1. Introduction
SlideFarm ("we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use the SlideFarm mobile application and related services.
Summary: We collect only what's necessary to provide the Service. Your images and content remain yours. We never sell your personal data. You can delete your data anytime.
2. Data Controller
The data controller responsible for your personal data is:
As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring your data is handled in accordance with applicable privacy laws.
3. Information We Collect
3.1 Information You Provide
Account Information: Email address, name (optional), profile photo (via social login), password (if using email auth).
User Content: Images you upload, collection names, custom prompts, automation settings.
AI Image Generation Data: When you enable AI image generation, your topic descriptions, style instructions, and AI-crafted prompts (derived from your automation settings) are sent to third-party AI providers to generate images. The generated images are stored in our cloud storage on your behalf.
TikTok Account Data: TikTok username, OAuth tokens (encrypted), publishing preferences.
Pinterest Account Data: When you connect your Pinterest account, we receive your Pinterest user ID, profile name, board names and IDs, and basic Pin metadata (title, description, URLs, thumbnails). We do not receive your Pinterest password.
Payment Information: Purchase history and credit balance. We do not store payment card details.
3.2 Automatically Collected
Device Info: Device type, OS version, app version, language settings.
Usage Data: Feature usage, automation history, error logs, performance metrics.
4. How We Use Your Information
| Purpose | Data Used | Legal Basis (GDPR) |
|---|---|---|
| Provide the Service | Account info, content, TikTok tokens | Contractual necessity |
| Process payments | Purchase history, transaction IDs | Contractual necessity |
| Generate AI text | Topic, prompts, automation settings | Contractual necessity |
| Generate AI images | Topic, style instructions, AI-crafted prompts | Contractual necessity (user-initiated) |
| Content moderation | Uploaded images | Legitimate interest (safety) |
| Publish to TikTok | Images (uploaded or AI-generated), generated text | Contractual necessity |
| Display Pinterest content | Pinterest boards, Pins, metadata | Contractual necessity (user-initiated) |
| Improve the Service | Usage data, analytics, error logs | Legitimate interest |
4.1 Pinterest Integration
When you connect your Pinterest account, SlideFarm displays your boards and Pins inside the app for inspiration and content planning purposes. We want to be clear about what our Pinterest integration does and does not do:
- SlideFarm only requests read-only permissions (
pins:readandboards:read). - SlideFarm does not create, edit, publish, or delete any Pins or boards on Pinterest.
- Pinterest content is displayed only inside the app for the authenticated user.
- SlideFarm does not create new content from Pinterest Pins that is distributed outside Pinterest (e.g., on TikTok).
4.2 AI Image Generation
When you enable AI image generation for an automation, SlideFarm sends text-based prompts (derived from your topic, style instructions, and slide content) to a third-party AI image provider to generate images. We want to be clear about what this involves:
- SlideFarm sends text prompts only to the AI image provider — we do not send your uploaded images, personal data, or account information.
- The AI provider you select (Google Gemini, OpenAI, or xAI) processes the prompt and returns generated image data.
- Generated images are stored in our cloud storage (Firebase/Google Cloud) under your user account and are accessible only to you and our systems.
- Each AI provider has its own data processing policies. Prompts sent to these providers may be subject to their respective privacy policies and data retention practices.
- You can disable AI image generation at any time in your automation settings. When disabled, no data is sent to AI image providers.
- AI-generated images associated with your account are deleted when you delete your account.
5. Data Storage and Security
Your data is stored on Google Cloud Platform (Firebase) servers in the United States. We implement security measures including:
- Encryption in Transit: Industry-standard encryption for data transmitted between your device and our servers
- Encryption at Rest: Encryption for sensitive data including authentication tokens
- Access Controls: Strict role-based access
Pinterest tokens and data are protected using the same security practices as other integrations. Pinterest data is not retained longer than necessary for providing the service.
6. International Data Transfers
Your data is processed and stored on servers located in the United States (Google Cloud Platform/Firebase). If you are located outside the United States, including in the European Economic Area (EEA), your personal data will be transferred internationally.
