Privacy Policy

Last Updated: April 23, 2026

DeckFlow ("Company", "we", "us", or "our") is committed to protecting our customers' privacy. This Privacy Policy ("Policy") details how our services (including https://deckflow.com) collect, use, share, store, protect, or disclose your personal information or usage data.

Before using our platform services, please read and understand this Policy carefully. By accessing or using our services, you signify your agreement to the terms of this Privacy Policy.

1. Information We Collect

1.1 Information You Provide to Us:

  • Account Information: Including your username, email address, name, etc. This information helps us provide account management, security verification, and service updates.
  • Uploaded Content and Materials: Office documents, materials, and files (including but not limited to PPTX, PDF, Word, Excel, images, etc.) that you upload when using our various tools (such as generation, translation, processing, etc.).
  • Commands and Input Data: Text prompts, instructions, and feedback data you input when using AI features (such as presentation generation, document translation, document processing, etc.).
  • Communication Records: Feedback, order numbers, or other contact information provided when you contact our support team (support@deckflow.com).

1.2 Information Collected Automatically:

  • Technical Information: IP address, browser type, operating system version, referring URLs, etc.
  • Analytics and Tracking: We use analytics tools such as Google Analytics, GTM, and Bing Ads to collect your interaction data. This information helps us optimize service performance, troubleshoot issues, and continuously improve your overall user experience.

2. How We Use Your Information

We process your information for the following purposes:

  • Providing Core Features: Running presentation generation, document translations, and productivity widgets.
  • Account and Order Management: Managing your registration status, account settings, permission allocations, and subscription plans, and processing payments through third-party processors (such as Stripe, WeChat Pay, Alipay, etc.).
  • Fulfilling Contractual Obligations: Delivering the services you purchased, processing refund requests, issuing invoices, and providing necessary after-sales support.
  • Personalized Experience: Optimizing recommendations for toolsets based on your preferences.
  • Marketing and Communication: Sending you updates on new DeckFlow features, promotional offers, and industry news. If you prefer not to receive such information, you can opt-out at any time by contacting us at support@deckflow.com.
  • Security: Detecting and preventing fraud, unauthorized access, and other illegal activities.

3. Information Sharing and Disclosure

We do not profit from selling user information. However, we may share information with third parties under the following necessary circumstances:

  • Service Providers and Partners: We may share necessary information with third-party organizations that support our business operations. This includes service providers offering AI technical support, cloud storage, payment processing (such as Stripe, WeChat Pay, Alipay, etc.), and data analytics. We only share data to the extent necessary to perform specific functions.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred as a business asset, provided the receiving party continues to comply with this Privacy Policy.
  • Legal Requirements: To comply with legal processes, court orders, government requests, or to protect the legitimate rights and interests of our Company.

4. Data Storage, Transfer, and Security

  • Data Location and Cross-Border Transfers: Our service servers are primarily located in the United States or other secure cloud service centers. If you access our services from outside these regions, your information may be transferred to and processed in the locations where the servers reside. We comply with data protection regulations of relevant regions (such as EU GDPR, California CCPA, etc.) to ensure adequate lawful protections are in place during such cross-border transfers.
  • Security Measures: We use industry-standard SSL/TLS encryption to protect data in transit and securely encrypt sensitive information at rest. Furthermore, we conduct regular internal security audits and policy assessments, patching potential vulnerabilities promptly to prevent unauthorized access, disclosure, or alteration as much as possible. While no method of transmission over the internet is 100% secure, we remain continuously committed to safeguarding your data.
  • Data Retention: We will only retain your personal information for as long as necessary to provide our services to you or to fulfill our legal obligations.

5. Additional Regional Disclosures (GDPR & CCPA)

5.1 GDPR Disclosures (For EU and UK Residents)

5.1.1 Legal Basis for Processing
If you are located in the European Union or the United Kingdom, we process your personal data based on the following legal bases:

  • Performance of a Contract: Processing is necessary to provide the AI generation, translation, and document processing services you requested under our service agreement.
  • Your Consent: When you have explicitly granted consent during registration, subscription, or when enabling specific features.
  • Legitimate Interests: To improve product performance, ensure network security, conduct necessary business analytics, and operate our legitimate business activities.
  • Legal Obligations: To comply with applicable laws, regulations, or legitimate administrative requests from governmental authorities.

5.1.2 Your GDPR Rights
As an EU/UK resident, you have the following rights:

  • Right of Access: To request a copy of the personal data we hold about you.
  • Right to Rectification: To request correction of inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"): To request the deletion of your personal data under certain conditions (e.g., termination of service or when data is no longer necessary).
  • Right to Restriction of Processing: To request a pause in processing your data under specific scenarios (e.g., when data accuracy is contested).
  • Right to Data Portability: To receive your data in a structured, machine-readable format, and have it transferred to another service provider.
  • Right to Object: To object to the processing of your data when we rely on "legitimate interests" as our legal basis.
  • Right to Withdraw Consent: To withdraw your previously granted consent at any time (this does not affect the lawfulness of processing based on consent before its withdrawal).

5.2 CCPA Disclosures (For California Residents)

5.2.1 Sources of Personal Information
We collect information from California residents through the following channels:

  • Direct Sources: Information you actively provide when registering an account, filling out forms, or uploading content.
  • Interactive Sources: Your browsing and click interaction behavior while using our services.
  • Automated Collection: Automatically acquired through technologies such as cookies, pixel tags, or device IDs.

5.2.2 Your CCPA Rights
As a California resident, you have the following rights:

  • Right to Know: To know the categories of information we have collected, the sources, the purposes of use, and with whom it has been shared.
  • Right to Delete: To request the deletion of your personal information (subject to statutory exceptions).
  • Right to Opt-Out of Sale / Sharing: DeckFlow's business model does not involve selling user data. We do not, and have not in the preceding 12 months, "sold" or "shared" your personal information with any third party for cross-context behavioral advertising.
  • Right to Non-Discrimination: You will not receive discriminatory treatment for exercising the aforementioned rights (e.g., price increases or service degradation).

To exercise any of the rights described above, please contact us at support@deckflow.com.

Our website may contain links to other websites. We assume no responsibility for their privacy practices and encourage you to review the privacy statements of these third-party websites.

7. Children's Privacy

Our services are not directed to children under the age of 13 (or other legal age of majority as required by your local laws). We do not knowingly collect personal information from minors. If we discover that we have inadvertently collected information from a minor, we will take reasonable steps to delete such data as quickly as possible. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us.

8. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business or legal environment. Any updates will be posted on this page, and we will update the "Last Updated" date at the top of the policy. For material changes, we may provide a more prominent notice through the email you provided or within the platform. We encourage you to review this Policy periodically to stay informed about our latest privacy practices.

9. Contact Us

DeckFlow Team Official Email: support@deckflow.com

Copyright © 2026 DeckFlow Inc. All Rights Reserved.