Privacy Policy

The data controller responsible for your personal data is:

• Ilya Spiridonov, sole proprietor, operating under the brand name HummingDeck
• Address: Antakalnio 84, Vilnius, Lithuania
• Privacy contact: hello@hummingdeck.com

For questions about this policy or your data, email us at hello@hummingdeck.com. We will update this section once HummingDeck is operated through a registered legal entity.

We process personal data under the following lawful bases (GDPR Article 6):

• Contract (Art. 6(1)(b)) — to provide the HummingDeck service to registered users: account management, document storage, share-link generation, billing.
• Legitimate interest (Art. 6(1)(f)) — for document viewer analytics on behalf of our customers (the senders of shared links), product improvement, security and fraud prevention. The legitimate interest of the customer in understanding engagement with their content is balanced against viewer privacy by the safeguards described in this policy.
• Consent (Art. 6(1)(a)) — for analytics and marketing cookies on our website (managed via the cookie banner) and for marketing emails (managed via subscription preferences).
• Legal obligation (Art. 6(1)(c)) — to comply with tax, accounting, and other legal requirements.

When you create a HummingDeck account, we collect:

• Account information — email address, name, and profile photo (provided directly or imported from Google when using Google sign-in)
• Signup metadata — IP address, device type, and browser information at the time of account creation. Used for analytics and fraud prevention.
• Team and workspace data — team names, member roles, and workspace settings you configure
• Uploaded content — presentations, documents, and other files you upload to share via HummingDeck
• CRM data — contact names, email addresses, and company information you add to organize your sharing activity
• Activity data — actions you take within the platform such as creating share links, uploading decks, and managing team settings. Activity logs include IP address and browser information.
• Avatar lookup — for contacts and captured leads, we check Gravatar (gravatar.com) using an MD5 hash of their email address to display a profile photo. The hash is sent to Gravatar's servers. No email address is transmitted in plain text.

When someone opens a shared document link, we automatically collect certain information to provide engagement analytics to the document owner. Document Viewers do not need to create an account.

We collect:

• Device and browser information — browser type, operating system, and device category
• Network information — IP address and approximate geographic location (city/country level, derived from IP)
• Engagement data — which pages were viewed, time spent on each page, total viewing duration, and completion rate
• Browser fingerprint — a hash derived from browser properties (screen resolution, timezone, language) used to group viewing sessions by the same visitor. No cookies or persistent storage are used. The fingerprint cannot be used to identify you personally.

This data is collected on behalf of the HummingDeck user who created the share link. The legal basis for this processing is the legitimate interest of the sender in understanding how recipients engage with their shared content (GDPR Article 6(1)(f)).

Document Viewers may contact us at hello@hummingdeck.com to inquire about data collected during their viewing sessions.

We use a small set of third-party tools to understand how people use our website, measure our marketing, and detect issues. Whether they load by default or only after consent depends on where you're visiting from — see Cookie consent below.

• Google Analytics 4 — page views, events, and aggregate usage patterns.
• Microsoft Clarity — anonymized session recordings and heatmaps used to understand how visitors interact with pages. Form fields are masked by default.
• Ahrefs Web Analytics — cookieless, privacy-friendly traffic statistics. Used for SEO insights only.
• Microsoft Ads (Bing UET) — conversion measurement for ads we run on Bing/Microsoft Advertising.

These tools are excluded from shared-document viewer routes (/view and /r), which means recipients of shared documents are not tracked by these tools when opening a deck.

Google Analytics — Consent Mode v2. When analytics consent has not been granted (either because you declined the banner, you're a California visitor who clicked Do Not Sell or Share, or you're in a region where consent is required and you haven't decided yet) we still load the Google Analytics tag, but in a strict cookieless mode. In that mode no cookies are written, no client identifier is stored, and the requests sent to Google contain only an anonymized signal (no profile data). Google uses these signals to model aggregate traffic on its end so our reports aren't blind to declined-consent visitors. Once you grant analytics consent, Google Analytics switches to its standard behavior on the next page load.

You can change your preferences at any time via the Cookie preferences link in our website footer. California residents can opt out separately via the Do Not Sell or Share My Personal Information link in the same footer; see the section below.

We use cookies in three categories. You control the optional ones via the cookie banner or the footer links.

Strictly necessary (always on, no consent required):

• Session cookie — HTTP-only, maintains your login. Expires after 14 days. Required for the app to work.
• Theme cookie — remembers your light/dark preference.
• Locale cookie — remembers your language choice.
• Consent cookie (hd_consent_v1) — records which cookie categories you accepted. JSON-encoded, 12-month duration.
• CCPA opt-out cookie (ccpa_optout_v1) — set when you click Do Not Sell or Share My Personal Information in the footer. Disables analytics and marketing scripts in this browser. 12-month duration.

