Privacy Policy

Last Updated: November 13, 2025

1. Introduction

Welcome to Cockatoo. This privacy policy applies to Cockatoo Core, a proprietary Discord bot that uses real-time neural networks and machine learning to categorize threats. This policy explains what data we collect and how we use it.

2. Information We Collect

Cockatoo Core collects the following types of data for caching and publishing on GitHub:

  • URLs - Web links seen by the bot are collected, SHA-256 hashed, and analyzed for threat detection
  • Discord Invites - Discord server invite links are cryptographically hashed using Argon2id to ensure they are entirely irreversible, and then collected to compare against other hashes
  • File Hashes - Cryptographic hashes of files are collected for malware detection

Important: All data is collected anonymously and does not contain any personal information. This data does not legally fall under GDPR or its European equivalent as no personally identifiable information is collected.

Additionally, the Cockatoo website and API services may automatically collect technical information such as IP addresses, user agents, request timestamps, and related metadata solely for the purposes of monitoring abuse, preventing fraud, ensuring service security, and enforcing rate limits. This data is retained only as long as necessary for these purposes (typically no longer than 30 days) and is not used for analytics, marketing, or any other non-security-related function.

Information We Do Not Collect

Cockatoo Core does not collect any personally identifiable information (PII) such as:

  • Usernames/ID - We do not log or link a specific URL, invite, or file hash to any user.
  • Message content - We do not log or store the content of messages sent in Discord. Only relevant URLs, invites, or file hashes are processed. All other content are promptly discarded after isolating the content of interest.

3. How We Use Your Information

The collected data (URLs, Discord invites, and file hashes) is used for the following purposes:

  • To detect and categorize threats in real time using neural networks and machine learning
  • To cache threat information for faster response times
  • To publish anonymized threat datasets on GitHub for use by Cockatoo Edge and the general public
  • To improve our threat detection algorithms and models
  • To maintain and enhance the bot's security capabilities

4. How Data May Be Shared

We do not sell, trade, or rent any of the data we process to third parties. However, we may share information in the following limited circumstances:

  • Public Threat Dataset: As part of our mission to improve global cybersecurity, we publish anonymized threat data (such as URLs, Discord invite hashes, and file hashes) to our public GitHub data dump. This data is entirely stripped of context and cannot be traced back to any user or server.
  • Service Providers: We do not rely on any third-party service providers upkeep our bot, which means we never transmit any data to any third-party service providers.

5. Data Security

We implement appropriate security measures to protect the collected data. The data we collect (URLs, Discord invites, and file hashes) is anonymized and does not contain personal information.

6. Data Retention

Collected threat data is retained indefinitely for security purposes and to maintain the integrity of our public dataset. This data is anonymized and used solely for threat detection and prevention.

7. Your Rights

Since we do not collect personally identifiable information, we are technically unable to honor traditional data protection rights (such as access, correction, or erasure requests). The data we collect consists only of anonymized URLs, Discord invites, and file hashes. No personal information such as your messages or user ID is collected, stored, or linked to the data we use for threat detection. If you have any questions or concerns about our data collection practices, please contact us using the information provided in the "Contact Us" section below.

8. Cookies

Our website may use cookies to enhance user experience. Users may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the site may not function properly.

9. Third-Party Links

Our website may contain links to third-party websites. We have no control over the content and practices of these sites and cannot accept responsibility or liability for their respective privacy policies.

10. Children's Privacy

Our service does not collect personal information. The data we collect (URLs, Discord invites, and file hashes) is anonymized and does not contain any information that would identify children or any other individuals.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us through our website contact form or by emailing [email protected].

Back to Home