the short version

we collect minimal data to provide you with presentation analysis. your uploaded PDF is stored encrypted at rest in our database for the sole purpose of providing the service—this allows us to process your presentation and lets you access your analyses later. your analysis results are also stored encrypted. we track: token count (to understand costs), file size, errors (for bug fixing), and usage count. your content is never used for training AI models. we have contractual agreements with all our AI providers that guarantee this.

what we actually store

we're serious about minimal data collection. here's exactly what we store:

• account information: email address and encrypted password (if you sign up)
• your uploaded PDFs: stored encrypted at rest in our database solely to provide the analysis service. this allows us to process your presentation and generate feedback. your PDF is never shared with third parties except our AI providers for processing (see below).
• encrypted analysis results: your AI-generated feedback and analysis, stored encrypted so we cannot read it. this lets you access your past analyses anytime.
• token count: how many tokens each analysis used (helps us understand if we're losing money)
• file size: size of uploaded PDFs in bytes
• error logs: any errors that occur during processing (for debugging and fixing bugs)
• usage count: number of times you've used the service
• payment records: processed through Stripe (we never see your card details)
• presentation hash: a unique identifier generated from your presentation thatallows you to always run the same presentation through our system

what we do NOT store or do

this is important:

• unencrypted content: both your uploaded PDFs and analysis results are stored encrypted at rest. we cannot access your presentation content or analysis results in plaintext.
• your card details: payment processing is handled entirely by Stripe. we never see or store your credit card information.
• marketing data: we don't track your browsing behavior, build user profiles for advertising, or share your information with ad networks.
• sell or share your data: we never sell your data or share it for advertising purposes. your presentations are only shared with AI providers to generate your analysis.

how we use your data

the data we collect is used solely to provide the service:

• store your PDFs encrypted to process and generate AI-powered feedback
• send your presentation content to our AI providers for analysis
• store your analysis results so you can access them anytime
• authenticate your account and process payments
• monitor token usage and costs (so we can keep running)
• fix bugs using error logs
• send critical account updates only (no marketing spam)

we do not: sell your data, use your presentations to train AI models, share your content with anyone except AI providers for processing, or send marketing emails.

data retention

uploaded PDFs: stored encrypted at rest in our database while your account is active. we retain PDFs to provide the service and allow you to re-run analyses. delete your account and we delete all your PDFs within 30 days.

encrypted analysis results: stored encrypted in our database indefinitely so you can access your past analyses anytime. we cannot read this encrypted data. delete your account and we delete everything within 30 days.

metadata (token count, file size, usage count): retained indefinitely for cost analysis and service improvement.

error logs: retained for up to 90 days for debugging, then deleted.

account data: retained while your account is active. delete your account and we delete everything within 30 days.

AI model providers & training guarantees

we use industry-leading AI models to analyze your presentations. we have contractual agreements with all our AI providers that explicitly prohibit using your data for model training.

when you request an analysis, your PDF content is sent to our AI providers for processing. the models analyze it and return feedback. your content never enters their training pipelines—this is guaranteed by our API agreements with each provider. the AI providers process your data solely to provide the service and do not retain it for their own purposes.

other third-party services

we use these services to operate perfectit.ai:

• Supabase: database, file storage, and authentication. your PDFs and analysis results are stored encrypted at rest. SOC 2 Type II certified.
• Stripe: payment processing. we never see or store your card details.
• Vercel: application hosting with enterprise-grade security.
• PostHog: product analytics to understand how users interact with our service. we track anonymous usage patterns to improve the product. no presentation content is shared with PostHog.

security

we use industry-standard security measures including:

• encryption in transit: all data transferred using TLS/SSL
• encryption at rest: your PDFs and analysis results are encrypted in our database
• secure authentication: passwords hashed with bcrypt
• access controls: role-based access and row-level security in our database

no system is 100% secure, but we take security seriously and follow best practices.

your rights

you have the right to:

• access all data we have about you
• request corrections to your data
• delete your account and all associated data
• export your analysis results
• opt out of non-essential emails

to exercise these rights, email us at privacy@perfectit.ai

cookies

we use essential cookies for authentication and session management. we don't use tracking cookies or third-party advertising cookies. you can disable cookies in your browser, but some features may not work.

children's privacy

perfectit.ai is not intended for users under 18. we don't knowingly collect data from children. if you're a parent and believe your child has used our service, contact us and we'll delete their data.

changes to this policy

we may update this privacy policy occasionally. if we make significant changes, we'll notify you via email or a notice on our site. continued use after changes means you accept the updated policy.

GDPR & international users

if you're in the EU, you have additional rights under GDPR including data portability, right to be forgotten, and right to restrict processing. we comply with GDPR requirements for EU users.