Privacy Policy

Last updated: September 20, 2025

Audience AI ("Audience AI", "we", "us", or "our") helps people practice presentations with role-based AI questions, transcripts, and review tools (the "Service"). This Privacy Policy explains what we collect, how we use and share it, and the choices you have. If you do not agree, please do not use the Service.

1) What we collect

  • Account information. Name, email, password (hashed), plan, workspace/team settings, and support communications.
  • Presentation content. Files you upload (e.g., PDF decks), generated slide images/thumbnails, transcripts, questions, notes, and audio recordings from practice runs; associated metadata (timestamps, slide indices, language).
  • Usage & device data. Log data (IP address, user-agent, referrer, timestamps), product interaction events (e.g., feature usage), and diagnostic/performance metrics.
  • Cookies & similar tech. Essential cookies for session management and security; optional analytics cookies/tags where used.
  • Payment data. If you subscribe, our payment processor (e.g., Stripe) collects billing information. We receive limited billing metadata (plan, status) but not full card numbers.
  • Inferences. Basic inferences about usage patterns to improve onboarding and feature relevance (e.g., likely role presets you use most).

2) How we use information (purposes)

  • Operate the Service. Render slides; run Q&A agents; create transcripts & audio; store history; provide search and timeline features.
  • Security & abuse prevention. Authenticate, prevent fraud/abuse, protect against attacks, and enforce our Terms.
  • Improve & research. Debugging, analytics, A/B testing, and quality assurance to make the Service better for users.
  • Communications. Service-related emails (e.g., changes, security alerts) and product updates or tips; you can opt out of non-essential email.
  • Legal compliance. Comply with law, respond to lawful requests, and protect rights and safety.

3) AI processing & third-party providers

We use service providers (processors) such as cloud hosting, authentication, payments, analytics, and AI model providers (e.g., for question generation and transcription) under written agreements. By using the Service, you authorize us to process Your Content with those providers solely to deliver the Service.

  • Provider training. For our API-based AI providers (including OpenAI), we configure services so that content sent via API is not used to train their foundation models by default. Some providers allow customers to opt in to share inputs/outputs to improve their services. If we ever offer such an opt-in, we will present a clear choice in-product; no training use occurs unless you affirmatively opt in.
  • Retention by providers. Providers may retain limited logs for abuse detection, billing, or legal compliance for a short period; they process Your Content only to provide the contracted service to us.
  • Sub-processors list. We maintain a current list of sub-processors and will notify users of material changes where required. You may contact us to receive the latest list.

4) Sharing & disclosures

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share information only as follows:

  • Processors/service providers. Vendors that process data for us under contract (cloud hosting, storage, analytics, email, payments, AI/transcription).
  • Affiliates. Our corporate affiliates subject to this Policy.
  • Legal & safety. Disclosures to comply with law or protect rights, safety, and the integrity of the Service.
  • Business transfers. In a merger, acquisition, or asset sale, data may transfer subject to this Policy.
  • Aggregate/anonymous data. We may share non-identifiable statistics and insights.
  • You share. Content is private by default; you may share exports or links. Shared content is your responsibility.

5) Retention & deletion

We keep information only as long as necessary for the purposes above or as required by law. Default timelines:

Data typeDefault retentionNotes
Account profileLife of accountDeleted at account deletion, except minimal records kept for legal/finance.
Decks, recordings, transcriptsConfigurable; default 90 days after last activityYou can delete runs/decks anytime; org/workspace policy may override.
Logs & security telemetry30–180 daysFor security and abuse prevention.
Billing records3–7 yearsAs required for tax/accounting.
Backups30–90 daysImmutable backups age out on a rolling basis; we do not restore deleted accounts to production.

Self-serve deletion. You can delete your account and data in Settings. Deletion removes content from production systems and schedules it for purge from backups as they expire. We may retain minimal information required by law or to prevent fraud/abuse.

6) Security

We implement administrative, technical, and physical safeguards appropriate to the nature of the data, including encryption in transit and at rest, access controls, and auditing. No method of transmission or storage is 100% secure; we cannot guarantee absolute security. If we believe the security of your information has been compromised, we will take steps required by law to notify you.

7) International transfers

We may process and store information in the United States and other countries. Where applicable, we use appropriate safeguards for cross-border transfers (e.g., Standard Contractual Clauses for EEA/UK transfers).

8) Your choices & rights

  • Access/Update. Manage your profile and content in the app; contact us for other requests.
  • Delete. Use in-app deletion; see Retention & deletion above.
  • Marketing emails. Unsubscribe via the link in the message.
  • Cookies. Control cookies via your browser; essential cookies are required for login and security.

9) California privacy disclosures (CCPA/CPRA)

California residents have the right to request access, correction, deletion, and to limit the use of sensitive personal information. We do not sell or share personal information as those terms are defined by the CPRA. To exercise rights, please use our contact form or in-app controls. We will verify your request and respond as required by law. Authorized agents must provide proof of authorization.

10) EEA/UK GDPR disclosures

For users in the EEA/UK, Audience AI is the data controller for personal data processed through the Service.

  • Lawful bases. Contract (to provide the Service); Legitimate interests (to secure and improve the Service); Consent (for certain analytics/cookies and optional features); Legal obligation (for compliance).
  • Data subject rights. Access, rectification, erasure, restriction, objection, and portability. You may also lodge a complaint with your supervisory authority.
  • Transfers. Where applicable, we use SCCs or equivalent safeguards for transfers outside the EEA/UK.

11) Children

The Service is not directed to children under 13 (or the minimum age of digital consent in your jurisdiction). We do not knowingly collect data from children. If you believe a child has provided us personal data, please use our contact form and we will take appropriate action.

12) Cookies & analytics

We use essential cookies for authentication and security. Where used, we use privacy-respecting analytics (e.g., first-party or cookieless modes) to understand usage; you can opt out where applicable. Third-party analytics, if any, are configured to avoid building cross-site profiles.

13) Changes to this Policy

We may update this Policy from time to time. The “Last updated” date reflects the latest version. If changes materially affect your rights, we will notify you through the Service. Continued use after changes constitutes acceptance.

14) Contact

Questions or requests? Please use our contact form.

Summary: Your content stays private by default; we use it only to provide and improve the Service. You control deletion in-app. We don’t sell your data and don’t share it for cross-context behavioral advertising.