Privacy Policy

1. Introduction and Scope

SLTR Digital LLC (“SLTR Digital,” “Company,” “we,” “our,” or “us”) is committed to protecting your privacy and the security of your personal information. This Privacy Policy describes how we collect, use, disclose, store, and safeguard information when you access or use any of our services.

This Policy applies to all products, services, websites, and applications operated by SLTR Digital LLC, including but not limited to:

• Primal — a dating and social platform for gay and bisexual men (primalgay.com)
• MemoryAisle — an AI-powered grocery and meal planning companion (memoryaisle.app)
• MyDriftLAB — a sleep intelligence application (mydriftlab.com)
• 1099Pass — an income verification platform for gig workers and contractors (1099pass.com)
• Our corporate website at sltrdigital.com
• Any future products, services, websites, or applications we may develop or operate

By accessing or using any of our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our Services immediately.

2. Definitions

• “Personal Data” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable natural person or household.
• “Sensitive Personal Data” means Personal Data that reveals racial or ethnic origin, sexual orientation, health information, financial account data, precise geolocation, biometric identifiers, or other categories designated as sensitive under applicable law.
• “Processing” means any operation performed on Personal Data, including collection, recording, organization, storage, adaptation, retrieval, use, disclosure, erasure, or destruction.
• “Services” means all websites, applications, platforms, features, and related offerings operated by SLTR Digital LLC.
• “User,” “you,” or “your” means any individual who accesses or uses our Services.
• “Device” means any computer, mobile phone, tablet, or other electronic device used to access our Services.
• “Service Provider” means a third party that processes Personal Data on our behalf pursuant to a written agreement.

3. Information We Collect — General

Across all of our Services, we may collect the following categories of information:

a. Information You Provide Directly

• Account registration data (name, email address, password, phone number)
• Profile information you choose to provide
• Communications with us (support tickets, emails, feedback forms)
• Survey or research participation responses
• Payment and billing information (processed by third-party payment processors)

b. Information Collected Automatically

• Device information (device type, operating system, unique device identifiers, browser type and version)
• Usage data (pages visited, features used, click patterns, session duration, referring URLs)
• Network information (IP address, Internet service provider, general geographic location derived from IP)
• Log data (access times, error logs, diagnostic data)
• Cookies, pixels, and similar tracking technologies (see Section 21)

c. Information from Third Parties

• OAuth and single sign-on providers (e.g., Apple, Google)
• Analytics providers
• Payment processors (transaction confirmation, not full card numbers)
• Public databases and data aggregation partners (where permitted by law)

4. Information We Collect — Primal

In addition to the general categories above, Primal may collect the following information specific to its dating and social features:

• Sexual orientation and gender identity — provided voluntarily during profile creation. This is classified as Sensitive Personal Data and is treated with enhanced protections under GDPR Article 9 and applicable state privacy laws.
• Profile content — photographs, biographical text, dating preferences, and interests you choose to share
• Precise location data — used for the interactive community map, nearby user discovery, and event recommendations (collected only with your explicit permission)
• Verification data — selfie photographs used for profile verification and liveness detection (see Section 18 on Biometric Data)
• Communication content — messages, voice chat metadata, and video chat metadata exchanged within the platform
• Matching and interaction data — swipe/interest activity, match history, block and report actions

5. Information We Collect — MemoryAisle

MemoryAisle collects the following information specific to its grocery, meal planning, and household management features:

• Family and household profiles — names, ages, and dietary preferences of household members (including children, when provided by a parent or guardian)
• Dietary and allergy information — food allergies, dietary restrictions, intolerances, and cultural or religious dietary requirements
• Shopping data — shopping lists, purchase history, favorite items, and store preferences
• Voice input — voice recordings used for hands-free item entry, processed in real time and not stored after transcription unless you explicitly opt in
• Receipt images — photographs of receipts processed via optical character recognition (OCR) to extract item and price data
• Location data — used for geofencing-based store reminders (collected only with your explicit permission)
• Collaborative data — shared shopping lists and meal plans synchronized across household members' devices

6. Information We Collect — MyDriftLAB

MyDriftLAB collects the following information specific to its sleep intelligence features:

