Legal Center

Privacy Policy

We believe privacy is a fundamental human right. This policy outlines how we collect, use, and protect your data with transparency and security at the core of everything we do.

Version 2.4Last Updated: December 10, 2025
01

Introduction

This Privacy Policy explains how Audiflo ("we," "us," "our") collects, uses, discloses, and protects your personal information when you use our AI-powered presentation platform and services (collectively, the "Service").

We are committed to transparency and compliance with the GDPR, CCPA, PIPEDA, and other applicable data protection laws worldwide.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

02

Definitions

Personal Data

Any information relating to an identified or identifiable natural person.

Processing

Any operation performed on personal data, including collection, storage, use, and disclosure.

Data Controller

The entity that determines the purposes and means of processing personal data (Audiflo).

Data Processor

An entity that processes personal data on behalf of the data controller (our third-party providers).
03

Data Controller Information

Contact Details

Email:privacy@audiflo.com
DPO:dpo@audiflo.com

Mailing Address

Audiflo

A subsidiary of Intelligent Singularity Inc

363 Tipperary Loop

Delaware, Ohio 43015, USA

04

Information We Collect

Information You Provide

Account Information

• Email address (required)

• Password (Argon2 encrypted)

• Organization info (role, industry)

• MFA data (TOTP secrets)

Payment Information

• Billing address

• Payment method (securely stored by our payment processor)

• Transaction history

Content You Upload

  • ✓ PowerPoint presentations (.pptx)
  • ✓ Word documents (.docx)
  • ✓ PDF documents
  • ✓ Embedded Images
  • ✓ Speaker notes
  • ✓ Knowledge base articles
05

How We Use Your Information

Service Delivery

  • Process presentations and generate speaker notes
  • Create audio narrations via TTS engines
  • Secure file storage and management
  • Customer support and inquiry response

Security & Compliance

  • Fraud prevention and abuse detection
  • Enforcing Terms of Service
  • Compliance with legal obligations
  • Security incident investigation

What We DO NOT Do

❌ Sell personal data to third parties
❌ Train AI models on your private content
❌ Share content without permission
❌ Track you across other websites
07

Third-Party Services

We work with carefully selected third-party service providers to deliver our services effectively. These providers are contractually bound to protect your data and operate under strict data processing agreements.

Service Categories

Content Processing Services

Artificial intelligence and natural language processing providers that help generate and transform presentation content

Audio Generation Services

Text-to-speech and voice synthesis providers that create professional audio narration

Cloud Infrastructure Providers

Secure cloud hosting and data storage services that meet enterprise-grade security standards

Payment Processing Services

PCI-compliant payment processors that handle billing and subscription management

Communication Services

Email delivery and notification services for account management and updates

Analytics & Monitoring Services

Performance monitoring and analytics tools that help us improve service reliability and user experience

Our Commitment

All third-party processors are vetted for security compliance and are required to maintain the same level of data protection that we uphold. We regularly review and audit our service providers to ensure continued compliance with data protection regulations.

08

International Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) - European Commission-approved contracts
  • Data Processing Agreements (DPAs) - With all third-party processors
  • Privacy Shield Framework Compliance - Where applicable
  • Encryption in Transit & At Rest - All cross-border transfers are encrypted

EU/EEA Users: Your data is processed in compliance with GDPR requirements, including Article 46 transfer mechanisms.

09

Data Retention

Data TypeRetention Period
Account InformationRetained for the duration of your active account and a reasonable period thereafter
Presentations & FilesRetained until you choose to delete them, plus a brief grace period for recovery
Temporary AudioRetained for a limited time unless permanently saved by you
Usage AnalyticsRetained for a period necessary for service analysis and improvement
Payment RecordsRetained as required by applicable tax and financial regulations
BackupsRetained for a reasonable period to ensure data recovery capability
10

Your Privacy Rights

You have comprehensive rights over your personal data. These rights apply globally, with specific provisions for GDPR, CCPA, and PIPEDA jurisdictions:

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Correct inaccurate or incomplete data.

Right to Erasure

Request deletion of your data ("right to be forgotten").

