Privacy Policy

Last updated: May 15, 2026

This Privacy Policy explains how SlopLord ("we," "us," or "our") collects, uses, stores, and protects your personal information when you use our platform at sloplord.io.

By using SlopLord, you consent to the practices described in this policy. If you do not agree, please do not use the service.

1. Information We Collect

1.1 Information You Provide

  • Account Information: When you sign in with Google, we collect your name and email address from your Google account profile
  • Product Information: Product descriptions, target audience details, problem statements, customer results, and website URLs you provide for video generation
  • Uploaded Content: Demo videos and b-roll clips you choose to upload
  • Communication: Information you provide when contacting us for support

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, video generation history, and timestamps
  • Device & Browser Data: IP address, browser type and version, operating system, and referring URLs
  • Cookies: Session cookies for authentication and preference cookies for theme selection

1.3 Information from Third Parties

  • Google: We receive your name and email via Google Sign-In. We do not access your Google Drive, Gmail, calendar, or any other Google data
  • Stripe: We receive your Stripe Customer ID, subscription status, and payment confirmation. We do not see or store your full credit card numbers

2. How We Use Your Information

We use your information solely to provide, maintain, and improve our service:

  • To authenticate you via Google Sign-In and manage your account
  • To generate videos by processing your product information through our AI pipeline
  • To manage subscriptions and process payments through Stripe
  • To send essential service emails — receipts, payment confirmations, subscription changes, and service notifications
  • To provide customer support and respond to your inquiries
  • To improve the service — analyze usage patterns to fix bugs and enhance features

We do not use your data for advertising, profiling, or selling your information to third parties.

3. Data Sharing & Third-Party Services

We share your data only as necessary to provide the service, and only with the following third parties:

Service Data Shared Purpose
GoogleName, emailAuthentication
StripeEmail, Stripe Customer ID, payment infoPayment processing
DeepseekProduct descriptions, script promptsAI script generation
AI VoiceoverScript textAI voiceover generation
PexelsSearch keywords (no personal data)Stock video sourcing
KlipySearch keywords (no personal data)GIF sourcing
RedditSearch keywords (no personal data)Social proof content
ResendEmail addressTransactional emails

We do not sell your personal information to anyone. We do not share your data with any third party for their own marketing purposes.

4. Cookies

We use a minimal set of cookies:

  • Session cookie — required for authentication and to keep you logged in
  • CSRF token cookie — required for security against cross-site request forgery
  • Theme preference — stored in localStorage (not a cookie) to remember your dark/light mode choice

We do not use tracking cookies, analytics cookies, or any third-party advertising cookies. We do not use cookie banners because we do not place non-essential cookies.

5. Data Retention

  • Account data: Retained for as long as you have an active account
  • Generated videos and scripts: Retained with your account and deleted when you delete them or your account
  • Deleted accounts: Personal information is anonymized or deleted within 30 days of account deletion
  • Stripe records: Stripe may retain billing records as required by financial regulations (typically 5-7 years)
  • Log data: Server logs are retained for up to 90 days for security and debugging purposes

6. Data Security

We take reasonable technical and organizational measures to protect your data:

  • All traffic is encrypted using TLS/SSL
  • Payment data is handled entirely by Stripe (PCI-compliant)
  • API keys and secrets are stored as environment variables, never in code
  • We follow security best practices for Django and our infrastructure

No method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

7. Your Rights

7.1 General Rights

  • Access: Request a copy of the personal data we hold about you
  • Correction: Ask us to correct inaccurate or incomplete data
  • Deletion: Delete your account and associated data at any time from your profile page
  • Data Portability: Request your data in a machine-readable format
  • Objection: Object to our processing of your data for legitimate interests

7.2 GDPR Rights (European Users)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the GDPR:

  • Right to restriction: Request that we restrict processing of your data under certain conditions
  • Right to withdraw consent: Where processing is based on consent, you may withdraw at any time
  • Right to lodge a complaint: File a complaint with your local data protection authority

Our lawful basis for processing your data is:

  • Contract performance (Article 6(1)(b)) — processing necessary to provide the service under our Terms of Service
  • Legitimate interests (Article 6(1)(f)) — improving the service, security, and fraud prevention
  • Consent (Article 6(1)(a)) — where you have explicitly agreed (e.g., Google Sign-In)

7.3 CCPA Rights (California Users)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the right to:

  • Know what personal information we collect, use, and share
  • Delete personal information we hold about you
  • Opt out of the sale of personal information — we do not and never will sell your data
  • Non-discrimination — we will not discriminate against you for exercising your CCPA rights

7.4 How to Exercise Your Rights

To exercise any of these rights, contact us at boss@sloplord.io. We will respond within 30 days. You can also delete your account directly from your profile page.

8. International Data Transfers

Your data may be processed in countries where our third-party service providers operate (including the United States, where Stripe, Google, Deepseek, and other services are based). We ensure appropriate safeguards are in place for international data transfers through Standard Contractual Clauses (SCCs) where required by applicable law.

9. Children's Privacy

SlopLord is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the service. Your continued use after changes take effect constitutes acceptance of the updated policy.

11. Contact

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

Email: boss@sloplord.io

⚠️ Update this email once you've set up your contact address. Required before Google's OAuth verification.