AntiScammer
English
English العربية Deutsch Español Français Italiano 日本語 한국어 Nederlands Polski Português Português (Brasil) Русский
Log in Add to your server

Legal

Legal & Compliance

Review AntiScammer’s Terms of Service, Privacy Policy, and Data Processing Agreement.

Terms of Service Privacy Policy Data Processing Agreement (DPA) 
# PRIVACY POLICY FOR ANTISCAMMER

**Last Updated:** March 11, 2026  
**Version:** 5.0 (GDPR Compliant)

---

## 1. DATA CONTROLLER & CONTACT INFORMATION

**Data Controller:** Ram2 / AntiScammer  
**Primary Contact:** Ram2 via Discord  
**Support Server:** https://discord.gg/BVFsE2Z29Q  
**Response Time for Data Requests:** 30 days

For data subject requests (access, correction, deletion, or objections), contact Ram2 via the support server or direct message. We will respond within 30 days as required by law.

---

## 2. WHAT IS ANTISCAMMER?

AntiScammer is a Discord moderation bot designed to detect, verify, and track confirmed fraudulent activity to maintain platform security and protect community members from scammers.

**Key Principle:** We only store data about **confirmed scammers verified by human staff review**. We do not use automated decision-making to flag or ban users.

---

## 3. DATA WE COLLECT

### 3.1 Bot-Related Data

When AntiScammer operates in a Discord server, we collect and process:

- **Discord User IDs** — Of users flagged as confirmed scammers
- **Discord Usernames** — Associated with the scam report (at time of flagging)
- **Server IDs** — The Discord server(s) in which the flagged behavior occurred
- **Report Details** — Summary of the scam evidence and reason for flagging

### 3.2 Message Scanning

- **Message Content (Real-time Scanning):** AntiScammer scans messages in real-time for fraud detection patterns
- **Transient Processing:** This scanning is temporary and occurs in memory only
- **Storage Only After Review:** Messages are NOT permanently stored unless manually flagged by staff as suspicious
- **Staff Review Required:** All flagged messages are manually reviewed by our moderation team before any action is taken

### 3.3 Website Data (antiscammer.app)

If you use the AntiScammer dashboard at antiscammer.app, we collect:

- **Email Addresses** — For account creation and support communication
- **Discord Usernames & User IDs** — For dashboard authentication and account management
- **Support Ticket Information** — Any information you submit when requesting help

---

## 4. LAWFUL BASIS FOR PROCESSING

**We process your data under GDPR Article 6(1)(f) — Legitimate Interests.**

### Our Legitimate Interest:
Maintaining Discord platform security and preventing confirmed fraudulent activity to protect community members from scammers, cheaters, and malicious actors.

### Balancing Test:
We have carefully balanced our legitimate interest against your fundamental rights and freedoms:

- **Our Interest:** Protecting thousands of Discord communities from confirmed fraud
- **Your Interest:** Privacy and freedom from being flagged
- **Outcome:** Community safety outweighs individual privacy in cases of confirmed malicious conduct

### Why This Basis, Not Consent?
Consent is not practical for a security bot because users cannot opt-in before their suspicious behavior is detected. Instead, we rely on Legitimate Interests combined with a human review requirement that ensures fairness and accuracy.

---

## 5. HOW WE USE YOUR DATA

### 5.1 For Confirmed Scammers:

- Detecting and preventing repeat scamming or fraudulent behavior
- Cross-server enforcement to protect multiple communities
- Maintaining a verified database of confirmed malicious actors
- Enabling other communities to identify and block known scammers

### 5.2 For Website Users:

- Account management and dashboard access
- User support and troubleshooting assistance
- Managing Discord servers connected to your account
- Creating and tracking support tickets

### 5.3 What We Do NOT Use Data For:

- ❌ Advertising or marketing
- ❌ Profiling or behavioral analysis
- ❌ Automated decision-making (all decisions are manually reviewed)
- ❌ Selling data to third parties
- ❌ Non-security-related purposes

---

## 6. HUMAN REVIEW PROCESS

**All flagging decisions are manually reviewed by our moderation team.**

1. **Initial Flag:** A user or system reports suspicious behavior with evidence (screenshots, logs, confessions)
2. **Manual Review:** A staff member investigates the evidence
3. **Confirmation Required:** Staff must verify the behavior is confirmed fraud before storage
4. **Documentation:** The decision is logged with evidence and staff member name
5. **Storage:** Only confirmed cases are added to our database

**We do NOT:**
- Automatically ban users based on algorithms
- Store data on suspicion alone
- Use automated decision-making with legal effects (Article 22 GDPR)
- Flag users based on association without individual verification

---

## 7. WHO HAS ACCESS TO YOUR DATA?

### 7.1 Bot Database (Flagged User IDs)

**Authorized Access:**
- Ram2 (primary data controller)
- Designated moderation staff members

**Purpose of Access:**
- Reviewing flagged cases
- Approving appeals
- Unbanning users if false flags are discovered
- Annual compliance reviews

**Access Logging:**
- All access to the flagged database is logged
- Logs record WHO accessed WHAT and WHEN
- Logs are retained for audit purposes

### 7.2 Website Data (Emails, Usernames, Support Tickets)

**Authorized Access:**
- Full staff team (for user support and troubleshooting)
- Limited to legitimate support and account management purposes

**Data Security:**
- All data is stored with encryption (AES-256 or equivalent)
- Unauthorized access is strictly prohibited
- Regular security audits are conducted

### 7.3 No Third-Party Sharing

- **Data is never sold** to third parties
- **Data is never shared** with external companies
- **Data is not disclosed** except where legally required (law enforcement, court orders)
- **All data remains internal** to AntiScammer staff only

---

## 8. DATA RETENTION & REMOVAL

### 8.1 Flagged User Data Retention Policy

**Base Retention Period:**
User IDs of confirmed scammers are retained **indefinitely** to prevent recidivism and protect community members from re-offending scammers.

**Extended Retention with Activity:**
If a flagged user is detected (spotted) in any Discord server monitored by AntiScammer within a 5-year window:
- The retention period extends an **additional 5 years** from the date of last detection
- This ensures active threats remain tracked across multiple offenses
- One-time offenders who go inactive are eventually removed

**Automatic Purge Process:**
- Users whose last detected activity occurred **more than 5 years ago** are automatically removed from our database
- This purge process is logged and reviewed annually

**Deleted Account Handling:**
- If a flagged Discord account is deleted (identified via Discord's `deleted_user_*` naming convention or API 404 errors), we remove that record **immediately**
- The associated person no longer has an active Discord identity, so retention is no longer necessary
- Deletion is logged for compliance purposes

### 8.2 Website Data Retention

- **Active Accounts:** Retained as long as your account is active
- **Inactive Accounts:** Retained for 12 months after last login; may be purged thereafter
- **Deletion Request:** You can request removal at any time (see Section 11)

### 8.3 Message & Log Data

- **Scanned Messages:** Temporarily stored in memory during processing; deleted within 2hrs of flag being deemed invalid
- **Flagged Messages:** Retained for review purposes; deleted once staff decision is made or after 30 days, whichever is sooner
- **Audit Logs:** Retained indefinitely for compliance and accountability

### 8.4 Annual Compliance Review

We conduct **annual reviews** to verify:
- Flagged accounts are still accurate and the flagging is justified
- Deleted accounts are identified and removed
- Retention periods remain justified
- Data minimization principles are maintained
- No unauthorized access has occurred

---

## 9. YOUR RIGHTS UNDER GDPR

You have the following legal rights regarding your personal data:

### 9.1 Right of Access (Article 15)

**You may request a copy of the data we hold about you.**

- Includes all stored information tied to your Discord User ID
- We will provide it in a clear, accessible format
- Response within 30 days

### 9.2 Right to Rectification (Article 16)

**You may request correction of inaccurate data.**

- If flagged in error or with incorrect information, request a correction
- We will investigate and correct confirmed inaccuracies
- Response within 30 days

