Privacy Policy

Last updated: June 01, 2026

AurInfer Labs is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services. This Privacy Policy applies to your use of our website aurinfer.com, applications, tools, and AI-powered bot services — including chatting, voice communication, social media posting, autonomous server activity, and platform integrations across Discord, X (Twitter), Bluesky, and Minecraft (collectively, the "Services"). By using our Services, you agree to the practices described in this Privacy Policy.

1. Information We Collect

  • Account Information: We collect your name, email address, Discord ID, and other identifiers when you create an account or interact with our Services.
  • User & Admin Consent Records: Before a bot is activated in a Discord server, server admins explicitly accept AurInfer's Terms of Service, Privacy Policy, and Guidelines via an interactive embed/button — on behalf of themselves and their server members. Before using the bot in DMs, the individual user is presented with AurInfer's Terms, Privacy Policy, and Guidelines; continued use constitutes acceptance. We log consent records including Discord IDs, server IDs, timestamps, and consent versions.
  • Usage Logs & Analytics: We collect and retain usage logs, analytics, and interaction data related to your use of our bots and dashboard, such as commands executed, tool usage, bot configurations, and feature interactions. This data is retained in a secure environment for platform integrity, abuse detection, and operational purposes.
  • Payment Data: For subscriptions or premium features, payment information is processed securely via third-party providers (e.g., Patreon). We do not store sensitive payment details such as credit card numbers.
  • Cookies, Session Identifiers & Security Data: We use essential security cookies, session identifiers, IP addresses, Clerk client/session IDs, and browser/device fingerprints generated using FingerprintJS-compatible technology to protect accounts, detect abuse, enforce bans, prevent spam or fraud, and secure the Service. Browser fingerprints are not used for advertising, cross-site marketing, or selling user data. Because this fingerprinting is necessary for security and abuse prevention, it is not optional in the same way as marketing or analytics cookies. We retain a limited set of recent browser fingerprints per account/session; as new fingerprints are generated, older ones are automatically rotated out. Fingerprints connected to active bans, abuse investigations, or security enforcement may be retained for as long as necessary for those purposes. Users may contact us to object to or request deletion of this data, but we may retain or continue processing security identifiers where needed to protect the Service, enforce our Terms, prevent abuse, or handle legal or security claims.
  • Core Memory System: With explicit user consent via the dashboard, we process messages via AI to generate layered memories: short-term (~5–50 messages, minutes–hours), working memory (hours–days), and long-term/episodic/semantic memories (weeks to indefinite, subject to exponential decay). Memories include AI-generated summaries, vector embeddings, importance scores, timestamps, tags, and metadata. Raw messages are deleted immediately after processing. Only summaries persist until decay-based cleanup. Cleanup jobs permanently delete non-pinned memories once their decayed importance score falls below the cleanup threshold. Memories pinned by the bot owner or user via the dashboard are never subject to automatic deletion and are retained until manually removed. Users have full dashboard control: view, edit, pin, delete by type, full reset, or opt-out entirely.
  • Message Content (Non-Memory): When a bot is mentioned in a Discord text channel, it will fetch the previous few messages to understand context (no older than two weeks) for AI processing via our AurInfer API (v1/chat/completion). For slash commands like /ask, only the user-entered prompt text is processed. No message content is stored unless memory is enabled.
  • Voice Chat Data: When a user requests the AI character to join a voice channel (via the VC Presence tool or any equivalent invocation), it processes one speaker's audio at a time in real-time — transcribing via ElevenLabs and generating a response in a custom ElevenLabs voice. No audio recordings are saved; all audio is discarded immediately after response playback. Third-party providers (ElevenLabs) may process audio data under their own policies.
  • Tool Usage Data: AurInfer offers a suite of optional tools (including Web Search, Web Scraper, Image Generation, Administration, DM User, VC Presence, Message History, and others). When enabled, these tools may process message content, search queries, image prompts, server metadata, or platform-specific data in real-time to generate responses. No tool-processed content is retained after the response is delivered, unless memory is enabled and the character determines the information is worth remembering. Tool-specific third-party providers (such as search APIs, image generation services, and YouTube) handle data under their own privacy policies. We exclusively use Zero Data Retention (ZDR)-compliant vendors for all AI model calls, tool integrations, and data processing.
  • Free Will & Sentry System Data: When Free Will is enabled by a server admin, the bot may autonomously read channel messages to assess context before deciding whether to engage. The Sentry subsystem operates background cognitive cycles — periodically fetching a configurable number of recent messages (Fetch Depth) across accessible channels solely to determine whether and how to respond. This passive channel monitoring is used only for real-time decision-making; no messages read during these cycles are stored. Sentry may also facilitate autonomous DM outreach to server members where the server admin has enabled this feature. All Free Will and Sentry activity is governed by the server admin's configuration and is subject to the consent provided at bot activation.
  • Moderation Guardrail Data: Enabled by server admins only (opt-in, disabled by default). All messages in admin-selected moderation channels are processed by AI guardrails for server rule compliance. No message content is stored. Violations escalate to the character's AI for admin-configured actions (delete/warn/timeout/kick/ban). Warning history stores metadata only: user ID, violation category, action taken, and timestamp. Server admins can delete all warning records via the dashboard.
  • Integration Credentials: If you create a bot with Discord integration, you may provide a bot token via the dashboard. If you use Bluesky integration, you may provide an application password. If you use X integration, you must provide your own API credentials from the X developer portal. All integration credentials (Discord bot tokens, Bluesky app passwords, X API keys) are stored securely, encrypted, used solely to host your bot instance, and are never exposed to the front-end or any third party.
  • Minecraft Integration Data: When the Minecraft tool is enabled, the AI character may autonomously join and leave Minecraft servers as configured. We may process server connection details and in-game interaction data solely for the purpose of operating the bot instance. No in-game content or player data is stored beyond what is necessary to complete the interaction.

