Discord Bot Privacy Policy

This policy covers the hosted Feri Discord bot specifically: what it accesses, what it never touches, and how little it keeps.

Effective date: 1 July 2025. This policy applies to the Feri Discord application (the "Bot"). For the website, MCP server, and relay, see the full Privacy Policy.

Summary

  • The Bot relays messages in channels you explicitly connect to it.
  • It does not read direct messages.
  • It does not collect server-wide data or member lists.
  • It does not build or store user profiles.
  • Message content is relayed, then deleted; it is not stored.

1. Scope

1.1 This policy describes the data practices of the Bot when it is added to a Discord server and connected to a channel using a Feri connection code.

1.2 Your use of Discord itself is governed by Discord's own Privacy Policy and Terms of Service.

2. What the Bot accesses

2.1 Message content in connected channels only. Once a channel is verified with a connection code, the Bot reads messages posted in that specific channel so it can relay them to your AI, and posts replies back to that same channel.

2.2 The channel identifier of a connected channel, so the relay knows where to deliver replies. This identifier is held in encrypted form by the relay.

2.3 The Bot processes a message's text content transiently in order to relay it. It does not read, index, or retain channels you have not connected.

3. What the Bot never accesses

  • Direct messages (DMs) — the Bot does not read or use DMs.
  • Server-wide data — it does not collect member lists, roles, other channels, or server metadata for any purpose beyond operating in the connected channel.
  • User profiles — it does not collect or store usernames, avatars, IDs, or any profile information to build a profile of you.
  • Your files or code — only chat messages flow through the Bot; it has no access to your machine, workspace, or repository.

4. Storage and retention

4.1 Messages are not stored. Incoming messages are placed in a transient relay queue, encrypted in transit (TLS 1.3), delivered to your MCP server, and then deleted. Any message not collected within five (5) minutes expires and is removed automatically.

4.2 The Bot itself maintains no archive of message content. When a channel is disconnected, the connection mapping is deleted and the queue is purged.

4.3 There are no accounts and no advertising or analytics tracking associated with the Bot.

5. Permissions requested

5.1 The Bot requests least-privilege permissions needed to function: View Channels, Send Messages, Read Message History, Add Reactions, and Embed Links. These apply to the channels in which it is used.

5.2 Reading message history and message content is necessary for the Bot's core purpose — relaying messages between a connected channel and your AI. It is used for that purpose only.

6. Removing the Bot

6.1 You can disconnect a channel at any time by running /disconnect in it. This deletes the connection mapping and purges its message queue.

6.2 You can remove the Bot entirely by removing it from your Discord server through Discord's server settings. Once removed, it can no longer access any channel.

7. Discord Developer Policy compliance

7.1 The Bot operates in accordance with the Discord Developer Policy and the Discord Developer Terms of Service.

7.2 Consistent with those policies, the Bot accesses only the data it needs for the feature you have enabled, does not use message content for profiling or advertising, and does not retain message content beyond the transient relay described above.

7.3 Feri is open source under GPL-3.0, so the Bot's behaviour can be inspected in full.

8. Changes

8.1 We may update this policy as the Bot evolves. Material changes are reflected by an updated effective date here, with history visible in the public source repository.

9. Contact

9.1 Questions or concerns about the Bot can be raised through the project's public repository.

This document is provided for transparency and does not constitute legal advice.