Quikturn Privacy Policy

Learn how Quikturn collects, uses, and protects your personal data. Our privacy policy covers data handling, cookies, your rights, and GDPR/CCPA compliance.

Effective date: September 16th, 2025

1) Who we are

Quikturn, Inc. ("Quikturn," "we," "us," or "our") provides software that helps users generate presentation slides and related assets. This Privacy Policy explains how we handle Personal Data when you visit our websites, create an account, or use our products and services (collectively, the "Services"). It also explains choices and rights you may have.

Unless stated otherwise, Quikturn is the controller of Personal Data we collect about website visitors, prospects, and account holders. For content you upload into the Services (e.g., logos, text, images, prompts) on behalf of your business, Quikturn typically acts as a processor to your organization (the Customer). Our Data Processing Addendum (DPA) applies to processor mode handling when executed by both parties.

2) Notice at Collection (California)

We collect the categories of Personal Data listed below for the business purposes described in Section 5. We do not sell Personal Data and we do not share Personal Data for cross context behavioral advertising. If this changes, we will update this Policy and provide required mechanisms to opt out.

Category	Examples	Sources	Purposes	Retention (see Section 8)
Identifiers	name, email, username, IP address, device IDs	You; your employer; your device/browser	account creation, authentication, security, support, communications	Account lifetime + 2 years
Commercial info	subscription plan, purchase history	You; payment processor	billing, tax, recordkeeping	7 years for financial records
Internet activity	log data, timestamps, URLs, product telemetry, cookie IDs	Your browser/device; our Services	deliver and secure the Service, diagnostics, analytics	12 months (telemetry); 90 days (logs)
User content	prompts, files, logos/brand assets, templates, outputs	You/Customer; integrations you enable	provide features, store and deliver outputs, support	per Customer instructions; see Section 8
Support records	chat/emails, tickets, call recordings (if applicable)	You; your colleagues	customer support, training, quality	24 months
Sensitive data	password hashes; limited payment tokens (via processor); admin roles	You; payment processor	authentication, fraud prevention, billing	see Sections 4 & 8

We do not intentionally collect: precise geolocation; government IDs; biometric templates; data about children for the Service.

3) What we collect and how we obtain it

3.1 Data you provide. Account details (name, email, password), organization/workspace info, billing details (handled by our payment processor), support messages, and any content you upload (logos, color palettes, slides, prompts, images, and other files).

3.2 Data from your use of the Services. Diagnostic and usage information (events, timestamps, feature use), device and network information (IP address, user agent, language, approximate location from IP), and cookies or similar technologies (Section 6).

3.3 Data from third parties. If you connect third party services (e.g., cloud storage or presentation tools), we receive data necessary to enable the integration. We may also receive business contact and firmographic data from service providers for sales/marketing compliance.

3.4 Logos, brand assets, and web available company data. Our platform includes a database of company logos and brand color palettes sourced from publicly available websites and legitimate providers. We aim to collect company information—not personal data. If we inadvertently collect Personal Data in these sources, we remove or minimize it.

3.5 Children. The Services are not directed to children under 13. We do not knowingly collect Personal Data from children. If you believe a child has provided Personal Data, contact us and we will take appropriate steps.

4) How we use Personal Data (purposes)

Provide and secure the Services: create and manage accounts, deliver features, generate outputs, host and back up data, prevent fraud and abuse, and maintain security.
Customer support and communications: respond to requests, provide updates, and send transactional emails.
Billing and administration: process payments, tax, and accounting.
Analytics and improvement: assess feature usage, reliability, and performance, and improve user experience (using de identified or aggregated data where possible).
Compliance and enforcement: comply with law, enforce terms, and protect rights, privacy, safety, and property.

AI/Model training. Unless you opt in, we do not use your Customer Content or Output to train foundation models made available to other customers. We may use de identified operational metrics to improve reliability and security.

5) Legal bases (EEA/UK/Switzerland)

Where GDPR/UK GDPR applies, our processing is based on: Contract (to provide the Services), Legitimate Interests (e.g., security, analytics, product improvement in ways that do not override your rights), Consent (where required for non essential cookies/marketing), and Legal Obligation (e.g., tax, accounting, responding to lawful requests).

6) Cookies and similar technologies

We use:

Strictly necessary cookies (essential for login and security);
Functional cookies (remember preferences);
Analytics cookies (measure usage to improve the Service);
Advertising cookies (only if enabled in the future; default: disabled).

Controls: you can manage preferences via our Cookie Settings link in the footer and your browser settings. Where legally required, we display a cookie banner that collects your consent for non essential cookies. We honor Global Privacy Control (GPC) signals for U.S. state laws where applicable.

