Background

Privacy Policy

Effective Date: April 9, 2026

This Privacy Policy explains how DeckAI Inc. (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with (a) the website located at griddtemplates.com (the “Site”), and (b) the Gridd Templates product, including the PowerPoint add-in and related digital assets (the “Product”).

This Privacy Policy describes how we handle your information when you use the Site or Product. Where we rely on your consent as a legal basis for processing, we will obtain that consent separately (for example, through a cookie banner or marketing opt-in). This Privacy Policy does not itself create a contractual obligation on your part.

1) The short version

  • We collect telemetry and diagnostic information about how the Product performs and is used (for example, feature usage, errors, and performance metrics).
  • We collect order and contact information (such as your email and purchase details) to deliver the Product, provide support, and administer licensing.
  • We collect website analytics information when you browse the Site, subject to your cookie preferences.
  • We do not collect the content of your slides (including text, tables, shapes, speaker notes, images, or any other user-provided presentation content) through Product telemetry.
  • We do not use telemetry or diagnostic data to train machine learning or AI models. Product telemetry is used solely for the purposes described in Section 3 (bug fixes, performance, product improvement, and security).

2) Information we collect

A) Information you provide to us

We collect information you provide directly, such as:

  • Purchase and fulfillment data: name (if provided), email address, billing details and purchase metadata (plan, seats, timestamps, transaction identifiers).
  • Email marketing opt-in: if you opt in, we store your email address and preferences for marketing and onboarding communications.
  • Support communications: the content of emails or messages you send to us (e.g., refund requests, troubleshooting details), including attachments you choose to share.

Important: If you email us a slide deck or screenshots for support, we will have access to the content you send us. We recommend sending minimal examples whenever possible. We delete support attachments within 90 days of resolving the relevant support ticket, unless you ask us to retain them or we are required to do so for legal reasons.

B) Product telemetry and diagnostics (Add-in)

The Product may collect and send to us:

  • Product usage telemetry: which features are used, frequency of actions, UI events, button/menu interactions, and configuration choices.
  • Performance telemetry: timing metrics, resource usage, and responsiveness signals.
  • Crash reports: error data sent for diagnostics, including error message, code, stack traces and environment information such as device type, model, browser agent.

What we do not collect via telemetry: We do not collect the content you place into slides—such as slide text, charts, speaker notes, images—through Product telemetry.

No AI/ML training: We do not use Product telemetry or diagnostic data to train, fine-tune, or improve machine learning models, generative AI systems, or any automated decision-making tools. Telemetry is used solely for product improvement, bug fixing, performance analysis, and security as described in Section 3.

C) Website analytics and cookies

When you visit the Site, we (and service providers acting on our behalf) may collect:

  • Log and device data: IP address, browser type, device type, operating system, referring URLs, pages viewed, timestamps, and clickstream data.
  • Cookie and similar tracking data: used to operate the Site, remember preferences, measure traffic, evaluate marketing performance, and improve the Site.

Cookie consent: When you first visit the Site, we present a cookie consent banner. Strictly necessary cookies (required for the Site to function) are set without consent. Analytics, marketing, and other non-essential cookies are set only after you provide affirmative consent through the banner. You may change your preferences at any time via the “Cookie Settings” link in the Site footer. For details on specific cookies, their purposes, and durations, see our Cookie Policy at griddtemplates.com/cookies.

3) How we use information

We use information for the following purposes:

A) Information you provide us

  • Purchase fulfillment – we process purchases to administer and deliver Product, deliver download links to purchased digital goods, provide licensing and seat administration.
    • Transactional communications sent using collected email address, e.g. receipts, download instructions, license/admin notices and support replies.
    • Onboarding communications: we send a short sequence of emails after download intended to help you install, learn, and get value from the Product.
  • Email marketing opt-in we send digital marketing emails about our own offerings if you opt-in, or where otherwise permitted by law.

Information we collect through Product telemetry

  • Product usage telemetry:we analyze these events to understand feature usage, to prioritize future development and to design new features into Product.
  • Crash reports:we analyze these events to proactively understand issues, to fix bugs and issues, to improve performance of the Product.

Information we collect through Site analytics

  • Log and device data:we analyze this data to understand user device composition accessing our site in order to improve experience, stability and performance.
  • Cookie and similar tracking data:we use to operate the Site, remember personal preferences, measure traffic (returning users, without de-anonymization), evaluate marketing performance on campaigns and to improve the Site.

You can opt out of marketing and onboarding emails at any time using the unsubscribe link in those emails. Transactional emails may still be sent when necessary.

4) Legal bases for processing (EEA/UK users)

If you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), we process your personal data on the following legal bases:

Processing activity Legal basis Details
Purchase fulfillment, licensing, transactional emails Contractual necessity Required to perform the contract (EULA) with you
Product telemetry, diagnostics, bug fixes, performance improvement Legitimate interest Maintaining and improving the Product; you may object (see Section 9)
Security, fraud prevention, license enforcement Legitimate interest Protecting Company, users, and the Product
Analytics cookies and marketing cookies Consent Set only after affirmative consent via cookie banner
Marketing emails Consent Only with your opt-in; withdrawable at any time
Onboarding emails Legitimate interest Helping you get value from a recent purchase; you may unsubscribe
Legal compliance (tax records, legal requests) Legal obligation Required by applicable law

Where we rely on legitimate interest, we have conducted balancing assessments and concluded that our interests do not override your rights. You may request a copy of these assessments by contacting us.

5) How we share information

A) Service providers

We share information with a list of vendors acting as sub-processors to help us run the business with various services outsourced.

Google Analytics

Used for product telemetry, diagnostics, and website analytics. We collect the following automatic events:

  • Page visits – for both Product and Site, records channel, source, device, and additional non-personal information to analyze user mix and improve experience.
  • Page scrolls – for Product and Site.
  • Page navigations – for Product, equivalent to a page visit. For Site, tracks each page served to the same anonymized user to build funnel analytics.

We also collect two custom events:

  • Typed and deleted character counts – to measure engagement with the Product.
  • Button and link clicks without navigation events – to measure engagement with Product features.

Google partner sites policy  |  Google data retention policy
Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Contact Google and their data protection office

Sentry (crash reports)

Privacy policy  |  GDPR contact
Data controller: Functional Software, Inc. d/b/a Sentry, 45 Fremont Street, 8th Floor, San Francisco, CA 94105.
EU representative: Sentry Software Netherlands B.V., Schiphol Boulevard 359, 1118 BJ, Amsterdam Schiphol, Netherlands. Contact: compliance@sentry.io

Webflow (web hosting)

Privacy policy
Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103. Contact: privacy@webflow.com

MailChimp (marketing emails)

Legal  |  Intuit privacy statement  |  Data processing addendum

Outseta (CRM)

Privacy policy
Contact: dimitris(at)outseta.com

Zapier (integrator)

We use Zapier to sync email addresses and names of prospects and customers between Webflow, MailChimp, and Outseta.

Data privacy  |  Partner portal privacy

Stripe (payment provider)

Privacy policy
Stripe, LLC, 354 Oyster Point Boulevard, South San Francisco, CA 94080, USA. Attention: Stripe Legal.
Stripe Technology Company Limited, One Wilton Park, Wilton Place, Dublin 2, D02 FX04, Ireland. Attention: Stripe Legal.

Microsoft (Azure, Clarity, Outlook)

  • Microsoft Clarity – We process recordings and playbacks of Product and Site usage. For the Product, we do not collect textual content.
  • Microsoft Azure – We process no user data here for the Product; it is used only to serve static files.
  • Microsoft Outlook – We process support communications content to resolve troubleshooting requests.

Privacy statement  |  Clarity data  |  Clarity data retention
Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. Tel: +1 (425) 882 8080.
Microsoft Ireland Operations Limited, Attn: Data Protection Officer, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Tel: +353 1 706 3117.

B) Legal and safety

We may disclose information if we believe it is reasonably necessary to:

  • comply with applicable law, regulation, legal process, or governmental request;
  • enforce our terms and policies;
  • protect the rights, property, and safety of Company, our users, or the public.

C) Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction. We will provide notice before personal information becomes subject to a different privacy policy.

D) Aggregated / de-identified data

We may share aggregated or de-identified information that cannot reasonably be used to identify you. When we de-identify data, we implement safeguards and prohibit recipients from attempting re-identification.

6) Data retention

We retain information for the following periods:

Data category Retention period Reason
Purchase and billing records 7 years from purchase Tax and legal compliance
Account/license data Duration of license + 1 year License administration and support
Product telemetry and diagnostics 18 months from collection Product improvement and stability analysis
Support communications 1 year from ticket resolution Quality assurance and dispute resolution
Support attachments (files, screenshots) 90 days from ticket resolution Troubleshooting; minimized per data minimization
Marketing/onboarding email records Until unsubscribe + 30 days Honoring opt-out preferences
Website analytics / cookies Up to 26 months (see Cookie Policy) Site performance and improvement
Server logs (IP, access logs) 90 days Security monitoring

After the applicable retention period, data is deleted or irreversibly de-identified.

7) Security

We use reasonable administrative, technical, and organizational measures designed to protect information. However, no method of transmission or storage is completely secure.

8) International transfers

If you access the Site or Product from outside the United States, your information may be processed and stored in the United States or other locations.

For transfers of personal data from the EEA or UK, we rely on Standard Contractual Clauses and appropriate safeguards.

9) Your choices and rights

A) All users

  • Marketing and onboarding emails: You can unsubscribe at any time.
  • Cookie preferences: You can change preferences via the “Cookie Settings” link in the Site footer.

B) EEA and UK residents

You have rights under GDPR and UK GDPR, including access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

You also have the right to lodge a complaint with your local supervisory authority.

C) California residents (CCPA/CPRA)

We do not sell or share personal information for cross-context behavioral advertising.

You have rights to know, delete, correct, and not be discriminated against for exercising your rights.

D) Other US state privacy laws

Residents of certain states may have similar rights under applicable law.

E) How to exercise your rights

To exercise your rights, contact us at contact@griddapp.com. We will verify your identity and respond within the timeframe required by law.

10) Children’s privacy

The Site and Product are not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children.

11) Third-party links and services

The Site may contain links to third-party websites. This Policy does not apply to third-party practices.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified as required by law.

13) Contact us and privacy representative

General privacy inquiries: contact@griddapp.com

Company: DeckAI Inc.

Address: 2810 N Church St Num 740804, Wilmington, DE, 19802

EU/EEA representative (GDPR Article 27): Sandor Nagy, contact@griddapp.com,Viziorgona utca 6, P.O.B. 7, 1310, Budapest, Hungary

If you are in the EEA or UK and believe we have not adequately addressed your privacy concern, you have the right to lodge a complaint with your local data protection supervisory authority.