### 9.3 Right to Erasure — "Right to Be Forgotten" (Article 17)

**You may request deletion of your data.**

However, we may **deny erasure requests** in the following cases:

- **Protection of Community Safety:** If you have been reliably associated with confirmed fraudulent activity, we may retain your UID to prevent recidivism
- **Active Appeal:** If you have an appeal under review, we retain data pending decision
- **Legal Necessity:** If required by law or to defend legal claims

**In cases of denial:**
- We will explain our reasoning in writing within 30 days
- You may appeal this decision via our support process

**Appeals Approved = Immediate Deletion:**
- If your appeal is approved, your data will be deleted immediately upon approval
- No waiting period applies

### 9.4 Right to Restrict Processing (Article 18)

**You may request that we limit how we use your data.**

- During disputes about accuracy or lawfulness, we can restrict processing
- Restricted data is stored but not actively used
- Processing restrictions remain in place pending resolution

### 9.5 Right to Object (Article 21)

**You may object to processing under Legitimate Interests.**

You have the right to object at any time. However:

- If you have been flagged for **confirmed fraudulent activity**, our legitimate interest in protecting the community may **override your objection**
- We will assess your objection and notify you of our decision within 30 days
- You may raise a complaint with a supervisory authority (see Section 9.7)

### 9.6 Right to Data Portability (Article 20)

**You may request your data in a portable format.**

- We will provide your data in a structured, commonly-used format (CSV, JSON, etc.)
- You may transfer this data to another service if desired
- Response within 30 days

### 9.7 Right to Lodge a Complaint

**If you believe we are not compliant with GDPR, you may lodge a complaint with your supervisory authority:**

- **UK:** Information Commissioner's Office (ICO) — https://ico.org.uk/
- **EU:** Your national data protection authority
- **Other:** Check your country's data protection regulatory body

---

## 10. APPEAL & DISPUTE PROCESS

### 10.1 How to Appeal Being Flagged

If you believe you have been flagged in error or unfairly:

**Step 1: Submit an Appeal**
- Join our support server: https://discord.gg/BVFsE2Z29Q
- Open a ticket via our appeal system
- Provide evidence supporting your claim

**Step 2: Staff Review**
- Your appeal is reviewed by our moderation team
- We examine the original evidence and your counter-evidence
- Response provided within 30 days

**Step 3: Decision**
- **Approved:** Your data is deleted immediately upon approval
- **Denied:** We explain our reasoning in writing
- You may request a second review of denied appeals

### 10.2 Appeal Process Rules

To ensure fair process:

- Appeals must be submitted in English or with translation provided
- Evidence must be provided in the appeal ticket
- Respectful tone is required; abusive appeals may be closed
- Response time: Within 30 days of submission

### 10.3 False Flag Correction

If you were flagged in error:

- We will delete your data immediately upon confirmation of error
- No appeal waiting period applies to genuine false flags
- We apologize for the inconvenience

---

## 11. SECURITY MEASURES

We implement strict security practices to protect your data:

### 11.1 Technical Safeguards

- **Encryption:** All stored data is encrypted (AES-256 or equivalent standard)
- **Access Control:** Data is only accessible to authorized staff members
- **Restricted Infrastructure:** Database is hidden and isolated from public access
- **HTTPS:** All communication with antiscammer is encrypted
- **SSL:** All internal communication and sites uses SSL for higher security

### 11.2 Organizational Safeguards

- **Staff Training:** All staff with data access are trained on GDPR and data protection
- **Access Logging:** All access to flagged data is logged and monitored
- **Regular Audits:** Security reviews are conducted annually
- **Incident Response:** Data breach protocols are in place

### 11.3 Important Disclaimer

Despite these safeguards, **no system is 100% secure**. If a data breach occurs:

- We will notify affected users **without undue delay**
- We will report the breach to relevant supervisory authorities as required by law (Article 33 GDPR)
- We will post a notice in our support server