Analytics (optional, consent-gated in EU/UK/CH/BR; default-on elsewhere):

• Google Analytics — sets _ga and related cookies to distinguish users and sessions.
• Microsoft Clarity — sets _clck and _clsk for session-level analytics.

Marketing (optional, consent-gated in EU/UK/CH/BR; default-on elsewhere):

• Microsoft Ads UET — sets _uetsid and _uetvid for ad conversion attribution.

Ahrefs Web Analytics does not set cookies.

Whether we show a cookie consent banner depends on your jurisdiction.

Banner shown — consent required before analytics or marketing scripts load:

• The European Union (EU 27) and European Economic Area (Iceland, Liechtenstein, Norway)
• The United Kingdom
• Switzerland
• Brazil

For visitors from these regions, the banner offers Accept all, Reject all, and Customize. Your choice is recorded in the hd_consent_v1 cookie and remembered for 12 months. Until you decide, no analytics or marketing scripts run.

Banner not shown — analytics and marketing load by default:

For visitors from other regions (including the United States, Canada, most of Asia, Australia, New Zealand, and Latin America outside Brazil), analytics and marketing scripts load when the page loads. You can still change your mind at any time:

• Cookie preferences in the footer opens the same per-category controls and lets you reject analytics or marketing scripts going forward.
• Do Not Sell or Share My Personal Information in the footer disables both categories with a single click for that browser (CCPA / CPRA opt-out, available globally for convenience).

Withdrawing consent does not affect the lawfulness of any processing that happened while consent was active.

We determine your jurisdiction from the IP address of your request — see Note on geographic detection below for accuracy caveats.

We determine which jurisdiction's rules apply by looking up the country associated with your IP address. This method is widely used but not 100% accurate — for example, if you use a VPN, corporate proxy, or are roaming internationally, your detected region may not match where you actually live or work.

If you believe our cookie consent banner should have appeared during your visit and it didn't, email us at hello@hummingdeck.com and we'll treat your data accordingly. You can also use the Cookie preferences footer link on any page to reject analytics or marketing scripts manually.

We use the information we collect to:

• Provide the service — host your uploaded documents, generate share links, and deliver engagement analytics
• Provide document engagement analytics — show registered users how recipients interact with their shared documents, including viewing patterns and engagement metrics
• Improve the product — understand usage patterns to fix issues and develop new features
• Communicate with you — send transactional emails (share notifications, account updates) and respond to support requests
• Ensure security — detect and prevent fraud, abuse, and unauthorized access

We do not sell your personal information.

We may share data in the following circumstances:

• Service providers — we share data with third-party providers who help us operate the service (see Third-Party Services below). These providers are bound by data processing agreements and may only use data to provide services to us.
• At your direction — when you share a document, the recipient can see the document content and any information you choose to include in the share link.
• Legal requirements — we may disclose data if required by law, court order, or governmental regulation.
• Business transfers — if HummingDeck is acquired or merged, user data may be transferred as part of the transaction. We will notify affected users before their data becomes subject to a different privacy policy.

We use the following third-party services to operate HummingDeck:

• Google Firebase — authentication and user identity management
• Google Cloud Storage — secure storage of uploaded files
• Resend — transactional email delivery (share notifications, account emails)
• FastSpring — payment processing for subscriptions (FastSpring acts as the merchant of record; we do not store payment card details)
• Loops — marketing email delivery (newsletters, product announcements) for users who opt in

The following services run only after you give consent via our cookie banner:

• Google Analytics 4 — website and application usage analytics
• Microsoft Clarity — session recordings and heatmaps for product research
• Ahrefs Web Analytics — cookieless SEO traffic insights
• Microsoft Ads (Bing UET) — ad conversion measurement

The full, current list of services that process customer data on our behalf is published at hummingdeck.com/sub-processors. Customers acting as data controllers can review our Data Processing Agreement for the contractual terms governing this processing. Each provider also has its own privacy policy governing how it processes data.

If you use HummingDeck through our Canva app integration, we additionally collect:

• Canva account identifiers — your Canva user ID and brand (team) ID, used to link your Canva account to your HummingDeck account
• Exported designs — when you choose to share a design from Canva, the exported file (PDF) is transferred to and stored by HummingDeck

We do not access your Canva designs, account data, or any other Canva content beyond what you explicitly choose to export. We do not mine or scrape any data from the Canva platform.

If you use HummingDeck through our Google Workspace Add-on for Google Slides or Google Docs, we access the following data:

• Google account email — your email address, used to identify and authenticate your HummingDeck account
• Current document metadata — the title and URL of the document you are currently editing, used to label the shared document within HummingDeck
• Exported document — when you choose to share a document, HummingDeck exports a PDF copy of the current document and stores it on your behalf

The add-on requests only the minimum scopes required to function: access to your email address, read-only access to the current document, and permission to make HTTP requests to the HummingDeck service. We do not access your Google Drive, other documents, contacts, or any Google Workspace data beyond what is listed above.

