logo
Xpptx
Try free

Table of Contents

Privacy Policy

Last updated: December 9, 2025

Xpptx regards the protection of visitors' privacy as one of its core priorities. This Privacy Policy outlines the types of information Xpptx (referred to as "we," "us," or "Xpptx") collects and records, how we use it, and the rights you have regarding your personal data. It complies with global privacy regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). If you have additional questions about this Privacy Policy or need more relevant information, please feel free to contact us at any time.

By accessing or using our website, services, or platform (collectively, the "Services"), you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy and our Terms of Use. If you do not agree to these terms, please do not use the Services.

II. Information We Collect

We collect information only for legitimate purposes, following the principles of "data minimization" and "purpose limitation." The information we collect falls into the following categories:

(I) Customer Data

  • Registration Information: When creating an account, you must provide necessary information: email address, full name, and username. If you register via the "Sign in with Google" button, we may obtain limited data (excluding sensitive information) from Google LLC's Gmail authentication token to simplify registration.
  • Authentication Token Information: When using "Sign in with Google," we collect the encrypted Gmail authentication token provided by Google. This token allows us to access non-sensitive data such as your full name, email address, and language settings (strictly in line with Google's data sharing rules).
  • Automatically Collected Information: Upon account creation, we automatically collect device and usage data: IP address, referral link (how you found Xpptx), registration date, account balance, device language, and browser type. We also track service-related activities (e.g., subscription purchase or renewal timestamps) to optimize user experience and confirm data processing responsibilities.
  • Payment Information: To fulfill service orders, you need to provide payment-related details: customer ID, order ID, email address, IP address, phone number, full name, country/region code, billing address, company name (if applicable), credit card type, and the last 4 digits of your credit card number. This data is used to process payments and prevent fraudulent chargebacks. We do not store full credit card or bank account information—all financial data is handled by licensed third-party payment processors (e.g., Stripe, PayPal), who are responsible for its security.
  • Google User Data: For integrated Gmail features, we collect: the email address of your linked Gmail account, access token (for feature functionality), and identifiers for (1) drafts/sent emails via Gmail Tracker's "Remind Me" and "Send Later" tools; (2) marketing campaign emails; (3) inbox replies to campaign emails (including text, attachments, and images). This data is used solely to deliver the requested Gmail-related Services.

(II) Visitor Data

  • Contact Information: When you contact our support team (via website chat, contact forms) or provide platform feedback, we collect data such as your full name, email address, phone number, and message content to respond to your inquiries.
  • Cookie Information: We use Cookies and similar tracking technologies (e.g., web beacons) to: (1) analyze website traffic and usage (via tools like Google Analytics); (2) remember your preferences (e.g., saved language settings); (3) deliver targeted marketing. You can manage or disable Cookies through your browser settings (see Section VII for details on our Cookie Policy).

(III) Prospect Data

At the request of our business customers, we collect and process third-party personal data related to business prospects. This data comes from two sources: (1) information provided directly by the customer; (2) data generated via Xpptx tools (Email Finder, LinkedIn Prospect Finder, Single/Bulk Email Search, Domain Search, Company Profile Search). The data includes: prospect email address, full name, corporate email, approximate location (no precise geolocation), industry, current/previous job titles, workplace, and social media profiles. We only process this data in accordance with the customer's written instructions and ensure compliance with data protection laws.

III. How We Use Your Information

We use collected information exclusively for the purposes stated in this Policy, with no undisclosed secondary use:

  • Deliver and Maintain Services: Use Google API data to provide email marketing, email warm-up, and Gmail-integrated features; ensure the stability and security of the platform.
  • Optimize User Experience: Analyze website usage data to improve navigation, personalize content (e.g., recommend relevant templates), and expand service functionalities.
  • Communication: Contact you directly or via partners to provide customer support, send service updates (e.g., subscription renewal reminders), and share marketing materials (you can opt out of marketing communications at any time—see Section V).
  • Compliance and Security: Prevent fraud (e.g., verify payment authenticity), respond to legal obligations, and protect the rights, property, or safety of Xpptx, users, or the public.

We will always inform you of the specific information required and the reason for collection before requesting personal data. If you contact us directly, we may collect additional information (e.g., attachments in support emails) to resolve your issue.

IV. Data Security Protection Measures

We implement industry-standard security measures to protect your personal data from unauthorized access, disclosure, modification, or destruction:

  • Technical Safeguards: Use encryption technologies (e.g., HTTPS for website traffic, AES-256 for data storage) to secure data transmission and storage; deploy firewalls and intrusion detection systems to block malicious attacks.
  • Access Controls: Limit access to personal data to authorized personnel only (e.g., support teams, data analysts) and enforce role-based permissions. All authorized staff must sign confidentiality agreements.
  • Third-Party Oversight: Require third-party service providers (payment processors, analytics tools) to maintain equivalent security standards and sign data processing agreements (DPAs) to restrict data use.
  • Incident Response: Maintain a data breach response plan. If a breach occurs that may risk your rights, we will notify you and relevant regulatory authorities within the timeframe required by law (e.g., 72 hours under GDPR) and take remedial actions.
  • Employee Training: Regularly train employees on privacy laws and security best practices to prevent human error-related data leaks.

