Legal

Privacy Policy

Last updated: April 2026  |  Effective date: April 1, 2026

Reedy 1st Decks (“we,” “us,” or “our”) is a boutique pitch deck design studio based in Patna, Bihar, India. We are committed to protecting the privacy and personal data of our clients, website visitors, and prospective customers. This Privacy Policy explains in detail how we collect, use, store, share, and protect your personal information when you visit our website (reedy1stdecks.site), engage our services, or communicate with us through any channel.

This policy is designed to comply with the Information Technology Act, 2000 (India), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the principles of the General Data Protection Regulation (GDPR) for our international clients.

By using our website or engaging our services, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with any part of this policy, please do not use our website or services.

1. Information We Collect

We collect different types of information depending on how you interact with us. Below is a comprehensive breakdown:

1.1 Personal Information You Provide Directly

When you fill out our contact form, quote request form, newsletter signup, or communicate with us via email, phone, or WhatsApp, you may provide:

  • Identity Information: Full name, job title, and role within your organization (e.g., Founder, CEO, Marketing Head, Sales Director)
  • Contact Information: Email address, phone number (including WhatsApp number), and company/startup name
  • Business Information: Industry, company stage (pre-seed, seed, Series A, etc.), business model description, target audience, and competitive landscape
  • Project Information: Deck type required, number of slides, timeline preferences, budget range, existing brand assets, and any content or data you share for deck creation
  • Communication Records: Emails, WhatsApp messages, call notes, and feedback shared during the project lifecycle

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical information through cookies, analytics tools, and server logs:

  • Device Information: Device type (desktop, mobile, tablet), operating system, browser type and version, screen resolution
  • Usage Data: Pages visited, time spent on each page, click patterns, scroll depth, referring URL, and exit pages
  • Network Information: IP address (anonymized where possible), approximate geographic location (city/country level), and internet service provider
  • Session Data: Session duration, number of sessions, return visit frequency, and interaction timestamps

1.3 Payment Information

We accept payments via UPI, bank transfer (NEFT/IMPS), Razorpay (for Indian clients), and Stripe (for international clients). We do not store your credit card numbers, debit card numbers, bank account numbers, or UPI IDs on our servers. All payment processing is handled securely by our third-party payment processors, each of which maintains PCI-DSS Level 1 compliance. We only retain transaction reference numbers, payment amounts, payment dates, and payment status for our accounting records.

1.4 Sensitive Personal Data

We do not intentionally collect sensitive personal data such as passwords, financial information (beyond what is processed by payment gateways), biometric data, health information, sexual orientation, political opinions, or religious beliefs. If you inadvertently share such information in project communications, we will treat it with the highest level of confidentiality and delete it upon request.

2. How We Use Your Information

We use the information we collect for the following specific purposes:

2.1 Service Delivery

  • To provide, manage, and deliver our pitch deck design services as agreed in the project scope
  • To conduct discovery calls and understand your project requirements
  • To develop narrative strategy, content outlines, and visual designs for your deck
  • To process revision requests and deliver final files (PPTX, PDF, source files)
  • To provide 7 days of post-delivery support for minor tweaks and adjustments

2.2 Communication

  • To respond to your inquiries, quote requests, and support questions
  • To send project updates, delivery notifications, and payment confirmations
  • To schedule and conduct discovery calls and feedback sessions
  • To send our weekly newsletter with founder tips, pitch deck insights, and industry updates (only if you explicitly opt in; you can unsubscribe at any time)

2.3 Business Operations

  • To process payments and maintain accurate financial records
  • To generate invoices and receipts for your records
  • To manage our project pipeline and production queue
  • To analyze service usage patterns and improve our offerings

2.4 Website Improvement

  • To analyze website traffic and user behavior to improve navigation, content, and user experience
  • To identify and fix technical issues, bugs, and performance bottlenecks
  • To conduct A/B testing on page layouts, CTAs, and content to optimize conversion

2.5 Legal & Compliance

  • To comply with applicable laws, regulations, and legal processes
  • To enforce our Terms & Conditions and protect our legal rights
  • To prevent fraud, unauthorized access, and other illegal activities

3. Legal Basis for Processing (GDPR)

For our clients and website visitors in the European Economic Area (EEA) and United Kingdom, we process your personal data on the following legal bases:

  • Contractual Necessity: Processing necessary to perform our services as agreed in the project scope (Article 6(1)(b) GDPR)
  • Legitimate Interest: Processing necessary for our legitimate business interests, such as improving our services, marketing, and fraud prevention, where these interests are not overridden by your rights (Article 6(1)(f) GDPR)
  • Consent: Processing based on your explicit consent, such as newsletter subscriptions and optional marketing communications (Article 6(1)(a) GDPR). You may withdraw consent at any time.
  • Legal Obligation: Processing necessary to comply with legal obligations, such as tax and accounting requirements (Article 6(1)(c) GDPR)

4. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyze site performance. Below is a detailed breakdown:

4.1 Essential Cookies

These cookies are strictly necessary for the website to function properly. They enable core functionality such as page navigation, form submissions, and security features. You cannot opt out of essential cookies as the website cannot function without them.