If you use the HummingDeck Chrome Extension for Gmail, the following data is accessed:

• Google account email — used to authenticate your HummingDeck account via Google OAuth
• Gmail compose window — the extension detects when you are composing an email to display the tracking button
• Recipient email address — the extension reads the first email address from the To field of your compose window to create a personal tracked link. This allows you to see the recipient's name in your analytics. The email address is sent to HummingDeck to create the tracked link. It is not stored locally or used for any other purpose
• Files you choose to track — when you click the tracking button and select a file, the extension uploads that file to HummingDeck. Only files you explicitly select are uploaded
• Authentication token — stored locally in your browser using chrome.storage to keep you signed in

The extension requests only the permissions required to function: access to mail.google.com (to display the tracking button and read recipient email for personal links), storage (to save your auth token), notifications (to alert you when someone views your document), identity (to authenticate with Google), and alarms (to periodically check for new views).

The extension does not read, store, or transmit your email body content, subject line, CC/BCC recipients, contacts, threads, or any other Gmail data beyond the primary To field recipient.

HummingDeck does not use any data obtained through Google Workspace APIs to develop, improve, or train generalized artificial intelligence (AI) or machine learning (ML) models.

Data accessed via Google Workspace integrations — including document content, metadata, and user information — is used solely to provide the HummingDeck document sharing and analytics service to you. This data is never transferred to, shared with, or used by any AI or ML system beyond what is necessary to deliver the features you directly interact with.

HummingDeck's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we limit our use of Google user data to providing and improving the user-facing features of HummingDeck. We do not sell Google user data, use it for advertising, or transfer it to third parties except as necessary to provide the service, comply with applicable law, or as part of a merger or acquisition with adequate data protection.

We implement industry-standard security measures to protect your data:

• All data is encrypted in transit using TLS (HTTPS)
• Uploaded files are encrypted at rest in Google Cloud Storage
• Session cookies are HTTP-only and secure, preventing client-side access
• Authentication is managed through Google Firebase with secure session handling
• Access to production systems is restricted and logged

No method of electronic transmission or storage is perfectly secure. While we take reasonable measures to protect your data, we cannot guarantee absolute security.

We retain data as follows:

• Account data — retained for as long as your account is active. When you delete your account, we delete your personal data within 30 days, except where we are required to retain it by law.
• Uploaded files — deleted when you delete the associated document from your account.
• Document Viewer data — retained to provide engagement analytics. Viewer data is anonymized after 24 months.
• Analytics data — aggregated, anonymous analytics data may be retained indefinitely.

Managing your data: You can manage and delete your data directly within HummingDeck at any time. You can delete individual documents, share links, contacts, and team data from the application interface. To delete your entire account and all associated data, contact us at hello@hummingdeck.com.

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate data
• Deletion — request deletion of your personal data
• Portability — request a machine-readable copy of your data
• Objection — object to processing based on legitimate interest
• Restriction — request that we restrict processing of your data
• Withdraw consent — where processing is based on consent, you can withdraw it at any time without affecting processing already carried out

To exercise any of these rights, contact us at hello@hummingdeck.com. We will respond to your request within 30 days.

Right to lodge a complaint: if you believe we have not handled your data in accordance with applicable law, you have the right to lodge a complaint with a data protection supervisory authority. In Lithuania this is the State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija, VDAI), vdai.lrv.lt. EU/EEA residents may also file with their local national authority.

California residents: Under the California Consumer Privacy Act (CCPA) and CPRA, you have the right to know what personal information we collect and how it is used, request deletion of your data, and opt out of the sale or sharing of personal information. HummingDeck does not sell or share personal information.

HummingDeck is not intended for use by individuals under the age of 13 (or the minimum legal age required to provide consent for processing of personal data in the user's jurisdiction). We do not knowingly collect personal data from children.

If you believe that a child has provided us with personal data, please contact us at hello@hummingdeck.com and we will take steps to delete such information.

Your data may be processed in countries other than your own. We primarily process data on Google Cloud infrastructure located in the United States and the European Union.

When data is transferred outside of the European Economic Area, we rely on Standard Contractual Clauses or other approved transfer mechanisms to ensure your data is protected to European standards.

We may update this privacy policy from time to time. If we make material changes, we will notify you by email or through a notice within the application before the changes take effect.

We encourage you to review this policy periodically. Your continued use of HummingDeck after changes are posted constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding this privacy policy or our data practices, contact us at hello@hummingdeck.com.

HummingDeck is based in Vilnius, Lithuania.