Privacy Policy

Last Updated: November 12, 2025

1. Introduction

This Privacy Policy explains how Promptly collects, uses, and protects your data when you interact with the bot.

Promptly stores prompts and OpenAI API keys provided by users to enable bot functionality.
Data is stored securely on a per-user basis, encrypted, and only accessible to authorized bot processes.
We also log anonymized activity for observability and to monitor bot health, errors, and usage patterns.

Data is used solely to provide bot functionality, such as running /chat, managing prompts, and validating API keys.
Your information is never shared with third parties except as required for OpenAI API integration.
We may send automated reminders to users to rotate or confirm unused API keys as part of secrets lifecycle management.

Users may delete stored data at any time using bot commands.
Inactive API keys may trigger automated reminders and may be flagged for rotation or deletion to maintain security.
We retain data only as required to provide service and comply with applicable law.

API keys provided by users are stored encrypted and tied to your Discord account.
The bot monitors key usage and may send automated reminders if a key has not been used for a set period (e.g., 30 days).
Keys may be flagged for rotation or optional deletion to reduce the risk of long-lived unused secrets.
Users are encouraged to rotate keys regularly and can delete or update their keys anytime using /deletekey or /setkey.
This lifecycle management ensures that stale keys do not remain in storage unnecessarily, enhancing security.

Promptly uses the OpenAI API to provide AI functionality. Your data may be processed by OpenAI as required to fulfill requests.

Promptly is not intended for children under the age of 13. We do not knowingly collect personal information from children.

This Privacy Policy may be updated at any time. Continued use indicates acceptance of the updated policy.