• Sleep session data — sleep start and end times, duration, and continuity metrics
• Environmental sensor readings — ambient noise levels, light intensity, estimated temperature, and movement detection derived from your device's sensors
• Audio environment analysis — classification of environmental sounds (e.g., traffic, snoring, ambient noise events). All audio processing occurs exclusively on your device. No audio recordings are stored, transmitted to our servers, or shared with any third party. Ever.
• Derived metrics — Rest Score (0-100), disruption event logs, pattern analysis, and sleep experiment results
• Wind-down preferences — content preferences for stories, soundscapes, and guided breathing routines

7. Information We Collect — 1099Pass

1099Pass collects the following information specific to its income verification and financial reporting features:

• Income and earning data — income records aggregated from gig economy platforms, freelance invoicing systems, and other earning sources
• Bank account connection data — account credentials are securely transmitted to and processed by third-party financial data aggregators (e.g., Plaid). SLTR Digital does not store your bank login credentials directly.
• Transaction history — up to 24 months of transaction data used to calculate income stability, diversity, and trend scores
• Tax documents — 1099 forms and other tax-related documents you upload or authorize us to retrieve
• Generated reports — lender-ready income verification reports, income readiness scores, and quarterly income estimates
• Lender interaction data — records of which reports you have shared with lenders through our platform, shared only at your explicit direction

8. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, operate, maintain, and improve our Services
• To personalize your experience and deliver relevant content and recommendations
• To process transactions and send related information (receipts, confirmations)
• To communicate with you about updates, security alerts, support, and administrative messages
• To verify your identity and prevent fraud, abuse, and unauthorized access
• To monitor and analyze usage trends to improve functionality and user experience
• To enforce our Terms of Service and other legal agreements
• To comply with applicable laws, regulations, legal processes, or governmental requests
• To protect the rights, property, and safety of SLTR Digital, our users, and the public
• For Primal: to facilitate matches, enable community features, verify profiles, and moderate content
• For MemoryAisle: to generate personalized meal plans, manage allergy alerts, sync household shopping lists, and provide store-based reminders
• For MyDriftLAB: to generate morning sleep reports, calculate Rest Scores, detect disruption patterns, and personalize wind-down routines
• For 1099Pass: to aggregate and normalize income data, generate lender-ready reports, calculate income readiness scores, and facilitate report sharing with lenders at your direction

9. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your Personal Data under the following legal bases:

• Performance of a Contract — processing necessary to provide the Services you have requested (account creation, service delivery, transaction processing)
• Legitimate Interests — processing necessary for our legitimate business interests (fraud prevention, service improvement, analytics), provided these interests are not overridden by your fundamental rights
• Consent — processing based on your freely given, specific, informed, and unambiguous consent (marketing communications, precise location data, processing of Sensitive Personal Data such as sexual orientation in Primal)
• Legal Obligation — processing necessary to comply with a legal obligation to which we are subject (tax record retention, law enforcement requests)

Where we rely on consent, you have the right to withdraw your consent at any time. Withdrawal will not affect the lawfulness of processing carried out prior to withdrawal.

10. Sharing and Disclosure

We do not sell your Personal Data. We do not sell or share your data for cross-context behavioral advertising.

We may share your information in the following circumstances:

• Service Providers — third parties who perform services on our behalf (cloud hosting, analytics, payment processing, customer support), bound by contractual obligations to protect your data and use it only for specified purposes
• At Your Direction — when you explicitly instruct us to share data (e.g., 1099Pass income reports shared with lenders, MemoryAisle shared household lists)
• Legal Requirements — when required by law, subpoena, court order, or governmental regulation, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others
• Business Transfers — in connection with a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction. You will be notified of any such transfer and any choices you may have regarding your data.
• Aggregated or De-Identified Data — we may share data that has been aggregated or de-identified so that it can no longer reasonably identify you, for research, analytics, or business purposes

11. Third-Party Services

Our Services integrate with or rely on the following categories of third-party services. Each third party operates under its own privacy policy:

• Cloud Infrastructure — Amazon Web Services (AWS) for hosting, storage, and compute
• Financial Data Aggregation — Plaid or similar providers for bank account connections in 1099Pass
• Payment Processing — Stripe, Apple Pay, Google Pay, or similar processors for subscription and in-app purchases
• Analytics — Google Analytics for website usage analysis
• Authentication — OAuth providers (Apple, Google) for single sign-on
• App Distribution — Apple App Store and Google Play Store

We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing them with your information.