2. How We Use Your Information

  • To provide, operate, and maintain the Services, including bot functionality, user accounts, platform integrations, and consent logging.
  • To personalize experiences via the Core Memory System (semantic recall: embed current message, query similar memories, inject context into prompts) — only with explicit user consent.
  • To maintain usage logs and analytics for platform security, integrity, abuse prevention, and operational reliability.
  • To ensure security, detect fraud, enforce bans, and prevent abuse via browser fingerprinting, IP logging, session identifiers, and moderation guardrails.
  • To communicate updates, support, or service matters, with opt-out options for marketing communications.
  • To enable real-time voice and text interactions, tool-based features, Core Memory recall, and admin-configured moderation actions.
  • To power Free Will and Sentry autonomous behaviors — including passive channel monitoring, autonomous message sending, reaction mirroring, DM outreach, and chat revival — strictly as configured and consented to by the server admin.
  • To host user-provided Discord, Bluesky, X, and Minecraft bot instances securely with opted-in features.
  • To comply with legal obligations and enforce our Terms of Service, Discord Developer Policy, UAE PDPL, and GDPR.

3. No AI Training — Ever

AurInfer Labs makes the following unambiguous commitments regarding your data and AI training:

  • Your conversations, messages, voice interactions, memory data, tool usage, Free Will activity, and any other content you generate through the Services are never used to train, fine-tune, or improve any AI model — by AurInfer Labs or any third party.
  • AurInfer Labs does not own, operate, or plan to develop proprietary AI models. All AI capabilities are provided by third-party model providers.
  • We exclusively use Zero Data Retention (ZDR)-compliant vendors for all AI model calls, tool integrations, and data processing. This means our AI providers do not retain your data to train their models either.
  • Memory data stored via the Core Memory System is used exclusively to provide contextual recall within your character interactions. It is not shared with, transmitted to, or used by any AI model training pipeline.
  • Aggregated and fully anonymized analytics data (containing no personally identifiable information) may be reviewed internally for platform reliability purposes only.

4. Free Will & Sentry — Autonomous Behavior

Free Will is an optional AurInfer feature that allows AI characters to act autonomously — initiating conversations, reacting to messages, reviving quiet channels, and reaching out to users via DM — without being directly mentioned or prompted. It is disabled by default and must be explicitly enabled and configured by a server admin.

  • Channel Monitoring: When Free Will or the Sentry subsystem is active, the bot passively reads recent messages in accessible channels (up to a configurable Fetch Depth) to assess context and decide whether to engage. This reading is transient and used solely for real-time decision-making. No messages read during these monitoring cycles are stored.
  • Autonomous Messaging: The bot may post standalone messages, reply to conversations, mirror emoji reactions, or send voice messages in channels where Free Will is enabled, based on engagement thresholds and rate limits configured by the server admin.
  • Autonomous DM Outreach: If the server admin has enabled the Direct Messages toggle within Free Will settings, the bot may send unsolicited DMs to server members — for example, to re-engage inactive users. DM outreach is governed by configurable cooldowns, the option to restrict outreach to Favorite Users only, and inactivity thresholds set by the server admin. Server members who do not wish to receive autonomous DMs should contact the server admin to be added to the bot's Ignored Users list, or contact us at support@aurinfer.com.
  • Sentry Background Cycles: Sentry is an advanced autonomous engine that runs background cognitive cycles at configurable intervals (e.g., every 90–195 minutes) to assess server activity and plan responses. During each cycle, Sentry may read a configurable number of recent messages across accessible channels. No data from these cycles is stored or retained.
  • Multi-Bot Coordination: When enabled, multiple AurInfer bots on the same server may share contextual information between themselves to coordinate responses and avoid redundant or looping behavior. This coordination occurs in real-time and no shared context is stored.
  • Mood & Personality State: The Mood System maintains a real-time internal state (happiness, energy, patience, sarcasm levels) for the AI character. This state is held in memory for the duration of the session and is not stored persistently unless Core Memory is enabled.
  • Consent & Admin Control: All Free Will behaviors are entirely within the server admin's control. Admins may restrict autonomous activity to specific channels, block specific users or roles, set daily message limits, configure active hours, and disable Free Will entirely at any time via the dashboard. The server admin's acceptance of AurInfer's Terms and Privacy Policy at bot activation constitutes consent for Free Will behaviors as configured by that admin.
  • No Free Will Data Retention: Messages read during passive monitoring, autonomous decision-making outputs, Sentry cycle data, and multi-bot coordination context are all discarded in real-time. The only exception is if Core Memory is enabled and the character determines an interaction is worth remembering, in which case only an AI-generated summary is retained — not raw message content.

5. Data Sharing & Disclosure

  • We do not sell your personal data.
  • We share data with third-party service providers (including Patreon for payments, ElevenLabs for voice processing, OpenAI for vector embeddings, image generation providers, search API providers, and infrastructure/hosting providers) under strict confidentiality agreements. We use only ZDR-compliant vendors.
  • We may disclose information if required by law, regulation, or valid legal process (such as a court order or subpoena).
  • We may share data where reasonably necessary to protect the rights, property, or safety of AurInfer Labs, our users, or others, or to prevent fraud or abuse.
  • In the event of a merger, acquisition, or asset sale, data may be transferred with appropriate privacy safeguards and notice to users.
  • Aggregated and anonymized data may be used for analytics or research purposes, with no individual identification possible.

6. Data Security & Retention

  • We implement industry-standard security measures including encryption in transit and at rest for all stored data: bot tokens, integration credentials, memory summaries, moderation warning metadata, usage logs, and security identifiers.
  • All integration credentials (Discord bot tokens, Bluesky app passwords, X API keys) are encrypted and accessible only via backend systems — never exposed to the front-end or any third party.
  • Zero Retention After Response: Raw message content, voice audio, tool-processed content, Free Will monitoring data, Sentry cycle data, and all real-time interaction data are permanently discarded immediately after a response is generated and delivered. This is our default behavior across all features unless Core Memory is explicitly enabled.
  • Core Memory Retention: Memory entries follow an exponential decay model based on importance score, time elapsed since last access, and a configured decay rate. Automated cleanup jobs permanently delete non-pinned memories once their decayed importance score falls below the cleanup threshold. Memories pinned by the bot owner or user via the dashboard are exempt from automatic deletion and are retained indefinitely until manually removed.
  • Moderation Warning Metadata: Retained until deleted by the server admin via the dashboard.
  • Usage Logs & Analytics: Retained in a secure environment for platform integrity, abuse prevention, and operational reliability. Retention periods are aligned with their purpose.
  • Security Identifiers: Browser fingerprints (rotated automatically as new ones are generated, with enforcement-related fingerprints retained as necessary), IP addresses, session IDs, and Clerk client/session IDs are retained as described in Section 1 for security and abuse prevention purposes.
  • No internet transmission or storage system is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