4.2 Analytics Cookies

We use privacy-focused analytics (Umami Analytics) to understand how visitors interact with our website. This tool collects anonymized usage data without using persistent cookies or tracking individuals across websites. Data collected includes page views, session duration, referral sources, device types, and geographic location (country/city level only).

4.3 Third-Party Cookies

If you interact with embedded content from third-party services (such as YouTube videos, Google Maps, or social media widgets), those services may set their own cookies. We have no control over these third-party cookies. Please refer to the respective privacy policies of those services for more information.

4.4 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies, set preferences for specific websites, and browse in private/incognito mode. Please note that disabling certain cookies may affect the functionality of our website. Instructions for managing cookies in popular browsers:

  • Chrome: Settings → Privacy and Security → Cookies and other site data
  • Firefox: Settings → Privacy & Security → Cookies and Site Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and site permissions → Manage and delete cookies

5. Data Sharing & Third-Party Disclosure

We do not sell, rent, lease, or trade your personal information to any third party for marketing or commercial purposes. We may share your information only in the following limited circumstances:

5.1 Service Providers

We work with trusted third-party service providers who assist us in operating our business. These providers are contractually obligated to protect your data and use it only for the purposes we specify:

  • Payment Processors: Razorpay (India) and Stripe (international) for secure payment processing
  • Analytics: Umami Analytics for privacy-focused website analytics
  • Email Services: For sending transactional emails (project updates, invoices) and marketing emails (newsletter, only with your consent)
  • Cloud Storage: For secure storage of project files and deliverables during active projects
  • Communication Tools: WhatsApp Business for client communication (subject to WhatsApp’s own privacy policy)

5.2 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including but not limited to:

  • Responding to a court order, subpoena, or legal process served on our business
  • Complying with requests from law enforcement or regulatory authorities
  • Protecting our rights, property, or safety, or that of our clients or the public
  • Investigating potential violations of our Terms & Conditions

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your personal information may be transferred as part of the transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

5.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so, such as featuring your testimonial or case study on our website or marketing materials.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law:

  • Project Files & Client Data: Retained for 12 months after project completion to facilitate any follow-up work, additional revisions, or related projects. After 12 months, project files are securely deleted unless the client requests extended retention.
  • Contact & Communication Records: Retained for 24 months after the last interaction to enable us to provide better service on future engagements.
  • Financial Records: Retained for 8 years as required by Indian tax and accounting regulations (Income Tax Act, 1961; GST Act, 2017).
  • Website Analytics Data: Aggregated and anonymized analytics data is retained indefinitely for trend analysis. No personally identifiable information is retained in analytics.
  • Newsletter Subscribers: Your email address is retained until you unsubscribe. Upon unsubscription, your email is removed from our mailing list within 7 business days.
  • Quote/Contact Form Submissions: Retained for 6 months if no project engagement follows, then securely deleted.

7. Data Security

We implement reasonable and appropriate technical, administrative, and physical security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. Our security practices include:

  • Encryption: All data transmitted between your browser and our website is encrypted using SSL/TLS (HTTPS) encryption
  • Access Controls: Access to client data is restricted to team members who need it for their specific role in the project. Each team member has individual credentials with role-based permissions.
  • Secure Storage: Project files are stored on encrypted cloud storage with multi-factor authentication enabled on all accounts
  • Payment Security: We never store payment card details. All payment processing is handled by PCI-DSS Level 1 compliant processors (Razorpay, Stripe).
  • Confidentiality Agreements: All team members sign confidentiality agreements as part of their engagement with Reedy 1st Decks
  • NDA Availability: We are happy to sign Non-Disclosure Agreements (NDAs) with clients upon request before starting any project
  • Regular Reviews: We periodically review our security practices and update them to address new threats and vulnerabilities

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to taking all reasonable steps to protect your data.

8. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information:

8.1 Rights Under Indian Law

Under the Information Technology Act, 2000 and associated rules, you have the right to:

  • Access your personal information held by us
  • Request correction of inaccurate or incomplete personal information
  • Withdraw consent for the collection and use of your personal information (where consent is the basis for processing)
  • File a grievance with our Grievance Officer (details below) if you believe your privacy rights have been violated

8.2 Rights Under GDPR (EEA/UK Clients)

If you are located in the European Economic Area or United Kingdom, you have additional rights under the GDPR:

  • Right of Access: Request a copy of all personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data, subject to legal retention requirements
  • Right to Restrict Processing: Request that we limit how we use your data in certain circumstances
  • Right to Data Portability: Request your data in a structured, commonly used, machine-readable format
  • Right to Object: Object to processing of your data based on legitimate interests or for direct marketing purposes
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal
  • