Privacy Policy

Last Updated: July 2026

Pensira is committed to transparency about how your data is handled.

1. Local-First Scanning, Two Minimal Online Lookups

The vast majority of scanning happens entirely on Pensira's own server โ€” your file, image, and text content is never sent to a third-party service (no VirusTotal, no OpenAI, no Google, no external API of any kind). All content detection (malware signatures, phishing/adult-site blocklists, PII/secrets scanning, image classification, QR code decoding, etc.) happens locally using signature matching, statistical heuristics, and machine learning models that run directly on the bot's own hardware.

Deep Check (not Quick Scan) additionally sends the bare domain name โ€” never the full URL, message content, or any file โ€” of links you scan to two free, no-account-required threat-reputation services, to check if the domain is already known-malicious:

Both services only ever receive a domain name (e.g. example.com), never your message content, files, or full URLs with query parameters.

2. Message Parsing & Zero-Download Architecture

To protect communities from hyperlink masking and hidden threats, the bot requires permission to access the specific message you invoke it on.

User App Privacy Win: Because Pensira is a User-Installable App, it physically does not have the ability to read or monitor chat messages in the background (no Auto-Mod). It can only read a message when you explicitly right-click it and select Apps โ†’ Quick Scan / Deep Check, or when you use a slash command.

Zero-Logging Guarantee: The bot does not log, store, or archive any user conversations.

Scope of Scanning: The bot extracts and analyzes URLs, text, and attachments purely in-memory. No files or images are ever written to the server's hard drive. Once a scan completes, all message and attachment data is immediately discarded from memory.

3. Data We Store

The only data Pensira stores in its own database:

DataPurposeStored As
Discord User IDXP, badges, referral trackingPlain integer
Scan timestampsRate limiting, cooldownsUnix timestamps
Cyber XP & BadgesGamificationPlain integers/JSON
Referral linksReferral trackingUser ID pairs

We never store: message content, usernames, server IDs, file content, or link URLs beyond what is briefly needed in-memory to perform the scan.

Note: Pensira previously supported donating personal API keys to a community pool for legacy third-party integrations. That feature has been discontinued โ€” no external API keys are collected, transmitted, or stored going forward.

4. Data Deletion

You may delete all your stored data (profile, XP, badges, and referral history) at any time via /settings โ†’ Erase My Data. This action is immediate and permanent.

5. About This Dashboard

The stats shown on this dashboard are aggregate, anonymous totals only (total scans, community-wide XP, threat-category counts). No individual user data, Discord IDs, or message content is ever displayed here. Feedback submitted via the Feedback form is forwarded to a private Discord channel and is not linked to your Discord account.