Back

Privacy Policy

Last updated: April 2026

This Privacy Policy describes how Presentable ("we," "us," or "our") processes personal data when you use the Presentable PowerPoint add-in and related backend services (the "Service").

1. What We Collect

Account credentials. Your username and password, which you provide when creating an account. Passwords are stored in hashed form on our servers. We use these to authenticate you and manage your access to the Service.

Thread history. When you use the Service, the text, shapes, charts, and other content from your PowerPoint slides is sent to our backend server to process your request. We retain the full conversation thread — including your messages and the AI-generated responses — for 30 days on our servers so that you can return to and continue previous conversations. After 30 days, thread history is automatically deleted.

Authentication tokens. A JSON Web Token (JWT) is stored locally on your device to maintain your session. This token is not shared with any third party.

2. How We Use Your Data

  • To provide the Service — processing your requests, generating and applying slide edits, and returning results to PowerPoint.
  • To authenticate you — verifying your identity when you sign in.
  • To maintain security — detecting unauthorized access and protecting the integrity of the Service.

We do not use your data for marketing, profiling, analytics, or advertising. We do not train any AI models on your data.

3. Third-Party Processing

Your slide content and conversation messages are sent to the Anthropic API (Anthropic PBC, San Francisco, USA) to generate AI responses. Anthropic does not use API inputs or outputs for model training. However, Anthropic retains API inputs and outputs for up to 30 days for trust and safety purposes, including detecting fraud and enforcing their usage policies. Data flagged for potential policy violations may be retained for up to 2 years. For details, see Anthropic's Commercial Terms.

Because data transits through a US-based processor, this constitutes an international data transfer under GDPR. The transfer is covered by Anthropic's Data Processing Addendum and standard contractual clauses (SCCs) pursuant to Article 46 of the GDPR.

We do not use any other third-party processors. No analytics services, no cookie providers, no advertising networks.

4. The Microsoft Office Platform

Presentable operates as a third-party add-in within Microsoft Office. Microsoft may independently collect telemetry and usage data through the Office platform in accordance with its own privacy terms. We do not control or have access to data collected by Microsoft. Your relationship with Microsoft and the data it processes is governed by the Microsoft Privacy Statement.

5. Where Your Data Is Stored

Our backend server is hosted in the European Union (Hetzner, Germany). Your account credentials and thread history are stored there. Thread history is retained for 30 days to allow you to access previous conversations, then automatically deleted.

6. How Long We Keep Your Data

  • Account credentials — retained for as long as your account is active. Deleted upon account deletion request.
  • Thread history — your conversation messages, slide content, and AI responses are retained on our servers for 30 days, then automatically deleted. You may request earlier deletion by contacting us.
  • Anthropic retention — API inputs and outputs are retained by Anthropic for up to 30 days for trust and safety purposes. Flagged data may be retained for up to 2 years.
  • JWT tokens — stored on your device and expire automatically. Cleared when you sign out.

7. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and no later than 72 hours after becoming aware of the breach, as required by GDPR Article 33. Where the breach is likely to result in a high risk, we will also notify affected users directly.

8. Legal Basis (GDPR Article 6)

  • Contract (Art. 6(1)(b)). Processing your account credentials and slide content is necessary to provide the Service you requested.
  • Legitimate interest (Art. 6(1)(f)). Maintaining the security of the Service and detecting unauthorized access.

9. Your Rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you (Art. 15)
  • Correct inaccurate data (Art. 16)
  • Delete your account and associated data (Art. 17)
  • Restrict processing in certain circumstances, such as while we verify a correction request or assess an objection (Art. 18)
  • Object to processing based on legitimate interest (Art. 21)
  • Data portability — receive your data in a structured, commonly used, machine-readable format (Art. 20)
  • Lodge a complaint with your local supervisory authority (Art. 77)

To exercise any of these rights, contact privacy@presentable.so. We will respond within one month as required by GDPR Article 12(3).

10. Children

The Service is not directed to individuals under the age of 16. We do not knowingly process personal data of children. If you believe a child has provided us with personal data, contact privacy@presentable.so and we will delete it promptly.

11. Changes

We may update this Privacy Policy to reflect changes in the Service or applicable law. Material changes will be communicated through the Service with a revised effective date.

12. Contact

Presentable
Klostergade 56b, 2., 8000 Aarhus C, Denmark
Email: privacy@presentable.so

We have not designated a Data Protection Officer. For data protection inquiries, contact privacy@presentable.so.

Privacy · Terms