Slothy

> PRIVACY

Privacy Policy

This policy explains how Slothy (the “Service”) handles users’ personal information.

Last updated: June 15, 2026

Article 1 (Information we collect)

The Service collects the following information in the course of providing it:

  1. Account information such as your email address registered at sign-up.
  2. API keys you register (App Store Connect Issuer ID, Key ID, .p8 private key, and OpenAI API key). Secret values are encrypted with AES-256-GCM and stored securely.
  3. App data, screenshot projects, metadata, and other content you create or load in the Service.
  4. Payment-related information processed for paid plans (handled by our payment provider).
  5. Content of inquiries you send through the in-app support chat.
  6. Access logs and usage data such as IP address, browser type, and operation history collected automatically.

Article 2 (Purpose of use)

We use the information collected for the following purposes:

  1. To provide, operate, and maintain the Service.
  2. To run actions on your behalf via your API keys, such as generating content and pushing it to the App Store.
  3. To process payments and manage plans.
  4. To respond to inquiries and provide support.
  5. To detect and prevent unauthorized use, and to improve the Service.

Article 3 (Handling of API keys)

  1. API keys are used solely to operate the Service on your behalf and are not used for any other purpose.
  2. AI generation runs on your own OpenAI account; the content you send to OpenAI is governed by OpenAI’s policies.
  3. You can delete your registered keys at any time from Settings.

Article 4 (Third-party services)

The Service relies on the following categories of external service providers; information necessary for the Service may be provided to them within the required scope:

  1. App store platform operator — to read and push app information to the App Store.
  2. AI service provider — for AI generation.
  3. Cloud infrastructure provider — for authentication and data storage.
  4. Payment processor — for payment processing.

Article 5 (Provision to third parties)

  1. We do not provide personal information to third parties without the user’s consent, except as permitted by law or as set out in Article 4.

Article 6 (Security management)

  1. We take reasonable and appropriate measures to prevent leakage, loss, or damage of the information we hold and otherwise manage it securely. In particular, secret values such as API keys are encrypted before being stored.

Article 7 (Disclosure, correction, and deletion)

  1. Users may request disclosure, correction, or deletion of their personal information. We respond within a reasonable period after confirming the request is from the person themselves.
  2. When you delete your account, we delete or anonymize the associated information except where retention is required by law.

Article 8 (Cookies)

  1. The Service uses cookies and similar technologies to maintain login sessions and improve the Service. You can disable them in your browser settings, but some features may then be unavailable.

Article 9 (Changes to this policy)

  1. We may revise this policy as needed. The revised policy takes effect when posted on the Service.

Article 10 (Contact)

  1. For inquiries about the handling of personal information, please contact us through the in-app support chat.