Privacy Policy — Gridd — Slide Production System

This Privacy Policy explains how DeckAI Inc. (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with (a) the website located at griddtemplates.com (the “Site”), and (b) the Gridd Templates product, including the PowerPoint add-in and related digital assets (the “Product”).

This Privacy Policy describes how we handle your information when you use the Site or Product. Where we rely on your consent as a legal basis for processing, we will obtain that consent separately (for example, through a cookie banner or marketing opt-in). This Privacy Policy does not itself create a contractual obligation on your part.

1) The short version

We collect telemetry and diagnostic information about how the Product performs and is used (for example, feature usage, errors, and performance metrics).
We collect order and contact information (such as your email and purchase details) to deliver the Product, provide support, and administer licensing.
We collect website analytics information when you browse the Site, subject to your cookie preferences.
We do not collect the content of your slides (including text, tables, shapes, speaker notes, images, or any other user-provided presentation content) through Product telemetry.
We do not use telemetry or diagnostic data to train machine learning or AI models. Product telemetry is used solely for the purposes described in Section 3 (bug fixes, performance, product improvement, and security).

2) Information we collect

A) Information you provide to us

We collect information you provide directly, such as:

Purchase and fulfillment data: name (if provided), email address, billing details (processed by our payment processor), and purchase metadata (plan, seats, timestamps, transaction identifiers).
Email marketing opt-in: if you opt in, we store your email address and preferences for marketing and onboarding communications.
Support communications: the content of emails or messages you send to us (e.g., refund requests, troubleshooting details), including attachments you choose to share.

Important: If you email us a slide deck or screenshots for support, we will have access to the content you send us. We recommend sending minimal examples whenever possible. We delete support attachments within 90 days of resolving the relevant support ticket, unless you ask us to retain them or we are required to do so for legal reasons.

B) Product telemetry and diagnostics (Add-in)

The Product may collect and send to us:

Usage telemetry: which features are used, frequency of actions, UI events, button/menu interactions, and configuration choices.
Performance telemetry: timing metrics, resource usage, and responsiveness signals.
Diagnostics and error data: crash reports, error codes, stack traces, and logs used for troubleshooting and reliability.
Device and environment information: operating system version, PowerPoint version, add-in version, locale/language, and an installation identifier (a randomly generated token stored locally on your device, which you may reset by reinstalling the Add-in; it is not derived from hardware fingerprinting).
License/activation signals: information required to validate seat usage and prevent abuse (e.g., activation status and related identifiers).

What we do not collect via telemetry: We do not collect the content you place into slides—such as slide text, charts, speaker notes, images—through Product telemetry.

No AI/ML training: We do not use Product telemetry or diagnostic data to train, fine-tune, or improve machine learning models, generative AI systems, or any automated decision-making tools. Telemetry is used solely for product improvement, bug fixing, performance analysis, and security as described in Section 3.

C) Website analytics and cookies

When you visit the Site, we (and service providers acting on our behalf) may collect:

Log and device data: IP address, browser type, device type, operating system, referring URLs, pages viewed, timestamps, and clickstream data.
Cookie and similar tracking data: used to operate the Site, remember preferences, measure traffic, evaluate marketing performance, and improve the Site.

Cookie consent: When you first visit the Site, we present a cookie consent banner. Strictly necessary cookies (required for the Site to function) are set without consent. Analytics, marketing, and other non-essential cookies are set only after you provide affirmative consent through the banner. You may change your preferences at any time via the “Cookie Settings” link in the Site footer. For details on specific cookies, their purposes, and durations, see our Cookie Policy at griddtemplates.com/cookies.

3) How we use information

We use information for the following purposes:

Product delivery and administration: processing purchases, delivering download links, providing licensing and seat administration.
Support and troubleshooting: responding to inquiries, diagnosing issues, and improving stability.
Product improvement: understanding feature usage, fixing bugs, improving performance, and making Minor Releases.
Security and abuse prevention: protecting against fraud, license abuse, and malicious activity.
Website operations and analytics: maintaining the Site, measuring usage, and improving conversion and content.
Communications:
- Transactional communications (e.g., receipts, download instructions, license/admin notices, support replies);
- Onboarding communications (a short sequence of emails after download intended to help you install, learn, and get value from the Product); and
- Marketing communications (if you opt in, or where otherwise permitted by law).

You can opt out of marketing and onboarding emails at any time using the unsubscribe link in those emails. Transactional emails may still be sent when necessary.

