this privacy policy are effective when they are posted on this page. Your continued use of the bot after any modifications to the privacy policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified privacy policy.

10. Contact us

If you have any questions about this privacy policy, please contact us using the email at the top of this page.