[ Personal Data Processing Policy ]_

SlimVps ("we") treats privacy as part of the product. This policy clarifies the boundaries, purposes, and retention strategies for personal data processing.

By continuing to use the website, console, or API, you confirm you have read and agreed to this policy.If you disagree, please stop using the service. This policy complements the User Service Agreement.

Provided by you

• Account info:email, optional name, hashed password
• Payment traces:card details processed by a licensed payment provider; we only store transaction result, amount, date, and masked billing fields
• Support materials:descriptions, attachments, and correspondence in tickets and emails
• Order parameters:machine specs, data center region, billing plan

Auto-generated by the system

• Access logs:IP, HTTP metadata, timestamps, referrer, browser and OS info
• Device fingerprint:terminal type and client identifier we assign (SSAID), used for risk control and anomaly detection
• Usage telemetry:login timestamps, feature clicks, console actions, bandwidth and compute usage statistics
• Cookies / local storage:maintaining session, remembering language preferences, etc. (see Section 6)

Data is used to:

• Delivery & operations:account creation, instance provisioning, payments, and renewal management
• Identity & risk control:login verification, abuse detection, blocking unauthorized access
• Customer success:responding to tickets and diagnosing issues
• Experience optimization:analyzing usage patterns in aggregate or anonymized form to improve performance and new features
• Transactional notifications:billing, expiry, maintenance, and security emails
• Product updates:product-related updates or offers may be sent until you unsubscribe
• Compliance obligations:cooperating with law enforcement, meeting regulatory requirements, protecting legal rights
• Infrastructure research:anonymized technical logs used for stability tuning

We do not sell your personal information.We only disclose to third parties in the following cases:

Processors & infrastructure partners

To complete payments, email delivery, network connectivity, etc., we share necessary fields with:

• Payment gateway (subject to its own privacy policy)
• Email delivery service (verification codes and notifications)
• Self-hosted Matomo analytics (data resides on our own servers)
• Data center and bandwidth providers

Data processing agreements are signed with these parties, restricting use and requiring equivalent security measures.

Legal requirements

We may disclose necessary information when required by law, judicial or administrative order, or to protect the legitimate rights of us and our users.

Mergers & restructuring

In the event of a merger, acquisition, asset sale, or bankruptcy, user information may be transferred as an asset. We will notify users in advance and require successors to maintain equivalent protection.

With your consent

We will only share data beyond what is listed in this policy after obtaining your separate, explicit consent.

• Account fields:retained during the account's existence and for a reasonable period after deletion, up to approximately12 monthsto meet audit requirements
• Financial records:billing and payment records are retained for at least7 years
• Access logs:Typically retained for approximately90 daysfor security audits and troubleshooting
• Ticket:during account validity and after deletion12 months
• Instance disk:after service ends,72 hourspermanently deleted

If law requires a longer retention period, that requirement takes precedence.

We follow industry-standard practices including but not limited to:

• Transport layer:TLS 1.2+ encrypted channels
• Password storage:bcrypt and similar strong hashing — original passwords are irrecoverable
• Internal access:staff follow least-privilege principles; sensitive operations are logged
• Physical environment:24/7 access control and monitoring at data centers
• Security operations:regular self-audits and vulnerability scanning

We currently use the following types of technologies:

You may disable cookies at the browser level. Disabling essential cookies may disrupt the console and checkout process.

Please submit your request via a support ticket. We will respond within approximately30 days:

• Access:obtain a copy of the personal data we hold about you
• Correction:request corrections to inaccurate information (you can also update basic fields in the console yourself)
• Deletion:request deletion after account closure; transaction records required by law are exempt
• Marketing opt-out:use the unsubscribe link in emails to opt out of promotional communications; billing and security notifications cannot be opted out of
• Withdraw consent:if processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

While an account is active and service delivery is ongoing, some deletion requests may be deferred to balance service obligations and legal requirements.

This service is not intended forusers under 18persons. We do not actively collect children's data. If you are a guardian and discover that a minor has submitted information without authorization, please contact us via a ticket and we will delete it promptly.

We operate data centers in Hong Kong, Japan, Korea, the US, and other locations. Your data may be stored or processed outside your country of residence, where different privacy laws may apply.

To mitigate risk, we sign data processing agreements with recipients, apply industry-standard encryption and access controls, and comply with applicable cross-border transfer rules.

This site may contain links to external websites. We have no control over their content, privacy practices, or security measures, and take no responsibility for them. Please read their privacy statements before visiting.

We may revise this policy from time to time. Updated versions are published on this page with an updated date at the top.

If changes materially affect the purposes of processing or the scope of sharing, we will notify you via your registered email or an in-app message.Continued use after publication of an update constitutes acceptance.If you disagree, please stop using the service and close your account.

For assistance, use any of the following channels: