Privacy Policy

Slingso is a product operated by Ninnti Tech Private Limited, a company incorporated under the Companies Act 2013, with its primary office at Banjara Hills, Hyderabad, Telangana, India ("Ninnti Tech", "we", "our", "us").

We are the data controller for personal data collected through slingso.com and the Slingso platform. For any privacy-related enquiries, contact us at [email protected].

We use your data to:

• Authenticate you and maintain your account (contract performance)
• Run the AI agent on your brand's behalf — scraping, analysis, content generation (contract performance)
• Send transactional emails: OTP codes, agent run notifications, approval requests (contract performance)
• Improve platform reliability and diagnose errors (legitimate interest)
• Comply with applicable laws and respond to lawful requests (legal obligation)

We do not sell your data to third parties. We do not use your brand data to train general-purpose AI models. We do not run advertising or behavioural profiling.

To deliver Slingso, we share data with the following categories of service providers:

• LLM providers (Anthropic, Google): Brand and product context is sent to these APIs to generate analysis and content. Data is processed per their API terms and is not used for model training under their enterprise agreements.
• Web scraping infrastructure (Firecrawl): Your brand URL and competitor URLs are passed to Firecrawl to retrieve publicly available page content.
• File storage (Cloudflare R2): Agent run artefacts and screenshots are stored in Cloudflare's R2 object storage.
• Email delivery (Resend): Your email address is passed to Resend to deliver OTP codes and platform notifications.
• Infrastructure (Cloudflare, Hetzner): Network routing and server hosting. IP data may be processed for DDoS protection and geo-routing.

We do not share your personal data with any third party beyond those required to operate the service as described above.

We retain your account and brand data for as long as your subscription is active and for up to 90 days after cancellation, to allow for re-activation or data export requests.

Agent run observations, artefacts, and memory are retained for the duration of your subscription. After account deletion, all personal data is deleted within 30 days, except where we are required by law to retain it longer.

Temporary pre-signup analysis data (Phase A results stored in cache) is retained for a maximum of 1 hour and is not linked to any email address or persistent identity.

Under the Digital Personal Data Protection Act 2023 (India) and general data protection principles, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate personal data
• Request deletion of your personal data (subject to legal retention obligations)
• Withdraw consent where processing is based on consent
• Nominate a representative for data access in the event of your death or incapacity
• File a complaint with the Data Protection Board of India

To exercise any of these rights, email [email protected] from your registered address. We will respond within 30 days.

All data in transit is encrypted via TLS. Data at rest is encrypted at the infrastructure level by Cloudflare R2 and Hetzner. Authentication uses one-time codes delivered to your email — no passwords are stored.

We employ rate limiting, Cloudflare DDoS protection, and access controls to protect the platform. Despite these measures, no system is completely secure. We will notify you promptly in the event of a data breach that materially affects your personal data.

We may update this Privacy Policy from time to time. Material changes will be communicated to your registered email address at least 14 days before the change takes effect. The "last updated" date at the top of this page reflects the most recent revision.

For all privacy enquiries: [email protected]
Ninnti Tech Private Limited · Banjara Hills · Hyderabad · Telangana · India