1. What we collect
We collect the following personal data when you use PresentTool™:
- Account data: name, e-mail address, company name (optional), password (hashed — never stored in plain text).
- Usage data: AI runs, credit transactions, login timestamps, session information.
- Technical data: IP address (for security and rate limiting), browser type, device fingerprint hash.
- Project data: client briefings, project metadata, generated images, clips and 3D assets — processed solely to deliver the service you request.
- Billing data: subscription tier, payment status — payment details are handled exclusively by Stripe and never stored on our servers.
2. How we use your data
We use your data only for the following purposes:
- Delivering the PresentTool™ service (processing AI runs, generating storytelling links, etc.).
- Billing and subscription management (via Stripe).
- Transactional email notifications (via Resend) — e.g. account confirmation, credit alerts.
- Security: detecting abuse, rate limiting, session management.
- Product improvement: aggregated, anonymised usage analytics only.
We do not use your client data or project content to train external AI models without your explicit consent.
3. Sub-processors
We share data with the following third-party processors to deliver the service:
| Sub-processor | Purpose | Location |
|---|
| Cloudflare | Hosting, CDN, Workers, D1, R2, KV | Global (EU regions available) |
| Google (Gemini API) | AI image generation & briefing-text processing | Global |
| Meshy | 3D asset generation (text-to-3D, image-to-3D) | Global |
| Stripe | Payment processing & subscription management | EU / US |
| Resend | Transactional email delivery | US / EU |
All processors have been evaluated for GDPR compliance. We have DPAs in place where required.
4. Retention periods
- Account data: retained while the account is active, plus 30 days after deletion.
- Project data & generated assets: retained while the project exists; storytelling links 12 months after publication.
- Billing / invoice data: 7 years (statutory Dutch fiscal obligation).
- Security logs (audit log): 90 days rolling.
- IP / rate-limit data (KV): 1 hour rolling windows.
5. Your rights (GDPR)
Under the GDPR you have the following rights:
- Right of access: request a copy of your personal data.
- Right to rectification: request correction of inaccurate data.
- Right to erasure: request deletion of your account and associated data.
- Right to data portability: receive your data in a structured, machine-readable format.
- Right to object & restrict processing.
To exercise any of these rights, contact us at hello@presenttool.com. We respond within 30 days. You also have the right to lodge a complaint with the Autoriteit Persoonsgegevens.
6. Cookies
| Type | Purpose | Consent required |
|---|
| Functional | Session management, language preference, dark mode | No |
| Analytical | Anonymised page visits and conversion tracking | Yes |
| Marketing | Retargeting (v2+ only — not active at launch) | Yes |
A cookie consent banner appears on your first visit. Your choice is stored for 12 months. Full details: Cookie Policy.
7. International transfers
Some of our sub-processors (Google Gemini, Meshy, Resend) may process data outside the EEA. In such cases, we ensure adequate safeguards are in place — Standard Contractual Clauses (SCCs) or adequacy decisions.
Cloudflare is certified under the EU-U.S. Data Privacy Framework and offers EU-based data residency options.