Invincibot (“the Bot”) is a Discord application operated for a single community server. It provides moderation tools, community rewards, and economy integrations. This policy explains what information the Bot processes, why, how long it is kept, and what choices you have.
By using the server where Invincibot is installed, you may be affected by this policy when you interact with features the Bot provides.
Who operates the Bot
Invincibot is operated by the server moderation team for the community where it is deployed. The Bot is not a public multi-server product.
For privacy questions or data requests, contact the server moderation team through the community’s designated support or moderation channel.
Information we process
Information stored in our database
| Data | Why we process it | Where it is stored |
|---|---|---|
| Discord user IDs | Tie rewards, reports, strikes, and subscriptions to the correct account | SQLite (bot_database.db) |
| Daily message counts | Activity leaderboard and end-of-day rewards | SQLite (daily_activity) |
| VC session records (user ID, channel ID, join/leave timestamps, duration) | VC activity stats and historical session logging | SQLite (vc_sessions) |
| Weekly VC time totals | VC activity leaderboard and weekly rewards | SQLite (vc_activity) |
| Report records (message ID, channel ID, status, timestamps) | Moderation report workflow | SQLite (reports) |
| Reporter user IDs | Track who reported a message and whether they retracted | SQLite (reporters) |
| Subscription month counts and last reward date | Premium role reward tracking | SQLite (subscriptions) |
| Link-ban strike count and date | Moderation enforcement for banned invites | SQLite (link_strikes) |
| Audit event records (user IDs, action type, success/failure, metadata) | Persistent record of bot enforcement and economy actions for mod review | SQLite (audit_events) |
Information processed but not permanently stored
| Data | Why we process it | Retention |
|---|---|---|
| Message text in guild channels | Scan for banned Discord invite links (discord.gg/..., etc.) |
Processed in memory during the check; not stored as message text — if a banned invite is detected, the invite code and enforcement action are recorded in the moderation log channel and in the audit database |
| Reported message text | Shown to moderators in a review embed when a member reports a message | Stored in the mod-channel embed until the report is resolved or dismissed |
| Message attachments / embed URLs | Included in mod report embeds when present | Same as reported message text |
| Member role information | Verify moderator permissions and premium/boost status | Read from Discord at interaction time; role membership used from cache where available |
| Discord system message metadata | Detect boosts and premium subscription purchases | Used to trigger rewards; payout outcomes are recorded in the audit database |
| Profile picture images | Detect spoiler content in user avatars (PFP block automod) | Fetched temporarily to compute a perceptual hash; the image itself is not stored — only the hash comparison result and, on a match, the matched hash and user ID are logged to the mod alert channel and audit database |
Audit log
When the Bot takes an enforcement or economy action, it writes a record to the audit_events table in the local database. Each record includes:
- The module responsible (e.g.
pfpblock,linkban,boosts,subscriptions,reporting,activity,vc) - The action taken (e.g.
flag_user,ban,payout,resolved) - The Discord user ID of who triggered the action (moderator or bot)
- The Discord user ID of the affected member (where applicable)
- Whether the action succeeded
- Relevant metadata in JSON (e.g. invite code, matched image hash, coin amount, report ID)
Audit records are queryable by server moderators via the /audit slash command. They are not shared publicly.
Configuration data
| Data | Purpose |
|---|---|
| Banned invite codes | Block known malicious or unwanted invite links |
| Forbidden image hashes | Block profile pictures that contain show spoilers (stored in data/pfpblock_hashes.json) |
| Channel and role IDs | Route bot features to the correct server locations |
What we do not collect
- We do not log or store general chat messages.
- We do not read message content for activity tracking (only message frequency is counted in allowed channels).
- We do not use message content for command parsing (all commands are slash commands).
- We do not record voice or video audio. For VC rewards we only store which voice channel you joined, when you joined and left, and how long you were connected (no audio, mute/deafen state, or presence/online status).
- We do not sell user data.
- We do not use data for advertising or profiling.
