Privacy Policy

Last updated: 19 April 2026

This Privacy Policy describes how CueSlide ("we," "us") collects, uses, and shares your personal information when you use our Service. We take privacy seriously — your slides and scripts are yours, and we process only what we need to run the Service.

1. Information we collect

We collect the following categories of information:

Account information: email address, password (hashed — we never see your plain-text password), plan (Free, Solo, Pro, Team), account creation date.
Content you upload: slide images, per-slide scripts, speaker notes, project names. This content is stored encrypted at rest.
Billing information: processed entirely by Stripe. We receive a Stripe customer ID, subscription status, and period end date — but we never see or store your full card number or CVC.
Usage metadata: slide-change timestamps, voice-tracking on/off status, per-slide duration (for your own debriefs). Stored with your account, never aggregated or shared.
Technical data: IP address, browser type, language. Used only for security, debugging, and abuse prevention.

We do not track you across other websites, run third-party advertising pixels, or use your content to train AI models.

2. Voice tracking and audio

Voice tracking uses your browser's Web Speech API. When you enable it, your voice audio is sent by your browser to a third-party speech-recognition service (on Chrome and Edge, this is Google; on Safari, Apple). CueSlide never sees or stores the audio — only the transcribed words, briefly, to advance the teleprompter.

Voice tracking is off by default. You enable it explicitly by clicking the microphone button or pressing M.

3. How we use information

To provide the Service (store your projects, sync across your devices, let you share audience URLs);
To process payments and manage subscriptions;
To communicate with you about your account (transactional emails — confirmations, password resets, billing receipts);
To detect and prevent abuse, fraud, and security incidents.

4. Third-party processors

We use the following third-party services to run CueSlide:

Processor	Purpose	Region
Supabase	Database, authentication, file storage	US East
Vercel	Web hosting, edge delivery	Global CDN
Stripe	Payment processing, subscription billing	Global
Resend	Transactional email delivery	EU (Ireland)
Cloudflare	DNS, domain	Global
Google Web Speech API	Voice-to-text (only when you enable voice tracking on Chrome/Edge)	Per Google's policies
Apple Speech Recognition	Voice-to-text (only when you enable voice tracking on Safari)	Per Apple's policies

Each processor has its own privacy practices. If you want a Data Processing Agreement, email hello@cueslide.com.

5. International transfers

Some of our processors (e.g. Supabase US East) are based outside the European Economic Area. When your data moves to these providers, we rely on Standard Contractual Clauses and the vendors' own compliance frameworks.

6. Data retention

Account data is retained as long as your account is active.
When you delete your account, we delete your content (projects, slides, scripts) within 30 days.
Billing records are retained for 7 years for tax and accounting compliance.
Server logs are retained for up to 90 days.

7. Your rights (GDPR / UK GDPR)

If you're in the UK or EU, you have the right to:

Access — get a copy of the data we hold about you;
Rectify — correct inaccurate data;
Erase — delete your account and data;
Port — export your projects in a portable format;
Object — opt out of processing where we rely on legitimate interest;
Complain — lodge a complaint with your local data-protection authority (UK ICO, or your country's equivalent).

To exercise any of these rights, email hello@cueslide.com. We respond within 30 days.

8. Cookies and local storage

CueSlide uses a small number of essential cookies and browser-local storage items, all necessary for the Service to function:

Supabase authentication session tokens (so you stay logged in);
IndexedDB for autosaving your current session locally (offline resilience);
Stripe session cookies during checkout (set by Stripe, not us).

We don't use marketing, tracking, or advertising cookies.

9. Children's privacy

CueSlide isn't intended for users under 16. We don't knowingly collect personal data from children. If you believe a child has created an account, contact us and we'll delete it.

10. Security

We use industry-standard security practices: HTTPS/TLS encryption in transit, encryption at rest, row-level security in our database, and limited employee access to production systems. No service can guarantee 100% security — if you believe your account has been compromised, email us immediately.

11. Changes to this policy

We'll update this policy as the Service evolves. For material changes, we'll notify you by email at least 14 days before they take effect. The "Last updated" date at the top always reflects the current version.

12. Contact

For any privacy-related question, email hello@cueslide.com.