Privacy Policy

All data is stored on our own servers, accessible only to members of our administration team. Our use of self-developed or open source programs ensures transparency and accountability.

We do not use any tracking or analytics cookies. The Baxi Dashboard uses a single session cookie (session) solely to maintain your login state after authenticating with Discord. This cookie contains no personal data beyond a session identifier and is deleted when you log out.

We try to develop as much as possible ourselves, and only use open source software where necessary. We do not give away, sell or share any of the data we process or collect with third parties.

The majority of data processing by Baxi is based on our legitimate interest in providing a functioning, secure Discord bot service. This includes storing guild and user IDs to associate settings with the correct server, and logging moderation actions to ensure transparency for server administrators.

Processing required to provide specific features that a server administrator has explicitly enabled - such as the chat filter, global chat, or welcome messages - is based on the performance of the service agreement between Avocloud and the server administrator.

Avocloud.net is operated from Austria. All data processing is subject to Austrian law and, where applicable, the General Data Protection Regulation (GDPR / DSGVO) of the European Union.

• Right to Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may ask us to correct inaccurate or incomplete data.
• Right to Erasure: You may request deletion of your personal data, subject to certain exceptions.
• Right to Restriction: You may ask us to stop processing all or some of your personal data.
• Right to Data Portability: You may request a copy of your data in a machine-readable format.

To exercise any of these rights, contact us at support@avocloud.net. We will respond to all legitimate requests within 30 days.

The following types of data may be processed, depending on which features are active on your server:

• User IDs
• Guild IDs
• Message IDs and content (in specific contexts)
• Attached files (in specific contexts)
• Trust scores and moderation event history (Prism)
• Ticket transcripts (if ticket system is enabled)

If the chat filter deletes a message, a log entry is created containing the username, message content, guild name, and relevant IDs. These logs are accessible to server moderators via a secure access link. All processing is performed exclusively on our own servers. No data ever leaves the Avocloud network.

For messages sent in global chat channels, we store the Message ID, Guild ID, and Author ID. Attached images are uploaded to our servers and served via a randomly generated link.

Actions taken via the dashboard are logged and visible to the guild owner for transparency. These logs help server administrators track configuration changes.

Baxi automatically deletes log data after 30 days. This applies to:

• Chat filter log entries (deleted message records)
• Global chat message data (message and reply tracking)
• Ticket transcripts

Prism trust profiles are retained for as long as the user interacts with servers using Baxi. Profiles can be deleted upon request by contacting us.

Deletion is performed automatically by an internal garbage collector that runs daily. Server configuration data (e.g. bot settings, enabled features) is retained for as long as Baxi remains in the respective server and is deleted upon request.

Prism is Baxi's network-wide user trust scoring system. It assigns each user a score between 0 and 100 based on moderation events (e.g. warnings, kicks, bans, filter violations). Prism profiles are created automatically when a user first interacts with Baxi. The following data is stored per user:

• User ID
• Trust score (0–100)
• Moderation event history (event type, severity, timestamp, guild ID)
• Risk signals (account age, velocity bursts, multi-server violations)

Prism is strictly a moderation tool - not a profiling or surveillance system. It exclusively records moderation actions taken by server staff or automated filters (e.g. a warning, kick, or ban). It does not monitor, analyse, or store:

• Message content, attachments, or communication patterns
• User relationships, friend lists, or social graphs
• Activity patterns such as online times, channel visits, or voice usage
• Personal identity information beyond a Discord User ID

A Prism profile contains only the numeric trust score and a log of past moderation events - nothing else. There is no behavioural tracking, no content scanning, and no activity profiling of any kind. Trust scores are shared across all servers using Baxi, meaning a moderation event on one server affects the user's score network-wide. Users scoring 30 or below are automatically flagged, which blocks Global Chat access.

You can opt out of Prism at any time by running /prism-optout in any server with Baxi. This is a toggle command - running it once opts you out and deletes your Prism profile, running it again opts you back in. While opted out, no trust score is maintained and no moderation events are recorded by Prism for your account.

If the ticket system is enabled on a server, Baxi stores ticket transcripts containing the ticket title, messages exchanged, participant User IDs, and timestamps. Transcripts are accessible to server staff and are automatically deleted after 30 days in accordance with our retention policy.

If verification is enabled, Baxi processes the User ID and verification method (button click, CAPTCHA response, or password input) to grant server access. No verification data is stored beyond the event itself - once a user is verified, only the fact that verification succeeded is retained.

Baxi's anti-spam system analyses message frequency, mention counts, and repeated content in real time to detect spam. This processing happens entirely in memory - no message content is stored by the anti-spam system. If a spam event triggers a moderation action (e.g. mute or warn), only the moderation log entry is retained.

Baxi operates 100% independently on our own infrastructure. We do not share or sell any data with third parties. All data processing happens exclusively within the Avocloud network.

Baxi communicates with the Discord API (operated by Discord Inc.) to function as a Discord bot. This means that data such as user IDs, message content, and guild information is exchanged with Discord's infrastructure as part of normal bot operation. This exchange is governed by Discord's Privacy Policy. We do not control or receive data from Discord beyond what is passed to the bot at the time of an event.

Message content may be sent to our self-developed SafeText backend for rule-based analysis. SafeText runs exclusively on our own infrastructure. No data is stored after the request is processed - all content is held in working memory only for the duration of the request and deleted immediately afterwards.

Certain features may use our self-hosted AI model running on our own infrastructure. No data is transmitted to any third-party AI provider or external service. As with SafeText, no data is retained after a request completes - content is processed in memory and discarded immediately. Which backend is used depends on the configuration set by the respective server administrator in their guild settings.

If live tracking is enabled, Baxi queries the public APIs of Twitch (operated by Twitch Interactive, Inc.), YouTube (operated by Google LLC), and/or TikTok (operated by ByteDance Ltd.) to detect when a configured streamer goes live. Only publicly available stream metadata (stream title, preview image, viewer count) is retrieved. No user data from your Discord server is sent to these platforms.

We do not integrate any advertising networks, analytics platforms, or other third-party data processors beyond those listed above.

support@avocloud.net

Join our community at avocloud.net/discord