For transfers from the EEA to the US, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data processing agreements with our service providers that include appropriate safeguards
By using the Service, you acknowledge that your data may be transferred to and processed in the United States.
7. Data Sharing
We do not sell your personal information. We share data with:
- Firebase (Google Cloud): Authentication, database, file storage, cloud infrastructure
- TikTok: Content publishing (images and text transmitted to TikTok for posting)
- Pinterest: Read-only access to your boards and Pins via the official Pinterest API when you connect your account. We use this data solely to display your own boards and Pins within the app for inspiration and content planning. We do not sell Pinterest data or share it with any other third parties. We only store Pinterest data to the minimum extent necessary to display it in the app and prefer to call the API when updated data is needed.
- OpenAI: AI text generation (text prompts), AI image generation (text prompts — no personal data or uploaded images are sent), and content moderation (uploaded image URLs for safety screening)
- Google AI (Gemini): AI text generation (text prompts) and AI image generation (text prompts — no personal data or uploaded images are sent)
- xAI (Grok): AI text generation (text prompts) and AI image generation (text prompts — no personal data or uploaded images are sent)
- RevenueCat: Subscription and payment processing
The specific AI provider that processes your data depends on the model you select in your automation settings. You can change your selected AI provider at any time.
8. Your Rights
- Access: Request a copy of your data
- Correction: Update your account information
- Deletion: Delete your account and all data (see below)
- Disconnect TikTok: Revoke access anytime
- Disconnect Pinterest: Revoke SlideFarm's access to your Pinterest account at any time from your Pinterest account settings or from within the SlideFarm app
- Opt-out: Unsubscribe from promotional emails
8.1 How to Request Data Deletion
You can delete your account and all associated data by following these steps:
- Open the SlideFarm app
- Go to Settings (gear icon)
- Tap Account
- Tap Delete Account
- Confirm the deletion when prompted
Alternatively, you can request deletion by emailing favamvv@gmail.com with the subject line "Data Deletion Request" and include the email address associated with your account.
9. Data Retention
We retain your data while your account is active. This includes uploaded images, AI-generated images, automation settings, and post history. Upon account deletion:
- Immediate: Access revoked, automations stopped
- Within 30 days: All personal data permanently deleted, including uploaded images, AI-generated images, automation configurations, and post history
Note: Data that has already been transmitted to third parties (e.g., posts published to TikTok, prompts processed by AI providers) is subject to those third parties' own retention policies and cannot be recalled by us.
10. Children's Privacy
The Service is not intended for users under 18. We do not knowingly collect data from children.
11. California Privacy Rights (CCPA)
California residents have rights to know, delete, and opt-out. We do not sell personal information. Contact us at favamvv@gmail.com.
12. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):
- Right of Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate personal data
- Right to Erasure: Request deletion of your personal data (see Section 8.1)
- Right to Restrict Processing: Request limitation of how we process your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interest
- Right to Withdraw Consent: Where processing is based on consent, withdraw it at any time
12.1 Legal Bases for Processing
We process your personal data under the following legal bases as required by Article 6 of the GDPR:
- Contractual Necessity (Art. 6(1)(b)): Processing necessary to provide the Service you requested, including account management, content generation (text and images), publishing to TikTok, and payment processing
- Legitimate Interest (Art. 6(1)(f)): Processing for service improvement, analytics, error monitoring, fraud prevention, and content moderation to ensure platform safety
- Consent (Art. 6(1)(a)): Where required for optional features such as promotional communications. You may withdraw consent at any time
- Legal Obligation (Art. 6(1)(c)): Processing required to comply with applicable laws, such as tax and accounting requirements
To exercise any of these rights, contact us at favamvv@gmail.com. We will respond within 30 days as required by law. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority. For users in Poland, this is the President of the Personal Data Protection Office (UODO).
13. Changes to This Policy
We may update this Privacy Policy. Material changes will be communicated via email or in-app notification.
14. Contact Us
For questions about this Privacy Policy or to exercise your rights:
- Email: favamvv@gmail.com