Group messages
Soor may inspect messages Telegram delivers to the bot, including text, repeated messages, spam signals, links, and supported media metadata.
Privacy and retention
Operational notes for Soor Telegram moderation.
These notes explain what Soor may process during moderation. They are public product guidance, not a finalized legal privacy policy.
What Soor may process
Moderation requires some content to be touched by scanner paths.
Temporary media downloads
Scanner paths may temporarily download or process photos, images, videos, GIFs, animations, or video notes where supported so the content can be evaluated.
Private review submissions
In controlled private pre-scan, users may send supported links or media privately to the bot so Soor can decide whether to approve or reject the item.
Approval tokens and fingerprints
Controlled approvals can use short-lived tokens, content identity, or fingerprints to check whether a later group post matches the approved user, group, and content.
Moderator-safe reports
Where implemented, Soor can create redacted or blurred evidence for admins so review context is available without reposting raw unsafe media publicly.
يعرض سور للمشرفين تقارير أوضح وأكثر أمانًا، مع حجب أو تمويه الصور المخالفة قدر الإمكان بدل عرض المحتوى المخالف بشكل مباشر. أما الألفاظ المسيئة أو النصوص المخالفة فيمكن عرضها للمراجعة بصيغة نصية واضحة أو محجوبة حسب الحاجة.
Profile-photo checks
Profile-photo safety scanning exists when enabled, is report-first and admin-facing, and requires the profile photo to be available to the bot through Telegram.
Retention and cleanup
Soor should be described as temporary processing, not zero processing.
Soor is not intended to be a public raw-media archive. Scanner paths may temporarily touch media, and Controlled private pre-scan approval allowances are designed around short-lived review windows rather than permanent approval reuse.
Expired, wrong-user, wrong-group, wrong-content, and reused approvals should not be treated as valid posting permission. Those cases are sent back to private review.
Exact retention can depend on the deployed configuration and feature path. Public copy should avoid claiming that legal/privacy policy work is finalized.
Profile-photo scanning limits
Profile-photo checks are bounded by Telegram behavior.
Trigger and scope
Profile-photo safety scanning exists when enabled. It should be explained as a report-first, admin-facing safety signal rather than an automatic enforcement promise.
Platform limitation
Soor can only scan profile photos Telegram makes available to the bot. Private, missing, restricted, or otherwise unavailable profile images may not be scannable.
No auto-ban claim
The public site should not say profile-photo scanning automatically bans users or is configured per group by admins.
يمكن فحص صورة الحساب التي تتضمن محتوى خادش عند تفعيل الميزة وعندما تكون الصورة متاحة للبوت. هذه الميزة ليست حظرا تلقائيا للمستخدمين.
What not to assume
Privacy claims need to be precise.
Do not assume or claim "no data ever" because scanner paths may need temporary processing.
Do not claim perfect privacy or perfect detection. False positives and false negatives are possible.
Do not claim all media is never touched. Some supported media may be downloaded or processed for scanning.
Do not claim every profile photo is scanned. Telegram must expose the photo to the bot.
Admin trust