privacy policy
Last updated: 1 July 2026
What we store
- A pairwise anonymous user id from shoo. Sign-in is Google via shoo; we never see your email, name, or Google account.
- Your balance and a request/payment ledger: timestamps, token counts, and costs. Not your prompts or the model's responses — we don't store request or response content.
- Hashes of your API keys (never the keys themselves) and their names.
- Top-up records: MyPayIndia order/transaction ids and amounts. Payment details (cards, UPI) stay with MyPayIndia.
Who touches your data
- shoo — authentication.
- Cloudflare — hosting and storage; everything above lives there.
- OpenRouter and Anthropic — your prompts are sent to them to serve each request (Anthropic also counts tokens for billing). We attach only your anonymous user id.
- MyPayIndia — payments.
Retention
The ledger keeps your latest 500 entries. Sessions expire after 7 days. Everything else is kept while your account exists.
Deleting your account
You can delete your account right here: it erases your balance (forfeited), API keys, ledger, and payment records immediately and irreversibly. You need to be signed in for this to work.
Everything else
To exercise any other right (access, correction, complaints), email privacy@shro.me. Since we only hold an anonymous id, include details that let us find your account (key prefix, top-up transaction id).