12. Data Retention

We retain your Personal Data for as long as your account is active or as needed to provide you with our Services. Additionally:

• Primal — profile data is retained for the duration of your account plus 30 days after account deletion to allow for reactivation. Messages are retained for 12 months or until deleted by both parties.
• MemoryAisle — shopping and meal planning data is retained on a rolling 24-month basis unless you choose to delete it earlier.
• MyDriftLAB — sleep data is retained under your control and may be deleted at any time from within the app. Derived analytics are retained for the duration of your account.
• 1099Pass — financial data and generated reports are retained for a minimum of seven (7) years to comply with tax-related regulatory requirements, unless a longer retention period is required by law.

Anonymized or aggregated data that cannot identify you may be retained indefinitely for research and analytics purposes. When data is no longer needed, we securely delete or anonymize it.

13. Data Security

We implement administrative, technical, and physical safeguards designed to protect your Personal Data, including:

• Encryption in transit using TLS 1.2 or higher
• Encryption at rest using AES-256 or equivalent industry-standard encryption
• Role-based access controls limiting employee access to Personal Data on a need-to-know basis
• Regular security assessments, vulnerability scanning, and penetration testing
• Incident response procedures for prompt detection, containment, and notification of data breaches
• For 1099Pass: bank-level encryption standards and compliance with financial data protection requirements

Despite these measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to protecting your data using commercially reasonable measures.

14. Your Rights — General

Depending on your jurisdiction, you may have the following rights regarding your Personal Data:

• Access — the right to request a copy of the Personal Data we hold about you
• Rectification — the right to correct inaccurate or incomplete Personal Data
• Erasure — the right to request deletion of your Personal Data, subject to legal retention requirements
• Portability — the right to receive your Personal Data in a structured, machine-readable format
• Restriction — the right to restrict processing of your Personal Data under certain circumstances
• Objection — the right to object to processing based on legitimate interests
• Withdraw Consent — the right to withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at privacy@getsltr.com. We will respond within thirty (30) days or as required by applicable law. We will not discriminate against you for exercising your privacy rights.

15. Your Rights — GDPR (EEA/UK Residents)

If you are located in the European Economic Area or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR), including:

• All rights listed in Section 14, enforceable under Articles 15–22 of the GDPR
• The right not to be subject to automated decision-making, including profiling, that produces legal effects or similarly significant effects
• The right to lodge a complaint with your local data protection supervisory authority

For GDPR-related inquiries, contact us at privacy@getsltr.com. International data transfers from the EEA/UK are protected through Standard Contractual Clauses (SCCs) approved by the European Commission (see Section 23).

16. Your Rights — CCPA/CPRA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with the following rights:

• Right to Know — the right to request the categories and specific pieces of Personal Data we have collected about you in the preceding 12 months
• Right to Delete — the right to request deletion of your Personal Data, subject to certain exceptions
• Right to Correct — the right to request correction of inaccurate Personal Data
• Right to Opt-Out of Sale or Sharing — we do not sell your Personal Data and do not share it for cross-context behavioral advertising
• Right to Limit Use of Sensitive Personal Information — you may direct us to limit the use and disclosure of your Sensitive Personal Information to purposes necessary to provide the Services
• Right to Non-Discrimination — we will not discriminate against you for exercising any of your CCPA/CPRA rights

To exercise these rights, email privacy@getsltr.com with the subject line “California Privacy Request.” We will verify your identity before processing your request and respond within forty-five (45) days as required by law.

17. Children's Privacy

Our Services are generally not directed to children under the age of 13. Specific age requirements apply to each Service:

• Primal — strictly limited to users aged 18 and older. No exceptions.
• MemoryAisle — accounts may only be created by adults (18+). Parents and guardians may include information about their children (names, ages, dietary needs) within their own household profiles. This data is managed solely by the parent/guardian account holder.
• MyDriftLAB and 1099Pass — limited to users aged 18 and older.

We do not knowingly collect Personal Data from children under 13 without verified parental consent. If we become aware that we have collected data from a child under 13 without appropriate consent, we will promptly delete it. If you believe a child has provided us with Personal Data, contact us at privacy@getsltr.com.