Right to Portability

Receive your data in a machine-readable format.

Right to Restriction

Limit how we process your data.

Right to Object

Object to processing based on legitimate interests or direct marketing.

Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

Right to Lodge a Complaint

File a complaint with your local data protection authority.

How to Exercise Your Rights

Email privacy@audiflo.com with your request. We will respond within 30 days (or as required by local law).

11

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of personal information collected, used, disclosed, or sold in the last 12 months.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: Opt out of the sale or sharing of your personal information (we do not sell your data).
  • Right to Correct: Request correction of inaccurate personal information.
  • Right to Limit Sensitive Data Use: Limit use of sensitive personal information.
  • Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights.

Important: We do NOT sell or share your personal information for cross-context behavioral advertising.

12

Canadian Privacy Rights (PIPEDA)

If you are a Canadian resident, your privacy rights are protected under the Personal Information Protection and Electronic Documents Act (PIPEDA):

  • Right to Access: Request access to your personal information and how it's being used.
  • Right to Correction: Correct any inaccuracies in your personal information.
  • Right to Withdraw Consent: Withdraw consent for data processing, subject to legal or contractual restrictions.
  • Right to File a Complaint: Lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC).

Office of the Privacy Commissioner of Canada

Website: www.priv.gc.ca
Toll-free: 1-800-282-1376

13

Security Measures

We implement industry-leading security measures to protect your data:

Encryption & Access Control

  • AES-256 Encryption: All data at rest is encrypted using military-grade encryption
  • TLS 1.3: All data in transit uses the latest encryption protocols
  • Argon2 Password Hashing: State-of-the-art password protection
  • Multi-Factor Authentication (MFA): Optional TOTP-based 2FA
  • Role-Based Access Control (RBAC): Granular permission system

Infrastructure & Monitoring

  • Enterprise-Grade Infrastructure: Secure cloud hosting with industry best practices
  • 24/7 Security Monitoring: Real-time threat detection and error tracking
  • Regular Security Audits: Quarterly penetration testing and vulnerability assessments
  • Automated Backups: Daily encrypted backups with 90-day retention
  • DDoS Protection: Enterprise-grade DDoS protection

Data Breach Notification

In the unlikely event of a data breach, we will notify affected users within 72 hours of discovery and report to relevant authorities as required by law.
14

Cookies & Tracking Technologies

We use cookies and similar technologies to improve your experience, analyze usage, and provide personalized features.

Types of Cookies We Use

Essential Cookies

Required for core functionality (authentication, session management, security). Cannot be disabled.

Examples: JWT tokens, CSRF protection, session cookies

Functional Cookies

Remember your preferences and settings (theme, language, layout).

Examples: Theme preference, language selection, sidebar state

Analytics Cookies

Help us understand how you use the platform (anonymized usage data).

Examples: Page views, feature usage, performance metrics

Performance Cookies

Monitor application performance and errors for improvement.

Examples: Error tracking, load time monitoring

Managing Cookies

You can control cookie preferences through your browser settings. Note that disabling essential cookies may impact core functionality.

ChromeFirefoxSafariEdge
15

Children's Privacy

Our Service is not intended for individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction).

We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take immediate steps to delete that information.

If you believe your child has provided us with personal information, please contact us at privacy@audiflo.com immediately.

Age Requirements by Jurisdiction:

  • EU/EEA (GDPR): 16 years (or lower if set by member state)
  • United States (COPPA): 13 years
  • Canada (PIPEDA): 13 years
  • Australia: 18 years
16

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

  • Minor Changes: We will update the "Last Updated" date at the top of this policy.
  • Material Changes: We will provide prominent notice (email notification, banner on the platform) at least 30 days before the changes take effect.

Your Continued Use: Continued use of the Service after changes become effective constitutes acceptance of the updated policy. If you do not agree with changes, you may discontinue use and request account deletion.

Version History: You can request previous versions of this policy by emailing privacy@audiflo.com.

17

Contact Us

Have questions about your privacy?

Our Data Protection Officer is available to help you exercise your rights or answer any questions about this policy.

Email Privacy TeamContact Support