Yvonne Privacy Policy

Last updated: June 7, 2026

This Privacy Policy explains how Yvonne ("the Bot", "we", "our") collects, uses, and protects your data when you use the Bot on your Discord server.

Data We Collect

Server Configuration: Settings configured by server administrators through the dashboard, including monitored channel IDs, action rules, detection thresholds, whitelisted role IDs, and feature toggles. Stored in a PostgreSQL database.
Anonymous Statistics: Aggregate counters (e.g., number of messages processed, number of actions taken, number of AI chat interactions). These are key-value counters that cannot be traced back to individual users.
Threat Intelligence Data: Discord user IDs and violation reasons reported by participating servers, shared exclusively within the cross-server defense network for security purposes.
License Data: Discord user IDs and license codes voluntarily submitted by users to redeem software tool access.

Data We Do NOT Collect

The Bot does not store any message content. All messages are processed exclusively in Node.js memory in real-time and are immediately eligible for garbage collection — their lifespan is measured in milliseconds. Behavioral fingerprints used for spam detection auto-expire after 10 minutes. We do not maintain message logs, chat histories, or conversation archives of any kind.

How We Use Data

Server configuration data is used solely to execute the security monitoring features configured by server administrators.
Anonymous statistics are used to display bot operational status.
Threat intelligence data is shared only among servers that have voluntarily joined the cross-server defense network.
We do not sell, license, or share data with any third party for advertising, marketing, or commercial purposes.

Data Storage & Security

All persistent data is stored on a PostgreSQL server managed by the bot operator. Data transmission uses TLS encryption. Database queries use parameterized statements to prevent injection attacks. Internal API communications use HMAC-SHA256 signature verification.

Machine Learning & AI

The Bot does not use any machine learning or AI models to process message content or determine violations. All security detection uses deterministic rule engines and statistical methods (regex pattern matching, behavioral fingerprint hashing, coefficient-of-variation analysis). The Bot's optional AI chat feature does not store conversation content.

Data Retention & Deletion

Users stop all data processing immediately upon leaving the server.
Server administrators can clear all server data instantly via the dashboard's initialization function.
Behavioral fingerprints are automatically purged after 10 minutes.
Users may request deletion of their personal data by contacting the developer (see Contact). Requests are processed within 30 days.
Threat intelligence records for a user are automatically removed when the threat expires.

Third-Party Services

The Bot does not share data with third-party advertising networks, data brokers, or analytics services. Threat intelligence data is shared only within the voluntary cross-server defense network. No data is transferred outside the bot operator's infrastructure except as described in this policy.

Children's Privacy

The Bot is not directed at children under the age of 13, and we do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us so we can delete it.

No Monetization

The Bot has no paid features, subscription plans, or paywalls. It does not display advertisements or send commercial content. User data is never used for profit.

Policy Updates

This Privacy Policy may be updated from time to time. Material changes will be announced in the support server. Continued use of the Bot after changes constitutes acceptance of the updated policy.

Contact

For privacy-related inquiries or data deletion requests, please join the support server or contact the developer via GitHub.