7. Your Rights

  • You may request access, rectification, erasure, restriction, data portability, or objection to processing of your personal data via your dashboard or by contacting support@aurinfer.com. Requests will be fulfilled within 90 days (extendable where permitted by law).
  • Core Memory: Opt in or out per character or user via the dashboard. View, export, or delete individual memories filtered by type. Wipe all short-term memories or perform a full reset. Pin memories to exempt them from decay-based deletion. Configure recall parameters (Context Size 1–10, Relevance 0.01–1.0).
  • Moderation: Users may request deletion of their personal warning records. Server admins may enable/disable moderation channels, configure actions, and delete all warning records via the dashboard. Moderation features require Terms and Privacy Policy acceptance.
  • Free Will / Autonomous DMs: Server members who do not wish to receive autonomous DMs from a Free Will-enabled bot should contact the server admin to be added to the Ignored Users list. You may also contact us at support@aurinfer.com to flag concerns about autonomous DM behavior directed at you.
  • Opt out of voice processing via the Ignore List feature, and opt out of marketing communications at any time.
  • Revoke your AurInfer character or deactivate hosted bot instances via the dashboard at any time.
  • You may contact us to object to or request deletion of security identifier data (browser fingerprints, IP logs, session data), subject to our right to retain such data where necessary for security enforcement, abuse prevention, or legal purposes.
  • EU/UK Residents (GDPR): You have the right to lodge a complaint with your local data protection supervisory authority if you believe your rights have been infringed.
  • Data Breach Notification: In the event of a data breach affecting your personal information, AurInfer Labs will notify affected users and relevant supervisory authorities as required by applicable law, including within 72 hours under GDPR where feasible.

8. Server Admin Responsibilities

  • By activating AurInfer in a Discord server, the server admin explicitly accepts AurInfer's Terms of Service, Privacy Policy, and Guidelines via an interactive bot embed/button — on behalf of themselves and all members of their server.
  • Server admins who enable Free Will are responsible for configuring it responsibly — including setting appropriate rate limits, restricting autonomous activity to suitable channels, and deciding whether to enable autonomous DM outreach to server members.
  • Server admins are responsible for configuring moderation channels and actions responsibly, understanding that all messages in selected channels will be processed by AI guardrails when moderation is enabled.
  • Server admins are responsible for managing warning history via the dashboard, including viewing and deleting records for compliance and appeals purposes.
  • Server admins are strongly encouraged to inform their server members about which AurInfer features are active — particularly Free Will, autonomous DMs, Sentry monitoring, and moderation guardrails — so members can make informed decisions about their participation.
  • Server admins are responsible for ensuring that their use of AurInfer bots on their server complies with Discord's Terms of Service, Community Guidelines, and Developer Policy.

9. Children's Privacy

  • Our Services are not intended for children under 13 years of age, or the minimum age of digital consent in their jurisdiction, whichever is higher. We do not knowingly collect personal data from children under 13.
  • If we learn that a child under 13 has provided us with personal information, we will delete that data promptly, including any associated Memory entries and moderation warning records.
  • If you believe a child under 13 has submitted information to us, please contact support@aurinfer.com immediately.

10. Message, Voice & Tool Processing

  • Text Processing: Bot mentions retrieve the last few messages (no older than two weeks) for processing via the AurInfer API. Slash commands process only the user-entered prompt. Message Content intent is enabled only for features that require it, per Discord Developer Policy. If Core Memory is enabled, only AI-generated summaries may be retained — no raw message content is stored outside of the processing window.
  • Voice Processing: When a user requests the AI character to join a voice channel via the VC Presence tool or equivalent, the character processes one speaker's audio at a time via ElevenLabs transcription and generates a synthesized voice response. No audio is stored; all audio data is discarded immediately after playback. If Core Memory is enabled, only AI-generated summaries may be retained — no raw audio or conversation transcripts are stored.
  • Tool Processing: When optional tools are used, relevant data (such as search queries, image prompts, message content, or platform metadata) is processed in real-time to generate a response. No tool-processed data is retained after response delivery unless Core Memory is enabled and the character determines the information warrants storage.
  • DM Tool: The DM User tool allows AI characters to send direct messages to Discord users. DMs via this tool are only sent in response to user-initiated interactions or as part of admin-configured bot behavior in contexts where user consent has been established. We do not use this tool to send unsolicited marketing or promotional messages.
  • Consent Model: For Discord server channels, the server admin provides consent on behalf of all server members by accepting our Terms and Privacy Policy at bot activation. For Discord DMs, consent is provided by the individual user directly. All tool and Free Will usage is subject to the consent framework applicable to the context in which the bot is deployed.

