Developer Privacy Policy

Last updated: March 28, 2026

1. Overview

This policy describes how Sloxly collects, uses, and protects information related to developer accounts and API usage.

2. Information We Collect

2.1 Account Information

• Name, email address, username (from your Sloxly user account)
• Google OAuth profile data (if used for authentication)
• Developer profile settings and preferences

2.2 Project & API Data

• Project names, descriptions, and branding assets
• OAuth client credentials (Client ID, hashed Client Secret)
• Captcha site keys and configuration
• Registered redirect URIs and domains

2.3 Usage & Analytics

• API request counts, timestamps, and response codes
• OAuth authorization and token exchange logs
• Captcha verification counts and success/failure rates
• IP addresses of API requests

3. How We Use Information

• Service Delivery: Process API requests, manage OAuth flows, verify captcha challenges
• Security: Detect abuse, enforce rate limits, prevent credential compromise
• Analytics: Provide you with usage dashboards and insights
• Communication: Notify about API changes, security issues, or account matters

4. Data Sharing

• We do not share developer data with third parties for marketing.
• API logs may be shared with law enforcement when legally required.
• Aggregate, anonymized usage statistics may be published.

5. Data Retention

• Account data: Retained while developer account is active
• API request logs: 90 days rolling retention
• OAuth authorization logs: 90 days
• After account deletion: All data purged within 30 days

6. Security

Client secrets are hashed before storage. API keys use secure random generation. All API communications use TLS/SSL encryption.

7. Contact

Privacy inquiries: developer@sloxly.com