Privacy Policy

Last updated: 2026-06-08. This policy describes how Caelum handles information when you use the bot, the dashboard on this website, or related services.

Who we are

Caelum provides a Discord bot and configuration dashboard. We process data described below to run the service for server staff and members.

Caelum is not Discord. Discord provides the platform where the bot operates. For how Discord handles your account, see Discord's Privacy Policy.

Information we collect

We collect only what we need to run enabled features. The list below covers typical categories. Actual storage depends on which modules staff enable.

Discord bot

When the bot is in a server, we may process and store:

Server (guild) identifiers, names, and configuration you set through slash commands or the dashboard
Discord user identifiers, usernames, avatars, roles, and channel identifiers needed for enabled modules
Moderation cases, audit events, tickets, leveling data, giveaway entries, and similar records created by enabled features
Message content or metadata only when an enabled module requires it, such as logging, automod, honeypot, leveling, AI replies, or custom command output
Webhook and integration settings, including per-guild secrets stored on our servers

We do not store every message in a server by default. What is stored depends on which modules are enabled and how staff configure them.

Dashboard and account login

If you log in with Discord to manage a server, we may store:

Your Discord user ID, username, and avatar URL
A list of servers you can manage through Discord OAuth
OAuth refresh tokens and session records in our database
A signed session cookie (caelum_session) in your browser

Cookies and similar technologies

We use cookies and similar storage for:

Session authentication ( caelum_session): keeps you logged into the dashboard until it expires or you log out
Analytics (Rybbit): measures page views and basic technical data on public site pages

You can block cookies in your browser. Blocking the session cookie prevents dashboard login. Blocking analytics cookies does not affect bot features in Discord.

Website analytics

We use Rybbit to measure traffic on this website. Rybbit may receive page paths, referrer information, browser type, and similar technical data. Dashboard paths that include a server ID are grouped under a masked path pattern so individual guild IDs are not stored in analytics. Auth and API routes are excluded from pageview tracking.

Security and operations logs

We may keep short-lived HTTP, authentication, and error logs for security and troubleshooting. These logs may include IP addresses, timestamps, and request paths.

How we use information

Provide bot features enabled for a server
Authenticate staff and enforce permission checks on the dashboard
Maintain guild settings, module state, and audit history
Improve the website and measure aggregate usage
Protect the service against abuse and diagnose failures
Comply with law when required

We do not sell Discord user data. We do not use Discord data for third-party advertising.

Legal bases (where applicable)

Depending on your region, we rely on one or more of: performance of the service you or your server staff requested, legitimate interests in operating and securing the service, and compliance with legal obligations. Where consent is required for optional processing, we will ask before collecting beyond what the service needs.

AI and third-party providers

If the AI module is enabled for a server, message content or prompts needed for a reply may be sent to the provider configured for that server (for example OpenRouter or OpenAI). That provider's terms and privacy policy apply to those requests. Provider API keys are stored on our servers, not in your browser.

How we share information

With Discord through the Discord API, as required for bot and OAuth functionality
With infrastructure providers that host our database, bot, API, or website
With analytics providers such as Rybbit for website usage measurement
With configured integration providers when staff enable webhooks or plugins
When required by law or to protect the service, users, or the public

Data retention

Retention depends on enabled modules and operational needs. Typical behavior includes:

Guild configuration and module data kept while the bot remains in the server
Moderation cases, audit logs, and module records kept until deleted by staff or removed with the guild
Dashboard sessions expiring after about 30 days unless revoked earlier
Security logs retained for a limited period, often up to 90 days

When the bot is removed from a server, we may delete or retain guild data according to backup, legal, and operational requirements.

Your choices and rights

Depending on your location, you may have the right to:

Ask what data we store about you or your server
Request correction or deletion of personal data we control
Revoke the bot's access by removing it from a server
Log out of the dashboard or clear the session cookie
Disable modules that process messages or member events
Object to or restrict certain processing where your local law provides those rights

For data inside a Discord server, server administrators control bot configuration and many moderation records. Contact your server staff first for in-server requests, then contact us if needed.

To request access, correction, or deletion of data we control, email Use the support options listed on this website. with enough detail to identify your Discord account or server. We may need to verify that you are the account holder or an authorized server administrator before acting on a request.

California and similar privacy laws

If you are a California resident or covered by similar laws, you may have additional rights to know, delete, or correct personal information. We do not sell personal information as defined by the CCPA. To exercise rights, contact us at Use the support options listed on this website..

Security

We use signed session cookies for the dashboard, encrypted transport (HTTPS) in production, and access controls around production systems. No online service can guarantee perfect security.

Security incidents

If we learn of unauthorized access to personal data we control, we will investigate, take steps to reduce harm, and notify affected users or server staff when required by law or when the incident poses meaningful risk. Contact Use the support options listed on this website. if you believe your data or account has been compromised.

Children

Caelumis intended for Discord communities managed by server staff. Discord's minimum age rules apply. The service is not directed at children under 13.

International users

Data may be processed in countries where we or our providers operate. If you are in the EEA, UK, or other regions with privacy laws, contact us for lawful basis and transfer details.

Changes

We may update this policy when features or legal requirements change. The last updated date appears at the top of this page. Material changes may also be noted on the website or in release notes when practical.

Contact

Privacy questions: Use the support options listed on this website.