11. International Data Transfers

  • AurInfer Labs operates globally. Data may be processed or stored outside your jurisdiction, including in the United States and the UAE. Specifically, vector embeddings are processed via OpenAI (US) and voice data via ElevenLabs.
  • We rely on appropriate safeguards for cross-border transfers, including standard contractual clauses (SCCs) where required, to ensure compliance with the UAE Personal Data Protection Law (PDPL) and the EU/UK General Data Protection Regulation (GDPR).
  • Legal bases for processing under GDPR and UAE PDPL include:
    • Consent — Core Memory System, Free Will & Sentry activation, optional tool activation, marketing communications
    • Contract performance — Account management, bot hosting, subscription services
    • Legitimate interests — Security, fraud prevention, abuse detection, usage analytics, platform integrity (balanced against user rights)
    • Legal obligation — Compliance with applicable laws, response to valid legal process

12. Changes to This Policy

  • Updates to this Privacy Policy will be posted at aurinfer.com/privacy with a revised "Last updated" date.
  • For material changes, we will make reasonable efforts to notify users via email or an in-platform notification before changes take effect.
  • Continued use of the Services after updates are posted constitutes acceptance of the revised Privacy Policy. We encourage periodic review.

13. Contact & Data Protection

For questions about this Privacy Policy, to exercise your data rights, or to raise a data protection concern, please contact us at: support@aurinfer.com.

For data protection matters specifically — including GDPR or UAE PDPL inquiries — you may direct your request to the same address, marked "Data Protection Inquiry." We will respond within the timeframes required by applicable law.

1. Scope & Introduction. AurInfer Labs ("AurInfer Labs," "we," "us," or "our") provides AI-powered character creation and bot management tools for Discord, Bluesky, X (Twitter), Minecraft, the website www.aurinfer.com, and related platforms (collectively, the "Services"). This Detailed Privacy Policy supplements the summary sections above and governs all data processing activities associated with the Services. By accessing or using the Services, you acknowledge that you have read, understood, and agree to the practices described herein.

2. Data We Collect & Why. We collect personal information including name, email address, Discord ID, and other platform identifiers at account creation. We maintain server admin and user consent records — including Discord IDs, server IDs, timestamps, and consent version numbers — to document lawful bases for data processing. We collect and retain usage logs, analytics, and interaction data in a secure environment for platform integrity, security enforcement, and operational reliability. Payment data is processed by third-party providers such as Patreon; we do not store sensitive payment details. We collect and retain essential security identifiers — including cookies, session identifiers, IP addresses, Clerk client/session IDs, and browser/device fingerprints generated using FingerprintJS-compatible technology — for account protection, abuse detection, ban enforcement, spam prevention, fraud detection, and platform security. Browser fingerprints are rotated automatically as new ones are generated; fingerprints associated with active bans, abuse investigations, or security enforcement may be retained for as long as necessary for those purposes. Security identifiers are not used for advertising, cross-site marketing, or selling user data.

3. Core Memory System. With explicit dashboard consent, the Core Memory System processes messages to generate layered memories: short-term (~5–50 messages, minutes to hours), working memory (hours to days), and long-term/episodic/semantic memories (weeks to indefinite, subject to exponential decay). Memory entries include AI-generated summaries, vector embeddings, importance scores (0–1), timestamps, tags, and metadata. Raw messages are permanently deleted immediately after AI processing. Cleanup jobs run periodically and permanently delete all non-pinned memory entries whose decayed importance score has fallen below the configured cleanup threshold. The decay formula accounts for the entry's importance score, time elapsed since last access, and a configured decay rate. Memories pinned by the bot owner or user via the dashboard are exempt from automatic decay-based deletion and are retained indefinitely until manually removed by the owner or user. All memory data is used solely to provide contextual recall within character interactions and is never used for AI model training, analytics, or any other purpose.

4. Zero Retention by Default. Outside of the Core Memory System, usage logs, moderation metadata, integration credentials, and security identifiers, AurInfer Labs retains no user data. Raw message content, voice audio, tool-processed content, Free Will monitoring data, Sentry cycle outputs, search queries, image prompts, and all real-time interaction data are permanently discarded immediately after a response is generated and delivered. This zero-retention default applies across all features and all connected platforms unless an explicit exception applies as described in this Policy.

