Privacy Policy

Effective July 16, 2026

This Privacy Policy explains what data Docent (the "Service"), operated by Skelvon Labs LLC (d/b/a Docent), processes when it moderates a Discord server, why, how long it is kept, and the rights server administrators and their members have. It reflects how the Service actually works, and it describes the controller/processor roles that apply when an organization operates a server (Section 2).

1. Data we process

Message content (transient)

When the Service is installed on a server, the text and images of messages posted in non-exempt channels are analyzed by the moderation pipeline as they are posted (and again when a message is edited). For the large majority of messages — anything the AI does not flag — the content is not stored; it passes through the analysis and is discarded.

Flagged content and moderation records (retained)

When a message is flagged, or logged for observation, we store the message content, the AI's verdict (categories, scores, which layer decided), the author's and server's Discord IDs, any attached images, and the moderator's eventual decision (approve / reject) and resulting actions (strikes, bans, pauses). This is what powers the moderation dashboard, the audit trail, and strike/ban escalation.

Learned moderation signal (retained as long as the bot is in your server)

To improve accuracy for your server, we retain a durable record of community-confirmed flags and human moderator/administrator decisions (the message excerpt and the decision). This learned signal is what lets the Service recognize repeat violations and apply your moderators' past judgments.

Account and billing data

When you log into the dashboard we use Discord OAuth to identify you (your Discord user ID, username, and the list of servers where you have Manage Server permission). Paid subscriptions are processed by Stripe; we do not store your card details — Stripe does, as the payment processor.

2. Roles: controller and processor

For Discord message content and member moderation records, the server's administrators — or the company or organization that operates the server — act as the data controller: they set the rules, configure the Service, and make the moderation decisions. Skelvon Labs LLC (d/b/a Docent) acts as a processor on their behalf. For dashboard account data and billing records, Skelvon Labs LLC (d/b/a Docent) is the controller. Organizations that require a data processing addendum (DPA) can request one at the contact below.

3. Why we process it (purpose)

Solely to provide the moderation service: analyzing content against your server's rules, surfacing flagged content to your moderators, maintaining strike/ban and audit records, improving accuracy from your moderators' decisions, operating the dashboard, and billing paid plans. We do not sell personal data or "share" it for cross-context behavioral advertising (as defined under the California Consumer Privacy Act), and we do not use your members' message content to train foundation models.

4. How long we keep it (retention)

5. Deletion and your rights

You can cause deletion of your data in the following ways:

Depending on your jurisdiction you may have rights to access, correct, or delete your personal data, or to object to processing. To exercise these rights, contact [email protected]. Note that for message content, the server administrators are the primary data controllers for their community; we act as a processor on their behalf and will coordinate deletion requests with them.

6. Subprocessors

We share data with the following service providers only to the extent needed to run the Service:

We update this list when subprocessors change; material changes are reflected by the effective date at the top of this page.

Content sent to the AI providers above is used to return a moderation result for your server, not to train their public models on your members' content, per those providers' applicable API terms.

7. International data transfers

The Service is operated from the United States; data is processed there and by the subprocessors above in their own regions. If you use the Service from outside the United States, you understand that content is transferred to and processed in the United States. For organizations with GDPR/UK GDPR obligations, transfer terms can be addressed in a DPA.

8. Security

Data in transit is encrypted with TLS. Data is stored in a database on managed infrastructure and backed up off-host in compressed, access-controlled storage. Access to the operational systems is restricted. No system is perfectly secure, but we take reasonable measures to protect the data we hold.

9. Children

The Service is used within Discord servers and is subject to Discord's own minimum-age requirements. It is not directed to children below the age required to use Discord in their region.

10. Changes to this Policy

We may update this Policy; material changes are reflected by the effective date above and, where practical, surfaced in the dashboard.

11. Contact

For any privacy question or request, contact [email protected].


Terms of Service  ·  Privacy Policy  ·  Home  ·  Questions? [email protected]