Privacy Policy

Last updated: March 2026

1. Introduction

SlickEnv is a product of SlickSpender ("we", "us", "our"). We operate the slickenv.dev website and the SlickEnv CLI tool. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

Account information. When you create an account, we collect your name, email address, and authentication provider (GitHub or Google). We do not store your password and authentication is handled entirely by your OAuth provider.

Environment variables. When you push environment variables to SlickEnv, they are encrypted with AES-256-GCM before storage. We cannot read, access, or process the contents of your environment variables.

Usage metadata. We collect metadata about your usage of the service, including: timestamps of push and pull operations, variable counts (not values), version numbers, project names, and environment names. This metadata is used for service operation and debugging.

Device information. We collect basic device information from the CLI, including operating system, CLI version, and a randomly generated device identifier. This is used for compatibility and debugging purposes only.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the SlickEnv service
  • Authenticate your identity and authorise access to your projects
  • Send you service-related communications (e.g. security alerts)
  • Monitor and improve the reliability and performance of the service
  • Comply with legal obligations

4. What We Do Not Do With Your Data

  • We do not sell your data to third parties
  • We do not use your data for advertising
  • We do not share your data with third parties except as required by law
  • We do not read, analyse, or process the contents of your environment variables
  • We do not train machine learning models on your data

5. Data Retention

Your environment data is retained for as long as your account is active. If you delete your account, all associated data, including encrypted environment variables, version history, and metadata, is permanently deleted within 30 days.

6. Security

We implement industry-standard security measures including AES-256-GCM encryption at rest, TLS 1.3 encryption in transit, and OAuth 2.0 with PKCE for authentication. For full details, see our Security Architecture documentation.

7. Your Rights

You have the right to access, correct, or delete your personal information at any time. You can export all your data via the CLI using slickenv export. To request account deletion, email hello@slickenv.dev.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our website. Continued use of the service after changes constitutes acceptance of the updated policy.

9. Contact

If you have questions about this Privacy Policy, contact us at hello@slickenv.dev.