5. No AI Training — Ever. Your conversations, messages, voice interactions, memory data, tool usage, Free Will activity, and any other content generated through the Services are never used to train, fine-tune, evaluate, or improve any AI model — by AurInfer Labs or any third party. AurInfer Labs does not own or operate any AI models and has no plans to develop proprietary AI models. All AI capabilities are provided by third-party ZDR-compliant model providers. We exclusively use Zero Data Retention (ZDR)-compliant vendors for all AI model calls, tool integrations, and data processing wherever technically available, meaning our AI providers do not retain your data for model training purposes either. Memory data stored via the Core Memory System is used exclusively for contextual recall and is not shared with, transmitted to, or used by any AI training pipeline.

6. Free Will & Sentry Autonomous System. Free Will is an optional Discord-specific feature that allows the AI character to act autonomously within a server — initiating conversations, reacting to messages, reviving inactive channels, sending voice messages, and reaching out to users via DM — without being directly mentioned. It is disabled by default and must be explicitly enabled by a server admin via the AurInfer dashboard. When Free Will is active, the bot may: (a) passively read recent messages in accessible channels (up to a server-admin-configured Fetch Depth) solely to assess context for real-time autonomous decision-making; (b) post standalone messages, replies, or reactions in channels where roaming is permitted; (c) send autonomous DMs to server members if the Direct Messages toggle is enabled by the server admin; and (d) run Sentry background cognitive cycles at configurable intervals to monitor server activity and plan responses. The Sentry subsystem may read a configurable number of recent messages per cycle for context assessment. Where Multi-Bot Coordination is enabled, multiple AurInfer bots may exchange contextual information in real-time to coordinate behavior. All data processed during Free Will and Sentry operations is discarded immediately after each decision cycle. No messages read, reactions assessed, or coordination data exchanged during autonomous operations are stored — the only exception being Core Memory summaries if that feature is separately enabled. Autonomous DM outreach by Free Will is governed by cooldowns, inactivity thresholds, and the optional "Favorites Only" restriction, all configured by the server admin. Server members who do not wish to receive autonomous DMs may request the server admin to add them to the Ignored Users list or contact us directly at support@aurinfer.com. The server admin's acceptance of AurInfer's Terms of Service and Privacy Policy at bot activation constitutes consent for all Free Will behaviors as configured by that admin on behalf of their server. Admins are responsible for ensuring Free Will configuration is appropriate for their community and for informing members of its use.

7. Tool Suite & Third-Party Data Flows. AurInfer offers a suite of optional tools that may be enabled per character. When active, these tools process relevant data in real-time — for example, Web Search and Web Scraper tools send queries to third-party search and web providers; Image Generation tools send prompts to image AI providers; the Minecraft tool facilitates autonomous server connection and in-game interaction; the Twitter/X tool enables cross-platform posting and interaction; the DM User tool enables the character to send direct messages to Discord users in response to user-initiated interactions only; the VC Presence tool enables the character to join and leave voice channels on request. All tool-processed data is discarded after response delivery unless Core Memory is active. Tool-specific third-party providers operate under their own privacy policies. We use ZDR-compliant vendors wherever available.

8. Voice Chat Processing. When a user requests the AI character to join a voice channel via the VC Presence tool or equivalent invocation, the character processes one speaker's audio in real-time — transcribing via ElevenLabs and generating a synthesized voice response using a custom ElevenLabs voice. No audio recordings are retained; all audio is permanently discarded after response playback. ElevenLabs processes audio data under their own privacy policy. If Core Memory is enabled, only AI-generated summaries of voice interactions may be stored — no raw audio or verbatim transcripts are retained.

9. Moderation Guardrails. The Moderation Guardrail feature is disabled by default and operates only when explicitly enabled by a server admin who has accepted our Terms and Privacy Policy. When enabled, all messages in configured moderation channels are processed by AI guardrails in real-time to evaluate compliance with server rules. No message content is stored. Detected violations escalate to the character AI for enforcement of admin-configured actions (delete, warn, timeout, kick, or ban). Warning history stores metadata only: user ID, violation category, action taken, and timestamp — used strictly for repeat-offender evaluation. Server admins manage and delete warning records via the dashboard. AurInfer Labs is not liable for enforcement actions taken by the moderation system based on admin-configured rules.

10. Integration Credentials. Discord bot tokens, Bluesky application passwords, and X API credentials provided by users are stored in an encrypted, secure backend environment. These credentials are used exclusively to host and operate the user's configured bot instance. They are never exposed to the front-end, shared with third parties, or used for any purpose other than operating the bot instance as configured by the user. Users may revoke or update their credentials at any time via the dashboard.

