Privacy policy

Last updated: 20 June 2026

This policy explains what data slopllm.com collects, why, who helps us process it, and the rights you have. We try to collect as little as possible and to be clear about it.

Who we are

slopllm.com is operated by Nex AI, based in Gent, Belgium. For any privacy question or request, contact us at [email protected]. Nex AI is the data controller for the personal data described here.

What we collect

Account. Your email address and a securely hashed version of your password (we never store your password in plain text). If you sign in with Google, we receive your Google account email and basic profile to identify you.
Profile you choose to add. Display name, handle, bio, location, website and social links, and an avatar image if you upload one.
Content you create. Reviews, ratings, votes, communities, topics, replies, direct messages and saved models.
Usage and security data. Anonymous, first-party analytics about which features are used, with no personal identifiers, plus standard server logs (such as IP address and browser type) kept short term for security and abuse prevention.

Cookies

We use a single essential cookie to keep you signed in. It is httpOnly and used only for authentication. We do not use advertising or third-party tracking cookies.

Why we use it (legal basis)

We process account and content data to provide the service you ask for (performance of a contract). We process security logs and basic anonymous analytics on the basis of our legitimate interest in keeping the service safe and improving it. Where the law requires consent, we ask for it.

Who processes data for us

We do not sell your data. We share the minimum necessary with a few processors: Google (only if you choose Google sign-in, to verify your identity), Cloudflare (the network that delivers and protects the site), and Resend (only to send transactional email such as a password reset, if you request one). Each acts under its own data protection terms.

Where it is stored and how it is protected

Data is stored on our own infrastructure in the European Union (Belgium). Passwords are hashed with bcrypt, database access is restricted, and backups may be kept encrypted off-site for disaster recovery.

How long we keep it

We keep your account and content until you delete your account or ask us to remove them. Anonymous analytics carry no identifier and are not tied to you. Security logs are kept only as long as needed.

Your rights

Under the GDPR you can request access to your data, correction, deletion, restriction, portability, and you can object to certain processing. To exercise any of these, or to delete your account, email [email protected]. You also have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit).

Children

This service is not directed at children under 16, and we do not knowingly collect their data.

Changes

We may update this policy. The date at the top reflects the latest version. Significant changes will be made clear on the site.