18. Biometric Data

Primal's profile verification feature may involve the processing of facial geometry data for liveness detection purposes. The following disclosures apply, including under the Illinois Biometric Information Privacy Act (BIPA) and similar state laws:

• Purpose: Biometric data is used solely to verify that a selfie matches the profile photographs and to confirm the image was captured by a live person (liveness detection).
• Retention: Biometric identifiers are deleted within 24 hours of verification completion. They are not stored permanently.
• No Sale or Sharing: Biometric data is never sold, leased, traded, or shared with any third party for any purpose.
• Consent: By using the verification feature, you consent to the collection and processing of your biometric data for the purposes described. You may choose not to use the verification feature.

19. Health and Wellness Data

MyDriftLAB collects sleep-related data and MemoryAisle collects allergy and dietary information. While this data may be health-adjacent, please note:

• MyDriftLAB is not a medical device and is not intended to diagnose, treat, cure, or prevent any medical condition.
• MemoryAisle allergy tracking is based on user-provided information and is not a substitute for professional medical advice.
• We treat all health-adjacent data with enhanced security measures, including encryption and restricted access.
• We do not share health-adjacent data with employers, insurers, or data brokers.

20. Financial Data Protections

1099Pass processes financial data subject to the following protections:

• Bank account connections are facilitated through encrypted third-party aggregators. SLTR Digital never directly stores your bank login credentials.
• Income verification reports are shared with lenders only at your explicit direction and consent.
• You may revoke access to any connected financial account at any time through the app settings.
• Financial data is encrypted using bank-level security standards and stored in compliance with applicable financial data protection regulations.
• SLTR Digital is not a lender, broker, or financial advisor. 1099Pass provides data intelligence tools only.

21. Cookies and Tracking Technologies

We use the following categories of cookies and similar technologies:

• Strictly Necessary — required for the operation of our Services (authentication, security, load balancing). These cannot be disabled.
• Functional — enable enhanced features and personalization (language preferences, remembering your choices).
• Analytics — help us understand how visitors interact with our Services (Google Analytics). These collect aggregated, anonymized data.

We do not use advertising or behavioral targeting cookies. You can control cookies through your browser settings. Blocking certain cookies may affect the functionality of our Services.

22. On-Device Processing

Certain features in our Services process data exclusively on your device:

• MyDriftLAB audio analysis — all environmental audio processing (noise detection, sound classification) occurs entirely on your device using on-device machine learning. Raw audio data never leaves your device, is never transmitted to our servers, and is never accessible to SLTR Digital or any third party. Only derived metrics (noise levels, disruption timestamps) are synced to provide your reports.
• MyDriftLAB sensor data — light, temperature, and motion sensor readings are processed locally; only derived metrics are synchronized.
• MemoryAisle voice input — voice-to-text transcription is processed in real time and raw audio is not retained after transcription.

23. International Data Transfers

SLTR Digital is based in the United States. If you access our Services from outside the United States, your Personal Data may be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. For transfers from the EEA or UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and/or UK Information Commissioner's Office to ensure adequate protection of your data. By using our Services, you consent to the transfer of your data to the United States subject to these safeguards.

24. Do Not Track Signals

Some browsers transmit “Do Not Track” (DNT) signals. There is currently no uniform standard for interpreting DNT signals. Our Services do not currently respond to DNT signals. However, we do not engage in cross-site tracking or sell your Personal Data, and you may control analytics cookies through your browser settings as described in Section 21.

25. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the “Last Updated” date at the top of this page, sending an email to the address associated with your account, or providing an in-app notification. We encourage you to review this Policy periodically. For material changes that affect how we process Sensitive Personal Data, we will provide at least thirty (30) days' notice before the changes take effect. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Policy.

26. Future Products

This Privacy Policy applies to all current and future products, services, websites, and applications developed or operated by SLTR Digital LLC. When we launch new products, this Policy will be updated to include any additional data practices specific to those products. We will notify users of significant additions through the channels described in Section 25.

27. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Privacy Inquiries: privacy@getsltr.com
• Legal Inquiries: legal@getsltr.com
• General Contact: hello@getsltr.com
• Mail: SLTR Digital LLC, Attn: Privacy, P.O. Box [to be assigned], United States

For GDPR-related inquiries from the EEA or UK, please email privacy@getsltr.com with the subject line “GDPR Request.” For CCPA requests from California residents, please email with the subject line “California Privacy Request.”