Privacy Policy
The short version
Slash Command is local-first. Your commands, snippets, and clipboard history live on your Mac. We don't collect or store their contents on our servers, and we don't use them to train AI models — the one exception is AI commands, which you trigger deliberately (see Section 3). Otherwise we collect only privacy-friendly website analytics and, if you leave it enabled, de-identified crash reports to fix bugs.
This Privacy Policy explains how Choop Labs LLC, a Delaware limited liability company ("Choop Labs," "we," "us"), the maker of the Slash Command application and website (together, the "Service"), handles information. It is a disclosure, not a contract; your use of the Service is governed by our Terms of Service. For the limited personal data described here, Choop Labs is the data controller.
1. Our core principle: local-first
Slash Command runs on your Mac and stores your data — your commands, snippets, expansion settings, and clipboard history — locally on your device. We designed the app so that the contents of what you type, expand, and copy stay on your machine.
Outside of actions you explicitly take — like running an AI command, described in Section 3 — we do not collect, transmit, store, or log:
- The text inside your commands, snippets, or expansions
- Your clipboard history or its contents
- Your keystrokes or the text in the apps you use
2. Information we do collect
Website analytics
Our website uses Vercel Web Analytics, a privacy-friendly analytics tool that does not use cookies and does not build a profile of you. It records aggregate events such as page views and download-button clicks so we can understand what's useful, and is designed not to identify you individually.
Downloads
App downloads are served through GitHub Releases. When you download the app, GitHub may process standard request information (such as IP address and user agent) under GitHub's own privacy practices.
Diagnostic & crash reports
To find and fix bugs, the app may send de-identified diagnostic and crash reports through Sentry. These reports contain technical information such as the error, a stack trace, the app version, and your macOS version, and may include limited identifiers such as an IP address. They are scrubbed of your command and clipboard contents before being sent. Where the app offers a setting to disable crash reporting, disabling it stops these reports.
Support
If you email support@slashcommand.app, we receive the information you choose to share (your email address and message) and use it only to respond to you.
3. AI commands
When you run an AI command, only the specific text you run that command on (together with any instructions contained in the command itself) is sent to an AI provider to generate a result. We do not send your other commands, clipboard, or app contents.
- Your own API key (free): if you bring your own key, requests go directly from your Mac to that provider (e.g. Anthropic, OpenAI, Google, Groq, OpenRouter) under their terms. Your key and those requests are not sent to us.
- Built-in AI (paid plans, when available): requests are routed through our managed proxy solely to fulfill the command, and we will require our AI provider not to use your inputs or outputs to train models.
4. Accounts, sync & encryption
Today, Slash Command works with no account and no sign-up. If and when we introduce optional accounts and cross-device sync, your synced data will be end-to-end encrypted, meaning it is encrypted on your device with keys we cannot read, so we cannot see your command or clipboard contents even though they sync between your devices. We will update this policy before those features launch.
5. Payments
Slash Command currently has no paid plans live. When paid plans (Pro and Max) become available, payments will be processed by Lemon Squeezy as our Merchant of Record. Lemon Squeezy collects and processes your payment and billing information under its own privacy policy; we do not receive or store your full payment card details. We receive limited order information (such as your email, plan, and country) needed to provide and support your subscription.
6. System permissions
To detect your trigger and insert text in other apps, macOS requires you to grant Accessibility (and possibly Input Monitoring) permission. The app uses these permissions locally on your Mac to watch for your configured trigger and perform the expansion. This activity does not leave your device and is not transmitted to us.
7. Service providers
We rely on a small set of third parties to operate the Service. Each processes only what's described above:
- Vercel — website hosting and privacy-friendly analytics
- GitHub — distribution of app downloads and updates
- Sentry — de-identified crash and diagnostic reports
- Lemon Squeezy — payment processing (Merchant of Record), when paid plans are live
- AI providers — only the text you run an AI command on, as described in Section 3
8. Data retention
Your app data lives on your device for as long as you keep it; deleting the app or your data removes it. For the limited data we do hold: aggregate website analytics are retained in aggregate form; diagnostic and crash reports are retained for up to 90 days; and support emails are kept for up to 24 months to assist you and maintain records, unless a longer period is required by law.
9. Security
We use reasonable technical and organizational measures to protect the limited information we handle, and we keep your most sensitive data — your commands and clipboard contents — on your device rather than on our servers. No method of storage or transmission is completely secure, so we cannot guarantee absolute security. If a breach affects your personal information, we will notify you and any regulators as required by applicable law.
10. Cookies & tracking
We do not use advertising or cross-site tracking cookies, and our website analytics is cookieless. We do not track you across other websites or services. Where required, we honor browser privacy signals such as Global Privacy Control (GPC).
11. International data transfers
We are based in the United States, and our service providers (including Vercel, GitHub, Sentry, Lemon Squeezy, and AI providers) may process data in the United States and other countries. If you access the Service from outside the U.S., your information may be transferred to and processed in the U.S. Where required for transfers of personal data from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.
12. Your privacy rights
Because your content stays on your device, you control it directly — you can view, edit, export, or delete it in the app at any time. For information we do hold (such as support correspondence or, where applicable, order information), you can contact us at support@slashcommand.app to exercise your rights.
We do not sell or share your personal information (including for cross-context behavioral advertising), and we have not done so.
Depending on where you live, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, to data portability, and to withdraw consent. Our legal bases for processing (for users in the EEA/UK) are our legitimate interests in operating, securing, and improving the Service (analytics and diagnostics), performance of a contract (support and, in future, billing), and your consent where you enable optional features. You also have the right to lodge a complaint with your local data-protection authority. We will not discriminate against you for exercising these rights.
13. Children
The Service is not directed to children under 13 (or the age of digital consent where you live), and we do not knowingly collect personal information from them.
14. Changes to this policy
We may update this policy as the Service evolves — notably before introducing accounts, sync, or paid plans. We'll revise the "Last updated" date above and, for material changes, provide a more prominent notice.
15. Contact
Questions about privacy, or want to exercise a right? Email support@slashcommand.app. Choop Labs LLC is a Delaware limited liability company, United States.