Privacy policy

Effective: 3 May 2026 · Describes personal data typically processed on this site by the Alpha91 official implementation of the open SLTL protocol, integrated with SLTL Trust (an Alpha91 brand at sltltrust.com; verify endpoint at sltl.global) as the sole Trust Authority.

This policy is a framework description for SLTL-powered sites. The Operator of this installation is responsible for notices to end users, lawful bases, and any registration with supervisory authorities.

1. Scope

This policy covers personal data processed through SLTL features (such as authentication, verification, security dashboards, and audit logs) on this deployment. Other parts of the Operator’s website or third-party services may have separate policies.

2. Categories of data

Depending on configuration, SLTL may process:

  • Account identifiers — e.g. email address, optional username or display name.
  • Authentication data — password hashes (not plaintext passwords), session tokens, optional second-factor material (e.g. TOTP secrets, recovery codes in hashed form).
  • Verification artefacts — e.g. one-time codes or verification state (not necessarily the code after use).
  • Technical and security logs — e.g. timestamps, IP addresses, coarse device or user-agent signals, event types, and structured details needed to investigate abuse.
  • Operator policy toggles — configuration values that affect behaviour (e.g. registration availability) stored in the application database.

3. Purposes of processing

Data is processed to:

  • Provide and secure accounts (sign-in, sign-out, password reset, optional 2FA).
  • Detect and respond to abuse (rate limits, IP blocks, route probes, audit review).
  • Maintain integrity of sessions and operator dashboards.
  • Meet the Operator’s legal or compliance obligations where applicable.

4. Legal bases (where GDPR-style law applies)

Typical bases include: performance of a contract (providing the service you asked for), legitimate interests (fraud prevention, security monitoring, improving reliability — balanced against your rights), and legal obligation where the Operator must retain or disclose data.

5. Retention

Retention follows operational need: account data is kept while the account exists; audit and security logs are kept according to Operator policy and storage constraints. The Operator may define backup cycles that temporarily retain copies.

6. Sharing

SLTL does not sell your personal data. Data may be visible to authorised Operator personnel (e.g. superadmins reviewing security). Hosting, email delivery, or analytics providers used by the Operator may process data on the Operator’s instructions — those relationships are governed by the Operator’s agreements.

7. International transfers

Where data crosses borders, the Operator should use appropriate safeguards (e.g. standard contractual clauses) where required by law.

8. Your rights

Depending on jurisdiction, you may have rights to access, rectify, erase, restrict, or object to processing, and to lodge a complaint with a supervisory authority. Requests should be directed to the Operator of this site.

9. Security

SLTL is built with security in mind; see the Security practices page. No system is perfectly secure — see the Terms of use and Disclaimer.

10. Changes

The Operator may update this policy. Check the effective date above.

← Back to sign in

© 2026 Alpha91 Enterprises Pty Ltd. All rights reserved.
SLTL Trust (an Alpha91 brand) is the sole Trust Authority for the SLTL protocol — operations at sltltrust.com, public verify endpoint at sltl.global. The SLTL protocol is published as an open specification (Apache 2.0) at github.com/malogies/sltl-protocol. This deployment is the Alpha91 official implementation (proprietary).
SLTL Trusted™, SLTL Trust™, Secure Link Trust Layer™, and SLTL.global™ are trademarks of SLTL Trust, an Alpha91 brand; SLTL™ is claimed as a common-law mark; use of trust marks requires explicit authorization — see Trademarks. Alpha91® is a registered trademark of Alpha91 Enterprises Pty Ltd where registered.