11. Consent Framework. For Discord server deployments, the server admin provides consent on behalf of themselves and all server members by accepting AurInfer's Terms of Service and Privacy Policy at bot activation via an interactive embed/button. This consent covers all features the admin subsequently enables — including Free Will, Sentry, Moderation Guardrails, and tool usage. For Discord DMs, consent is provided by the individual user at the start of their interaction. For optional features such as Core Memory, separate explicit opt-in consent is required from the relevant admin or user. All consent records are logged with timestamps and consent version numbers.

12. Data Sharing & Third-Party Providers. We do not sell personal data. We share data with third-party providers — including Patreon (payments), ElevenLabs (voice), OpenAI (vector embeddings), image generation providers, search API providers, and infrastructure/hosting providers — under strict confidentiality agreements and, where applicable, data processing agreements. We use ZDR-compliant vendors for all AI-related processing wherever technically available. Legal disclosures are made only as required by applicable law or valid legal process. In the event of a merger, acquisition, or asset sale, data may be transferred with appropriate privacy safeguards and advance notice to users where feasible.

13. Data Security. AurInfer Labs implements industry-standard security measures including encryption in transit (TLS) and at rest for all retained data — including integration credentials, memory summaries, moderation metadata, usage logs, and security identifiers. All credential data is stored in backend-only systems, never accessible from the front-end. Despite these safeguards, no data transmission or storage system is fully secure. Users are responsible for protecting their account credentials and notifying us promptly of any suspected unauthorized access.

14. Data Breach Notification. In the event of a personal data breach, AurInfer Labs will assess the risk to affected individuals and, where required by applicable law, notify affected users and relevant supervisory authorities within the legally mandated timeframes — including within 72 hours under GDPR where feasible. Notifications will include the nature of the breach, categories and approximate number of individuals affected, likely consequences, and measures taken or proposed to address the breach.

15. Your Rights & Data Subject Requests. Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, port, or object to the processing of your personal data. You may also have the right to withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal. Requests may be submitted via your dashboard or to support@aurinfer.com and will be fulfilled within 90 days, extendable where permitted by law. EU and UK residents have the right to lodge a complaint with their local data protection supervisory authority. You may contact us to object to or request deletion of security identifier data, subject to our right to retain such data where necessary for security enforcement, abuse prevention, or legal claims. Server members seeking to opt out of autonomous DM outreach from Free Will-enabled bots should contact their server admin or reach us directly at support@aurinfer.com.

16. Children's Privacy. The Services are not directed at children under 13 years of age or the minimum age of digital consent in their jurisdiction, whichever is higher. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal information, we will delete it promptly including any associated memory or moderation records. Parents or guardians who believe their child has submitted information to us should contact support@aurinfer.com immediately.

17. International Data Transfers & Legal Bases. AurInfer Labs operates globally. Data may be processed in the United States (OpenAI, ElevenLabs, hosting providers) and the UAE. We rely on standard contractual clauses (SCCs) and other appropriate safeguards for cross-border transfers under GDPR and the UAE PDPL. Legal bases for processing include: consent (Core Memory, Free Will & Sentry activation, optional features, marketing); contract performance (account management, bot hosting, subscriptions); legitimate interests (security, fraud prevention, abuse detection, platform integrity — balanced against the rights and interests of users); and legal obligation (compliance with applicable law and valid legal process).

18. Governing Law & Supervisory Authority. This Privacy Policy is governed by the laws of Dubai, United Arab Emirates, consistent with our Terms of Service. Nothing in this section overrides any mandatory data protection rights you may hold under the laws of your jurisdiction, including GDPR rights for EU/UK residents. For data protection inquiries, contact support@aurinfer.com marked "Data Protection Inquiry."

19. Changes to This Policy. We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. Updates will be posted at aurinfer.com/privacy with a revised "Last updated" date. For material changes, we will make reasonable efforts to notify users via email or in-platform notification before changes take effect. Continued use of the Services after updates constitutes acceptance of the revised Policy.

20. Contact. For questions, data subject requests, or data protection concerns, contact AurInfer Labs at support@aurinfer.com. For GDPR or UAE PDPL inquiries specifically, mark your message "Data Protection Inquiry" and we will respond within the timeframes required by applicable law.