4) Legal bases for processing (EEA/UK users)

If you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), we process your personal data on the following legal bases:

Processing activity	Legal basis	Details
Purchase fulfillment, licensing, transactional emails	Contractual necessity	Required to perform the contract (EULA) with you
Product telemetry, diagnostics, bug fixes, performance improvement	Legitimate interest	Maintaining and improving the Product; you may object (see Section 9)
Security, fraud prevention, license enforcement	Legitimate interest	Protecting Company, users, and the Product
Analytics cookies and marketing cookies	Consent	Set only after affirmative consent via cookie banner
Marketing emails	Consent	Only with your opt-in; withdrawable at any time
Onboarding emails	Legitimate interest	Helping you get value from a recent purchase; you may unsubscribe
Legal compliance (tax records, legal requests)	Legal obligation	Required by applicable law

Where we rely on legitimate interest, we have conducted balancing assessments and concluded that our interests do not override your rights. You may request a copy of these assessments by contacting us.

5) How we share information

A) Service providers

We share information with vendors that help us run the business, such as:

payment processors;
email delivery and marketing providers;
website analytics providers;
error reporting/logging and telemetry providers;
hosting and infrastructure providers;
customer support tools.

These vendors may process information only as needed to provide services to us and are contractually required to protect it.

B) Legal and safety

We may disclose information if we believe it is reasonably necessary to:

comply with applicable law, regulation, legal process, or governmental request;
enforce our terms and policies;
protect the rights, property, and safety of Company, our users, or the public.

C) Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction. We will provide notice before personal information becomes subject to a different privacy policy.

D) Aggregated / de-identified data

We may share aggregated or de-identified information that cannot reasonably be used to identify you. When we de-identify data, we implement safeguards and prohibit recipients from attempting re-identification.

6) Data retention

We retain information for the following periods:

Data category	Retention period	Reason
Purchase and billing records	7 years from purchase	Tax and legal compliance
Account/license data	Duration of license + 1 year	License administration and support
Product telemetry and diagnostics	18 months from collection	Product improvement and stability analysis
Support communications	3 years from ticket resolution	Quality assurance and dispute resolution
Support attachments (files, screenshots)	90 days from ticket resolution	Troubleshooting; minimized per data minimization
Marketing/onboarding email records	Until unsubscribe + 30 days	Honoring opt-out preferences
Website analytics / cookies	Up to 26 months (see Cookie Policy)	Site performance and improvement
Server logs (IP, access logs)	90 days	Security monitoring

After the applicable retention period, data is deleted or irreversibly de-identified.

7) Security

We use reasonable administrative, technical, and organizational measures designed to protect information. However, no method of transmission or storage is completely secure.

8) International transfers

If you access the Site or Product from outside the United States, your information may be processed and stored in the United States or other locations.

For transfers of personal data from the EEA or UK, we rely on Standard Contractual Clauses and appropriate safeguards.

9) Your choices and rights

A) All users

Marketing and onboarding emails: You can unsubscribe at any time.
Cookie preferences: You can change preferences via the “Cookie Settings” link in the Site footer.

B) EEA and UK residents

You have rights under GDPR and UK GDPR, including access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

You also have the right to lodge a complaint with your local supervisory authority.

C) California residents (CCPA/CPRA)

We do not sell or share personal information for cross-context behavioral advertising.

You have rights to know, delete, correct, and not be discriminated against for exercising your rights.

D) Other US state privacy laws

Residents of certain states may have similar rights under applicable law.

E) How to exercise your rights

To exercise your rights, contact us at contact@griddapp.com. We will verify your identity and respond within the timeframe required by law.

10) Children’s privacy

The Site and Product are not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children.

11) Third-party links and services

The Site may contain links to third-party websites. This Policy does not apply to third-party practices.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified as required by law.

13) Contact us and privacy representative

General privacy inquiries: contact@griddapp.com

Company: DeckAI Inc.

Address: 2810 N Church St Num 740804, Wilmington, DE, 19802

EU/EEA representative (GDPR Article 27): [Insert name and address of your EU representative, or state that one is not required if you have determined you are exempt under Article 27(2)]

UK representative (UK GDPR Article 27): [Insert name and address of your UK representative, or state that one is not required if exempt]

If you are in the EEA or UK and believe we have not adequately addressed your privacy concern, you have the right to lodge a complaint with your local data protection supervisory authority.