Privacy for a control layer, not a data lake.

This Privacy Policy explains how Shutapp handles personal information when you visit our website, generate an API key, use the API, use the SDK, receive receipts, contact us, or buy a paid plan.

It applies to Shutapp as the service provider. It does not cover your own application, your model provider, your customers, or any third-party service you connect to Shutapp.

We write this in plain language on purpose. Privacy terms should be readable by the people who build, operate, and audit the system.

Account and contact data: email address, name if you provide it, company name, plan, billing contact, support messages, and sales or procurement details.

API data: the prompts, model outputs, or other text you choose to send to Shutapp for scanning or rescanning, plus the API key identifier, timestamps, policy version, decision, usage counters, latency, and receipt identifiers.

Receipt data: signed proof records that may include safe proof fields, policy metadata, timestamps, decision details, and signatures. Receipts are designed to show what was shut, restored, allowed, or capped.

Security and operations data: IP address, user agent, logs, rate-limit events, abuse signals, errors, diagnostics, and system events needed to keep the service reliable and secure.

Payment data: plan, invoices, payment status, and billing metadata. Payment card details are handled by our payment processor, not by Shutapp directly.

We do not need your LLM provider key. Your application should keep calling your model provider directly with your own key.

We do not need a copy of your full database, source code, customer list, or internal documents to provide the core service.

We do not need to train on your prompts to provide scanning, rescanning, receipts, usage limits, or the guarantee process. The product is designed to work as a control layer, not as a data harvest.

For system-prompt leakage detection, Shutapp can work with fingerprints or digests instead of storing the raw system prompt as plain text. The goal is to detect leakage without turning your hidden instructions into stored content.

We use information to provide the service: scan text, rescan output, apply policy, enforce usage limits, generate receipts, detect abuse, debug errors, and keep the API available.

We use account, billing, and support information to manage plans, answer questions, send operational messages, handle invoices, and help you use the product.

We use security and operations data to protect Shutapp, investigate abuse, prevent fraud, enforce limits, and understand reliability issues.

We may use aggregated or de-identified information to improve the product, publish high-level reliability or evaluation information, and understand how the service is used. We do not use that to identify a specific customer.

We share information with service providers that help us run Shutapp, such as hosting, logging, analytics, payment, support, email, and security tools. They are allowed to use it only to provide services to us.

We may share information if required by law, legal process, or a valid government request. If we can legally notify you, we will try to do so before disclosing customer content.

We may share information to protect rights, safety, and security, including investigating abuse, preventing fraud, or responding to security incidents.

If Shutapp is involved in a merger, acquisition, financing, or sale of assets, information may transfer as part of that transaction. The receiving party must honor the commitments that apply to the information.

We do not sell personal information. We do not sell API content. We do not sell receipts.

We keep information only as long as we need it for the service, security, billing, compliance, legal obligations, dispute handling, or the guarantee process.

Operational logs are kept for a limited period unless they are needed to investigate abuse, debug an incident, support a customer, or meet a legal or compliance requirement.

Receipts are proof records. Customers may keep them under their own compliance rules. Shutapp may keep receipt metadata as needed for verification, audit support, billing, security, and guarantee claims.

When information is no longer needed, we delete it or de-identify it unless the law requires us to keep it longer.

We use technical and organizational safeguards designed to protect information from unauthorized access, loss, misuse, and disclosure.

No internet service can promise perfect security. We build for least privilege, narrow data access, logging, signed receipts, and clear operational boundaries because those are the controls that matter when something goes wrong.

If you believe you found a vulnerability, email security@shutapp.world with a safe proof of concept and enough detail for us to reproduce it.

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information.

You can ask us to update or delete account and contact information. Some records may need to be kept for security, billing, legal, compliance, or guarantee reasons.

If you are an end user of a customer application that uses Shutapp, contact that application owner first. We process API data for the customer that sent it to us.

The website may use cookies or similar technologies for basic site operation, session handling, analytics, abuse prevention, and product measurement.

You can control cookies through your browser settings. Some parts of the site or product may not work correctly if required cookies are blocked.

Shutapp may process information in countries other than the one where you live or where your company is based.

When required, we use appropriate safeguards for international transfers, such as contractual protections or other lawful transfer mechanisms.

Shutapp is not directed to children. Do not use Shutapp to knowingly collect personal information from children unless you have the legal right and controls required to do so.

If you believe a child provided personal information to Shutapp directly, contact us and we will review it.

We may update this Privacy Policy as the product, law, or our operations change. The updated date on this page tells you when this version changed.

If a change materially affects paid customers, we will use a reasonable channel to make it visible before it matters.

For privacy questions, deletion requests, or data handling questions, email privacy@shutapp.world.

If you are contacting us about a specific receipt or account, include the receipt ID or account email so we can find the right record.