7) How we disclose Personal Data

We disclose Personal Data to:

Service providers / subprocessors who help us operate the Services (hosting, storage, authentication, email, analytics, customer support, payments). We require them to process Personal Data only on our instructions.
Enterprise Customer administrators (for organizational accounts) who can access and manage users and content in their workspace.
Legal and safety recipients when required by law, subpoena, or to protect rights, privacy, safety, or property.
Corporate transactions (merger, acquisition, financing, or sale of assets), subject to standard confidentiality.

We do not sell Personal Data. We do not share Personal Data for cross context behavioral advertising. If we introduce advertising features in the future, we will update this Policy and provide opt out mechanisms.

8) Data retention

We keep Personal Data only as long as necessary for the purposes described or as required by law. Typical retention periods:

Account data (identifiers): life of account + 2 years after closure.
Billing/transaction records: 7 years.
Product telemetry/analytics: up to 12 months (aggregated thereafter).
Security logs: 90 days (unless needed for investigations).
Support records: up to 24 months.
Customer Content and Outputs: as directed by the Customer and for as long as the account remains active, plus a limited period for backups.

We may retain de identified or aggregated data that does not identify you.

9) Security

We use administrative, technical, and physical safeguards designed to protect Personal Data appropriate to the nature of the data and our Services. No method of transmission or storage is 100% secure. You are responsible for safeguarding your account credentials and for using strong passwords and multi factor authentication where available.

10) International data transfers

If we transfer Personal Data outside the region where it originated, we implement appropriate safeguards, such as Standard Contractual Clauses for EEA/UK transfers, and conduct transfer risk assessments as applicable. You can contact us for a copy of the relevant safeguards, subject to redactions.

11) Your rights and choices

EEA/UK/Swiss residents: You may have the right to request access, correction, deletion, portability, restriction, or objection to certain processing. Where we rely on consent, you may withdraw it at any time. You also have the right to lodge a complaint with your local supervisory authority.

U.S. State laws (e.g., CA/CO/CT/VA/UT): Depending on your state, you may have rights to know/access, correct, delete, obtain a portable copy, and opt out of (i) targeted advertising, (ii) sale, and (iii) profiling in furtherance of decisions with legal or similarly significant effects. We do not sell Personal Data and we do not engage in targeted advertising. If you believe profiling rights apply, contact us.

How to exercise rights: Send a request to founders@getquikturn.io or use the in product privacy controls (if available). We will verify your request and respond within the time required by law. You may use an authorized agent where permitted. If we deny your request (e.g., conflicts with legal obligations), you may appeal by replying to our decision; further appeal rights vary by jurisdiction.

Non discrimination: We will not discriminate against you for exercising your privacy rights.

12) Automated decision making

We do not use automated decision making that produces legal or similarly significant effects about you without human involvement.

13) Third party services and links

The Services may link to or integrate with third party sites and services. Their privacy practices are governed by their own policies. Review those policies when you interact with third party services.

14) Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will provide notice (e.g., by email, in product message, or banner) and indicate the effective date at the top. Your continued use after the effective date means you accept the revised Policy.

15) Contact us

Quikturn, Inc.

1209 Orange Street

Wilmington, Delaware 19801

Privacy: founders@getquikturn.io

Support: support@getquikturn.io

16) Region specific notices (supplements)

California (CPRA)

We do not sell or share Personal Data as defined by the CPRA.
We process Sensitive Personal Information (e.g., password hashes, limited payment tokens) only for permitted purposes (security, authentication, prevention of fraud) and do not use it to infer characteristics.
You may submit requests under Your rights and choices above. We honor Global Privacy Control (GPC) signals where applicable.

Virginia / Colorado / Connecticut / Utah

We do not process Personal Data for targeted advertising or sale. If this changes, we will provide opt out mechanisms (including universal opt out where required) and update this Policy.

Nevada

We do not sell covered information as defined by Nevada law. You may still submit a do not sell request to founders@getquikturn.io.

EEA/UK/Switzerland

Controller: Quikturn, Inc.
Legal bases: see Section 5.
Transfers: see Section 10.
Rights: see Section 11.

17) Definitions

Personal Data / Personal Information: information that identifies, relates to, describes, or can reasonably be linked to an identified or identifiable individual.
Customer Content: content you or your organization provide to the Services, including prompts, files, logos, brand assets, templates, and outputs.
Processor / Controller: roles described by applicable data protection laws, including GDPR/UK GDPR.