Privacy Policy
On this page
01 Overview
ThreatScope is a Telegram bot that checks links and files against VirusTotal's threat-intelligence engines and reports back a verdict inside your chat. This policy explains what data the bot sees, what gets stored, and what your options are.
The short version: we keep enough to make the bot work, show you your own scan history, and prevent abuse of a shared, rate-limited API quota — nothing more. You can permanently delete your data at any time with /deletemydata.
02 Data we collect
When you interact with the bot, we collect:
- Telegram identity — your numeric user ID, username, first/last name, and language code, as provided by Telegram itself. We don't collect your phone number or email; Telegram doesn't give bots access to those.
- Chat metadata — the chat ID and chat type (private, group, or supergroup) a scan was requested in.
- Scan targets — the URL you sent, or the file hash of a file you sent (see below — we don't keep the file itself).
- Scan results — the verdict VirusTotal returned (malicious/suspicious/harmless/undetected counts, and a link to the full VirusTotal report).
- Usage events — which commands you used (e.g.
/start,/help,/mystats) for basic usage counting, not content analysis.
03 What happens to what you scan
This is the part most people actually want to know:
- URLs are submitted directly to VirusTotal's public API for analysis. VirusTotal — not us — is the party actually scanning the link.
- Files are hashed and uploaded to VirusTotal for analysis. We do not retain the file itself on our servers after the scan completes — only the file's hash (a fixed-length fingerprint, not the file content) and the resulting verdict are stored.
- We do not read, log, or analyze the contents of files or the destination pages of URLs ourselves — that analysis is entirely VirusTotal's engines, not something we run.
Submitting a URL or file to VirusTotal makes it visible within VirusTotal's own systems, subject to VirusTotal's Privacy Policy. Avoid scanning links or files containing sensitive personal information you wouldn't want indexed by a third-party threat-intelligence platform.
04 Where your data is stored
| Data | Storage | Purpose |
|---|---|---|
| Scan history, Telegram identity, account records | Postgres (Neon) | Durable history, /mystats, account deletion |
| Rate-limit counters, language preference, active-scan locks, cached verdicts | Redis | Short-lived operational state — most keys expire automatically |
Cached verdicts (so re-scanning the same URL twice doesn't waste API quota) expire automatically after a set period rather than being kept indefinitely.
05 Third parties involved
- Telegram — the messaging platform the bot runs on. Telegram's own Privacy Policy governs what Telegram itself collects.
- VirusTotal — the threat-intelligence provider that actually performs the scan of any URL or file you submit. See their Privacy Policy.
We do not sell, rent, or share your data with advertisers, data brokers, or any party outside of what's needed to run the scan itself.
06 Data retention
Scan history and account records are kept until you request deletion via /deletemydata, or indefinitely otherwise — there's currently no automatic expiry on durable Postgres records, since scan history is what powers /mystats and the flagged-targets view. Operational Redis data (rate limits, caches, active-scan locks) expires automatically on its own, independent of any action from you.
07 Your rights & deleting your data
You can permanently delete everything ThreatScope holds about you at any time by sending /deletemydata to the bot and confirming. This:
- Cancels any scan currently in progress for you
- Permanently removes your scan history, account record, and identity data from Postgres
- Clears your saved language preference from Redis
- Records a one-way, salted hash as internal proof a deletion happened — this hash cannot be reversed back into your Telegram user ID
This action is immediate and cannot be undone. There's no way for us to restore your history after deletion, by design.
08 Group chats
In group and supergroup chats, ThreatScope only responds to messages clearly directed at it — commands, files, detected URLs, or an explicit @mention/reply. It stays silent on unrelated group conversation and does not log or analyze messages that aren't a scan request.
09 The admin dashboard
ThreatScope's operator has access to a private, key-protected dashboard showing aggregate scan volume, flagged targets, and per-chat activity, for the purpose of monitoring abuse and API quota usage. This dashboard is not publicly accessible and is protected by a secret key with brute-force lockout protection.
10 Security measures
- All traffic to the bot and dashboard is encrypted in transit (HTTPS/TLS)
- Incoming Telegram webhook requests are cryptographically verified before being processed
- Secrets (API keys, tokens, database credentials) are stored in a managed secret store, never in plain configuration files
- The account-deletion proof is a salted hash, not a reversible identifier
11 Changes to this policy
If this policy changes materially, we'll update the "Last updated" date at the top of this page. Continued use of the bot after a change constitutes acceptance of the updated policy.
Questions about your data?
Message the bot directly — it's the fastest way to reach the person running it.