V. Your Rights Regarding Personal Data

You have the following rights over your personal data, in line with global privacy regulations. To exercise these rights, please contact our privacy team at business@metasigncloud.com (we may verify your identity to protect data security):

  • Right to Access: Request a copy of the personal data we hold about you (e.g., registration information, usage records).
  • Right to Correction: Ask to update or correct inaccurate or incomplete data (e.g., outdated contact information).
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data if: (a) it is no longer needed for the stated purpose; (b) you withdraw consent; (c) the processing violates laws; (d) you cancel your account. We will also notify third parties (e.g., payment processors) to delete your data, where required.
  • Right to Withdraw Consent: Revoke consent for non-essential data processing (e.g., marketing communications, Gmail integration). Withdrawal will not affect data processing that occurred before revocation.
  • Right to Data Portability: Request your personal data in a structured, machine-readable format (e.g., CSV file) to transfer to another service provider.
  • Right to Opt Out of Marketing: Unsubscribe from marketing emails by clicking the "Unsubscribe" link in the email, or contact us to stop other marketing communications.
  • Right to Object: Object to data processing based on our "legitimate interests" (e.g., personalized recommendations) if it impacts your fundamental rights.

We will respond to your request within 30 days (or within the timeframe required by local law). We do not charge fees for reasonable requests, but may charge for excessive or repetitive requests.

VI. Third-Party Services and Disclosures

We do not sell, rent, or share your personal data with third parties for their own marketing purposes. We only disclose data in the following limited circumstances:

  • Licensed Third-Party Processors: We share data with third parties who perform services on our behalf, including:
    • Payment processors (e.g., Stripe, PayPal): Process payments and handle financial data (we never access full credit card details).
    • Analytics tools (e.g., Google Analytics): Analyze website traffic (data is anonymized where possible).
    • Customer support tools (e.g., Zendesk): Manage support inquiries.
    All third parties are bound by data processing agreements (DPAs) to use data only for the agreed purpose and maintain security.
  • Legal Obligations: Disclose data if required by law, court order, or administrative request (e.g., responding to a subpoena).
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity—who will be bound by this Privacy Policy. We will notify you of such a transfer in advance.

VII. Cookie Policy

We use two types of Cookies:

  • Necessary Cookies: Required for the Services to function (e.g., remembering your login status). You cannot disable these via browser settings (disabling may break the Services).
  • Non-Necessary Cookies: Used for analytics, marketing, and personalization (e.g., tracking website usage, delivering targeted ads). You can disable these via your browser settings:
    • Chrome: Settings > Privacy and security > Cookies and other site data
    • Firefox: Settings > Privacy & Security > Cookies and Site Data
    • Safari: Preferences > Privacy > Manage Website Data

For more details, see our separate Cookie Policy.

VIII. Data Retention Periods

We retain your personal data only for as long as necessary:

  • Service-Related Data: Retained for the duration of your use of the Services, plus 3 years after you close your account (to comply with legal obligations, e.g., tax records).
  • Marketing Data: Retained for 3 years from the last interaction (e.g., last email open) or data collection date—after which it is anonymized.
  • Evidentiary Data: Retained until the expiration of the statutory limitation period (generally 5 years) to resolve potential disputes.
  • Identity Verification Data: Retained only for the time needed to verify your identity (e.g., passport copies for account verification)—deleted immediately after verification.

IX. Data Transfer

(I) Cross-Border Data Transfer

If you use the Services outside the European Economic Area (EEA) or the United States, your data may be transferred to servers located in the EEA or the U.S. We ensure cross-border transfers comply with laws by:

  • Transferring data to countries deemed "adequate" by the European Commission (e.g., Canada, Japan) or the U.S. (via the EU-U.S. Data Privacy Framework).
  • Using Standard Contractual Clauses (SCCs)—approved by the European Commission—for transfers to non-adequate countries.

(II) Notifications of Government Requests

If we receive a request for your data from an administrative or judicial authority (e.g., police, tax office), we will: (a) verify the legality of the request; (b) notify you immediately (unless prohibited by law, e.g., to preserve an ongoing investigation); (c) only disclose the minimum data required.

X. Revisions to This Privacy Policy

We may revise this Privacy Policy to reflect: (a) changes in laws or regulations; (b) updates to our Services; (c) new privacy practices. We will notify you of material changes (e.g., changes to data collection purposes, third-party disclosures) via:

  • A prominent notice on our website homepage;
  • An email to your registered email address;
  • A push notification (for app users).

Material changes will take effect 14 days after notification. Your continued use of the Services after the effective date constitutes acceptance of the revised Policy. We will archive old versions of the Policy on our website for at least 5 years, available upon request.

XI. Contact Us

If you have questions, complaints, or requests regarding this Privacy Policy or your personal data, please contact our privacy team:

Email: business@metasigncloud.com

We will investigate and respond to complaints within 45 days (or as required by local law). You also have the right to lodge a complaint with your local data protection authority (e.g., ICO in the UK, CNIL in France, CCPA in California).

logo

Xpptx.com

Xpptx - Create Presentations with One Click | Product HuntXpptx - AI Powered One-Click Professional PowerPoint Creation | Creati.ai
Copyright 2022-2025 © xpptx.com
Terms of UsePrivacy Policy