Privacy Policy

Effective Date: January 1, 2025 · Last Updated: May 1, 2026

This Privacy Policy describes how ShoortPlus collects, uses, and protects information in connection with the ShoortPlus Developer Platform (developers.shoortplus.com).

1. Information We Collect About Developers

Account Information: Name, email address, company name, and contact details provided during registration.

Application Information: Details about your registered applications, including app names, redirect URIs, and permission scopes.

API Usage Data: Request logs, endpoint usage, error rates, and usage patterns associated with your API keys.

Authentication Data: OAuth tokens issued to your applications (stored in hashed form).

2. End-User Data via OAuth

When ShoortPlus users authorize your application, your app may receive user data per the scopes granted. ShoortPlus acts as the data controller for user data on the platform. As a developer, you act as a data processor or independent controller for data you receive. You are responsible for handling this data in compliance with applicable law.

3. How We Use Developer Information

To authenticate and authorize API access
To enforce rate limits and usage policies
To provide usage analytics and billing (if applicable)
To review applications for policy compliance
To send developer communications, changelog updates, and policy notices
To detect and prevent API abuse or misuse

4. Sharing of Developer Information

We do not sell developer information. We may share it with:

Infrastructure and hosting providers supporting the Developer Platform
Legal authorities when required by law or valid legal process
Acquirers in the event of a business transaction

5. API Key Security

API keys grant access to the ShoortPlus API on your behalf. Never expose API keys in client-side code, public repositories, or logs. Rotate keys immediately if you suspect compromise. We store only hashed versions of your API keys.

6. Your Rights

As a developer with an account on our Platform, you have the right to access, correct, export, and delete your account information. To exercise these rights, contact [email protected].

7. Cookies

The Developer Platform uses session cookies for authentication and analytics cookies to understand portal usage. You can manage cookies through your browser settings.

8. Data Retention

Developer account data is retained for the duration of the account plus any legally required period. API usage logs are retained for 12 months. Revoked OAuth tokens are purged immediately.

9. Security

We implement industry-standard security practices including TLS encryption for all API traffic, rate limiting, IP monitoring for anomalous usage, and access controls limiting who can view developer data internally.

10. Changes to This Policy

We will notify developers of material changes to this Privacy Policy via email at least 30 days before changes take effect.

11. Contact

Privacy inquiries: [email protected]