---

## 12. CHILDREN'S DATA

**AntiScammer does not knowingly collect data from children under 13.**

Discord's Terms of Service require users to be at least 13 years old. If we become aware that we have collected data from a child under 13, we will:

- Delete that data immediately
- Contact the user's parent/guardian
- Comply with all applicable laws

---

## 13. INTERNATIONAL DATA TRANSFERS

**Primary Jurisdiction:** UK/EU GDPR Compliant  
**Secondary Compliance:** CCPA (California), similar US state laws

If data is transferred internationally:

- All transfers comply with GDPR Chapter 5 (Articles 44-50)
- Appropriate safeguards are implemented (Standard Contractual Clauses, etc.)
- Transfers are minimized where possible

---

## 14. CHANGES TO THIS POLICY

We may update this Privacy Policy at any time to reflect changes in:

- Our operations or data practices
- Legal requirements
- Feedback from users and regulators

### Notification of Changes

- **Major Changes:** Will be announced in our support server (https://discord.gg/BVFsE2Z29Q)
- **Minor Changes:** Updated on this page without additional notice
- **Continued Use:** Means you accept the updated policy

**Last Updated:** March 11, 2026  
**Previous Version:** Available upon request

---

## 15. CONTACT US FOR DATA INQUIRIES

### Data Subject Rights Requests

To exercise any of the rights listed in Section 9, contact:

**Discord:**
- Join our support server: https://discord.gg/BVFsE2Z29Q
- Message Ram2 directly or open a data request ticket

**Expected Response Time:** Within 30 days

### General Questions

For questions about this Privacy Policy or our data practices:

- Support Server: https://discord.gg/BVFsE2Z29Q
- Discord DM: Message Ram2

---

## 16. LEGITIMATE INTERESTS ASSESSMENT (LIA) SUMMARY

This section summarizes our Legitimate Interests Assessment, which you may request in full.

### Purpose Test ✓
**Purpose:** Maintain Discord platform security and prevent confirmed fraudulent activity

### Necessity Test ✓
**Necessity:** 
- User IDs are the only reliable persistent identifier for enforcing security measures
- Usernames and tags can be changed; IDs cannot
- Human review ensures only necessary data is stored
- Minimal data (UID + username only) is collected

### Balancing Test ✓
**Balance:**
- **Community Interest:** Protecting thousands of users from confirmed scammers
- **Individual Interest:** Privacy of flagged users
- **Outcome:** Community safety outweighs individual privacy for confirmed malicious actors
- **Safeguards:** Human review, appeal process, data minimization, encryption

---

## 17. COMPLIANCE SUMMARY

✅ **Lawful Basis:** Article 6(1)(f) — Legitimate Interests  
✅ **Transparency:** Full disclosure of data practices  
✅ **Data Minimization:** Only necessary data collected  
✅ **Storage Limitation:** Clear retention and purge policies  
✅ **Integrity & Confidentiality:** Encryption and access controls  
✅ **Accountability:** Annual reviews and audit logging  
✅ **Data Subject Rights:** All GDPR rights honored  
✅ **Human Review:** No automated decision-making  

---

## 18. JURISDICTIONS & APPLICABLE LAW

This Privacy Policy complies with:

- **GDPR (EU/UK):** General Data Protection Regulation
- **CCPA (California):** California Consumer Privacy Act
- **Similar Laws:** Data protection regulations in your jurisdiction

If you are in the EEA and have concerns about our practices, you may:

1. **Contact us** (Section 15)
2. **File a complaint** with your supervisory authority (Section 9.7)
3. **Seek legal remedies** available in your jurisdiction

---

## 19. ACKNOWLEDGMENT

By using AntiScammer, you acknowledge that:

- You have read this Privacy Policy
- You understand how your data is collected and processed
- You consent to processing under the terms described above
- You may withdraw consent by requesting data deletion (subject to legal exceptions)

---

**Questions? Need Clarification?**

Contact Ram2 in our support server: https://discord.gg/BVFsE2Z29Q

We're happy to discuss any aspect of this policy or our data practices.

---

**© 2026 AntiScammer. All Rights Reserved.**