Discord privileged intents
Invincibot requests only the privileged intents it needs:
Message Content Intent
Used to:
- Link-ban moderation: Read message text to detect banned Discord invite links and take moderation action.
- User reports: Include reported message text in moderator review embeds.
Not used for general logging, analytics, or command parsing.
Guild Members Intent
Used to:
- Verify moderator roles before staff commands and report payouts.
- Check premium role membership for subscription rewards.
- List cached boosters and apply moderation actions (ban/timeout).
- PFP block automod — detect when a member joins or changes their avatar, fetch the avatar image temporarily to compute a perceptual hash, and compare it against a list of known spoiler panel hashes. No image data is stored.
Not used to bulk-download entire server member lists.
We do not request the Guild Presences intent.
Third-party services
Discord
The Bot runs on Discord’s platform. Discord processes data according to Discord’s Privacy Policy. We receive data from Discord’s APIs only as needed to operate the Bot.
UnbelievaBoat
Economy rewards (activity, reports, subscriptions, boosts) are paid through the UnbelievaBoat API. We send Discord user IDs and coin amounts to UnbelievaBoat so balances can be updated. UnbelievaBoat’s handling of that data is governed by their own policies.
We do not share message content with UnbelievaBoat.
How we protect data
- Bot credentials (
DISCORD_BOT_TOKEN,UNB_API_TOKEN) are stored in environment variables, not in the repository. - The database and data files are stored on the server host running the Bot, not in public cloud analytics systems.
- Access to stored data is limited to the bot operator and authorized moderators (via in-server tools like
/subscriptions lookup).
No system is perfectly secure. If you believe there has been unauthorized access, contact the moderation team promptly.
Data retention
| Data type | Retention period |
|---|---|
| Daily activity counts | Reset at midnight UTC each day |
| Link-ban strikes | Decay after 90 days without a new strike (configurable) |
| Report records | Kept until manually cleared or the database is reset |
| Subscription records | Kept while needed to track reward eligibility |
| Audit event records | Kept until manually cleared or the database is reset; no automatic expiry |
Forbidden image hashes (pfpblock_hashes.json) |
Kept until a moderator removes them via /pfpblock remove |
| Moderation log embeds in Discord | Governed by Discord’s message retention and server settings |
We aim to keep identifiable data only as long as needed for the purpose it was collected.
Your choices and data deletion
You may request information about or deletion of data the Bot stores about you.
How to request:
- Contact the server moderation team through the community’s support or moderation channel.
- Provide your Discord user ID (or sufficient information for moderators to identify your account).
- Describe what you are requesting (access, correction, or deletion).
What we can delete:
- Your rows in
daily_activity,subscriptions,link_strikes, andreporterstables. - Your rows in
audit_eventswhere you are the target (subject to the exception below). - Subscription and activity history tied to your user ID.
What may remain:
- Moderation records (including audit events) may be retained if needed for ongoing investigations or server safety.
- Messages and embeds already posted in Discord channels are controlled by Discord and server log settings, not the Bot’s database.
- Economy balances on UnbelievaBoat are managed separately through that service.
Moderator access to audit data:
Server moderators can query audit events using the /audit slash command (filtered by user, module, or recent history). This data is visible only to users with a moderator role in the server.
We will respond to reasonable requests within a practical timeframe (typically within 30 days).
Children’s privacy
The Bot is intended for use within a Discord community subject to Discord’s Terms of Service and minimum age requirements. We do not knowingly collect information from children under the minimum age required by Discord or applicable law.
International users
The Bot may be used by community members in different countries. Data is processed on the server where the Bot is hosted. By using the community server, you understand that data may be processed in that location.
Changes to this policy
We may update this policy when the Bot’s features or data practices change. The “Last updated” date at the top will be revised. Significant changes may be announced in the community server.
Continued use of Bot features after an update constitutes acceptance of the revised policy.
Contact
For privacy questions, data access requests, or deletion requests:
Contact the server moderation team through the community’s designated support or moderation channel.