SentriSentri
Legal

Privacy Policy

Last updated: May 25, 2026

Sentri is built for communities that take their operations seriously. We take your privacy equally seriously. This policy explains exactly what data we collect, why, and how it is protected.

Information We Collect

  • When you authenticate with Sentri, we collect your Discord user ID, username, and avatar URL through Discord's OAuth system. We do not collect your Discord password or private messages.
  • When you connect a Discord server to Sentri, we store the server's guild ID, name, and icon URL. We also record membership and role information for users who have signed in.
  • When your community members interact with Sentri in Discord, we log the questions asked, the AI responses generated, citations provided, and confidence scores. We do not log general server conversations — only messages directed at Sentri.
  • We collect usage data including AI request counts, knowledge source counts, and feature usage to operate the service and enforce plan limits.

How We Use Your Information

  • To operate the Sentri service — including generating AI responses, managing your knowledge base, and enforcing role-based permissions.
  • To improve response quality by analyzing low-confidence answers and failed queries. This analysis is performed within your server's data — your documents are never used to train models for other customers.
  • To enforce fair usage limits based on your subscription plan.
  • To communicate service updates, billing notifications, and support responses via the email associated with your account.

Data Isolation

  • Each Discord server you connect is treated as an isolated tenant. Your knowledge base, response logs, and member data are never shared with or accessible by other Sentri customers.
  • Your uploaded documents and knowledge entries are used exclusively to power AI responses within your own server. We do not use your proprietary content to train AI models for any other purpose.
  • Supabase Row Level Security (RLS) is enforced at the database level, ensuring that even within our infrastructure, your data cannot be accessed by queries scoped to other servers.

Data Retention

  • AI response logs are retained for 90 days by default. You may request earlier deletion by contacting support.
  • Knowledge base content (documents and manual entries) is retained until you delete it from the dashboard.
  • If you cancel your Sentri account, your data is retained for 30 days to allow for account recovery, then permanently deleted.

Third-Party Services

  • OpenAI: We use OpenAI's API to generate embeddings and AI responses. Questions asked by your community members are sent to OpenAI's API for processing. OpenAI's data usage policies apply. We do not enable training data sharing with OpenAI.
  • Supabase: We use Supabase to store all application data, including user profiles, server configurations, and knowledge bases. Supabase processes data in accordance with their privacy policy.
  • Stripe: We use Stripe to process subscription payments. We do not store payment card information — all billing data is handled by Stripe.
  • Discord: Authentication and bot functionality is provided through Discord's API. Discord's privacy policy governs data collected through their platform.

Your Rights

  • You may request a copy of all data Sentri holds about you or your server by contacting us at privacy@sentri.gg.
  • You may request deletion of your account and associated data at any time.
  • You may disconnect your Discord server from Sentri at any time through the dashboard. This removes the bot from your server and stops all data processing.
  • If you are located in the EU or UK, you have additional rights under GDPR/UK GDPR including the right to rectification, restriction of processing, and data portability. Contact us to exercise these rights.

Security

  • All data is encrypted in transit using TLS. Data at rest is encrypted by Supabase's infrastructure.
  • Access to production systems is restricted to authorized personnel only.
  • Internal service communication (between the bot and API) uses a shared secret token and is not exposed to the public internet.
  • If you discover a security vulnerability, please report it responsibly to security@sentri.gg.

Contact

  • If you have questions about this Privacy Policy or how we handle your data, contact us at privacy@sentri.gg or through the Contact page on this website.
  • We will respond to all privacy-related inquiries within 5 business days.