Legal
Privacy Policy
Last updated: 2026-05-17 (GA release)
Data we collect
We collect the contents of your brief (voice transcripts, SMS, email, web form), the resulting deck files, and standard product telemetry (page views, request IDs). We use these to generate your decks and to improve the service.
How long we keep it
Drafts: 30 days. Delivered decks: until you delete them. You can request deletion at any time from /app/settings; the delete request kicks off a 24-hour grace window before the GDPR cascade runs (per Article 17 — Right to erasure).
Data subject access requests
You can request a copy of every record we hold about you via POST /api/v1/me/export (rate-limited to once per 24 hours). The export ships as a signed ZIP link emailed within 15 minutes.
Third-party processors
Anthropic (deck generation), Clerk (sign-in), Stripe (payments), Twilio (SMS), Postmark (email), Cloudflare (CDN/edge), Fly.io (compute), Neon (Postgres), Tigris (object storage). Each processor has a signed DPA on file; subprocessor list at /dpa#subprocessors.
International transfers
Customer data is stored in US-east AWS regions (via Neon + Tigris). EU customers can opt-in to EU-region storage from their settings page; the migration completes within 7 days.
Contact
Questions or complaints? Email privacy@deckserv.co. You can also reach our Data Protection Officer at dpo@deckserv.co for EU-related inquiries.