Slingshot — Privacy Policy

Last updated: 18 March 2026

Slingshot ("the App") is developed by Duncan Sharp ("we", "us", "our"). This Privacy Policy explains how we collect, use, and protect your information when you use the App.

1. Information We Collect

Authentication Data

When you sign in with Microsoft Entra ID, we receive your name and email address from Microsoft. This information is used solely to authenticate your identity and enable the server upload feature. Authentication tokens are stored securely in your device's Keychain and are not transmitted to any party other than Microsoft and our upload server for authentication purposes.

Google Drive Integration

If you choose Google Drive as your transfer destination, the App uses Google Sign-In to authorise file uploads. We receive your Google account name and email address, which are displayed in the App to confirm which account is connected. The App requests the "drive.file" scope, which only allows it to manage files it creates. Google authentication tokens are managed by the Google Sign-In SDK and stored in your device's Keychain.

Video and Media Files

The App accesses video files that you explicitly select through the document picker or Photo Library. Video files are processed locally on your iPad. Files are only uploaded to your chosen transfer destination when you explicitly initiate a transfer.

Upload Metadata

When you upload a file to a TUS server, the following metadata is transmitted alongside the video file: your authenticated email address, a location description (entered by you), and the export filename.

Local Storage

The App stores the following data locally on your device:

• Clip metadata and timeline arrangement (Documents folder)
• Export settings and preferences (UserDefaults)
• Thumbnail and waveform caches (Caches folder)
• Authentication tokens (Keychain)
• Transfer destination configuration (UserDefaults)

2. Information We Do Not Collect

• We do not collect analytics, crash reports, or usage statistics
• We do not use advertising or tracking SDKs
• We do not share your data with third parties for marketing purposes
• We do not access your device's camera, microphone, contacts, or location

3. Third-Party Services

Microsoft Entra ID (Authentication)

Sign-in is handled by Microsoft's authentication service. Microsoft Privacy Statement

Google Drive (File Upload)

Google's privacy policy applies: Google Privacy Policy. You can revoke access at Google Account Permissions.

Apple StoreKit (Subscriptions)

Apple Privacy Policy

4. Data Storage and Security

All data is stored locally on your device or transmitted via encrypted HTTPS connections. Authentication tokens are stored in the iOS Keychain.

5. Data Retention and Deletion

You can delete all local data by selecting "Delete Account & Data" within the App. Files uploaded to Google Drive can be managed at drive.google.com.

6. Children's Privacy

The App is not directed at children under 13.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page.

8. Contact

Email: privacy@slingshotappsolutions.com

© 2026 Duncan Sharp. All rights reserved.