<- Back to Slokoto

Privacy Policy

Effective Date: April 6, 2026

1. Introduction

This Privacy Policy explains how Slokoto collects, uses, shares, and protects personal information when you use our website, applications, and related services. By using Slokoto, you agree to the practices described in this Privacy Policy.

2. Scope and Roles

This Privacy Policy applies to the Slokoto marketing website, the product, and our direct communications with you. It does not apply to third-party services that you choose to connect to Slokoto.

If you use Slokoto through a company or team workspace, that organization may control some of the customer data processed through the service. In those cases, Slokoto generally acts as a service provider or processor on the organization's behalf.

3. Information We Collect

  • Account and workspace information: name, email address, login details, workspace membership, and profile information.
  • Customer data you provide or sync: lead records, notes, activity history, communications metadata, automation settings, calendar data, and related workflow information.
  • Billing and transaction data: subscription status, invoices, tax data, and payment confirmations provided by Paddle or other billing processors we use.
  • Usage, device, and log data: browser information, IP address, timestamps, pages viewed, product interactions, and diagnostic logs.
  • Third-party integration data: information received from connected systems such as email, calendar, CRM, telephony, or messaging providers that you enable.

Please do not submit sensitive personal information that Slokoto does not need to provide the service, such as payment card numbers, government identifiers, or health information.

4. How We Use Information

  • Provide, operate, secure, and support the service.
  • Authenticate users and manage workspaces, permissions, and billing.
  • Deliver product features such as prioritization, automation, scheduling, and recommendations.
  • Monitor reliability, troubleshoot issues, and improve product performance.
  • Communicate with you about account, billing, product, support, and legal matters.
  • Comply with law, enforce our terms, and prevent abuse, fraud, or unauthorized activity.

Where required by law, we rely on an appropriate legal basis such as contract performance, legitimate interests, consent, or legal obligation.

5. How We Share Information

We do not sell personal information. We may share information in the following situations:

  • With service providers that help us run hosting, storage, billing, analytics, support, or AI features.
  • Within your workspace, according to your workspace configuration and user permissions.
  • With third-party services you choose to connect to Slokoto.
  • When required by law, legal process, or to protect rights, safety, and the service.
  • In connection with a merger, financing, acquisition, or sale of assets.

6. Security

We use technical and organizational measures designed to protect personal information, including:

  • AES-256-GCM encryption for integration credentials at rest.
  • TLS encryption for all data in transit.
  • Two-factor authentication (TOTP) and strong password policies.
  • Row-level database security isolating workspace data.
  • Audit logging of privileged actions with tamper-evident integrity.
  • Automated anomaly detection and security alerting.

No internet-based system is perfectly secure, and we cannot guarantee absolute security. For more information, see our Security page.

7. Data Retention

We retain information for as long as needed to provide the service, maintain business records, resolve disputes, enforce agreements, and comply with legal obligations. Specific retention periods:

  • Account data: Retained while your account is active. Deleted or anonymized upon account deletion request.
  • Activity logs: Retained for 365 days, then automatically purged.
  • Administrative audit logs: Retained for 730 days (2 years), then automatically purged.
  • Contact form submissions: Retained for the duration of the business relationship or until deletion is requested.
  • Billing and transaction records: Retained as required by tax and accounting law (typically 7 years), managed by Paddle as merchant of record.

Automated retention policies enforce these limits. You may request earlier deletion of your personal data by contacting us at support@slokoto.com.

8. Your Rights and Choices

Depending on where you live, you may have rights such as access, correction, deletion, portability, restriction, objection, or withdrawal of consent where consent is the legal basis.

  • Access and portability: You can export all your personal data from your account settings in a machine-readable JSON format.
  • Deletion: You can delete your account from your profile settings. This anonymizes your records and removes your authentication credentials.
  • Correction: You can update your profile information at any time from your account settings.
  • Cookie preferences: You can accept or decline non-essential cookies when first visiting the site. Analytics cookies are only loaded after you accept.

If your organization controls the relevant customer data, you may need to contact your workspace administrator first. You can also contact us at support@slokoto.com.

9. Cookies and Similar Technologies

We use cookies and similar technologies for authentication, security, preferences, and product analytics. Your browser settings may let you control some cookie behavior, but disabling certain cookies can affect how the service works.

10. International Transfers

Slokoto and its service providers may process information in countries other than your own. When required, we use appropriate safeguards for cross-border transfers.

11. Children's Privacy

Slokoto is not directed to children, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact us so we can investigate.

12. U.S. State Privacy Disclosures

We do not sell personal information and do not share personal information for cross-context behavioral advertising. Depending on your state of residence, you may have additional privacy rights.

13. Sub-Processors

We use the following third-party service providers (sub-processors) to operate the service. Each processes personal information only as necessary for the functions described:

ProviderPurposeLocation
Supabase (AWS)Database, authentication, row-level securityUS (us-east-1)
VercelApplication hosting, CDN, serverless functionsUS / Global Edge
PaddleBilling, payments, tax (merchant of record)UK / Global
ResendTransactional email deliveryUS
OpenAIAI features (lead analysis, recommendations)US
SentryError monitoring (loaded only with cookie consent)US

We will update this list if we add or change sub-processors. Data processing agreements are in place with each provider.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date above and, when required, provide additional notice through the service or by email.

15. Contact Us

Foto Master LLC (d/b/a Slokoto)

1013 Centre Road, STE 403-B

Wilmington, DE 19805, United States

General and Privacy Requests

support@slokoto.com

Billing

finance@slokoto.com

Security

security@slokoto.com