Privacy Policy

Last updated: April 2, 2026

This Privacy Policy explains how AppDesignGeeks LLC ("we", "us", "our") collects, uses, and protects your information when you use PluckShot. We are committed to protecting your privacy and being transparent about our data practices.

1. The Short Version

Your captures stay on your device. We do not upload, sync, or store your screenshots, extracted text, session notes, or any capture content on our servers. Your data is yours.

2. What We Collect

Stored on our servers

• Account information — email address, name, avatar (if using Google sign-in), subscription status and plan
• Usage metrics — capture count per month (for metering only, not the content of captures)

Stored on your device only

• Captures, screenshots, and extracted text
• Session notes and annotations
• API keys (BYO mode)
• App preferences and settings

Handled by our payment processor (Stripe)

• Payment method and billing address — we never see or store your card details

3. How Your Data Flows

BYO (Bring Your Own) Mode

When you use your own API key, captures are sent directly from your device to the AI provider (e.g., Anthropic, OpenAI, Google). We are not involved in this data flow. Your API key and capture content never touch our servers.

Managed Proxy Mode

When you use our managed AI service (Pro Managed plan), captures are routed through our proxy server to the AI provider. During this process:

• The capture image is processed in real-time and is not stored on our servers
• We log the request metadata (timestamp, user ID, provider, response time) for monitoring and debugging
• The content of the capture (image and extracted text) is not logged or retained
• We count the number of captures per month for usage metering

Ollama (Local AI)

When using Ollama, all AI processing happens entirely on your device. No data leaves your computer.

4. Third-Party Services

PluckShot uses trusted third-party services for specific functions:

• Authentication provider — stores your account information (email, sign-in credentials)
• Payment processor (Stripe) — handles all payment and billing. We never see or store your card details.
• Google OAuth (optional) — if you choose to sign in with Google, we receive your email, name, and avatar
• AI providers — process your captures. In BYO mode, data goes directly from your device to the provider. In Managed mode, data is routed through our servers but is not stored.

Each third-party service operates under its own privacy policy.

5. Data Security

• All network communication uses HTTPS/TLS encryption
• Authentication tokens and API keys are stored securely on your device
• Our server infrastructure uses industry-standard security practices
• Database access is scoped per user — you can only access your own data

6. Data Retention

• Account data: Retained while your account is active. Deleted upon account deletion request.
• Subscription data: Retained for billing and legal purposes per Stripe's retention policies.
• Usage logs: Retained for up to 90 days for monitoring and debugging, then automatically deleted.
• Local data: Stored on your device until you delete it. Uninstalling the app removes all local data.

7. Your Rights

You have the right to:

• Access your account data — visible in the app's Settings screen
• Export your captures and sessions — built into the app (PDF, DOCX, HTML, Markdown)
• Delete your account — contact us at support@appdesigngeeks.com and we will delete all server-side data within 30 days
• Cancel your subscription — available in the app via the subscription management portal
• Opt out of managed proxy — switch to BYO mode at any time to keep all data on your device

8. GDPR (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to access, rectification, and erasure of your personal data
• Right to data portability
• Right to restrict or object to processing
• Right to withdraw consent at any time

Our legal basis for processing your data is: (a) contract performance (providing the service), (b) legitimate interest (improving the service), and (c) consent (optional features like Google OAuth).

To exercise your GDPR rights, contact us at support@appdesigngeeks.com.

9. Children's Privacy

PluckShot is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

10. What We Do NOT Do

• We do not sell your personal information to anyone
• We do not use your data for advertising
• We do not store or train AI models on your captures
• We do not track your screen activity outside of captures you explicitly initiate
• We do not share your data with third parties except as described in this policy

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. The "Last updated" date at the top indicates when the policy was last revised.

12. Contact

For privacy-related questions or requests, contact us at:

AppDesignGeeks LLC
Email: support@appdesigngeeks.com
Website: pluckshot.io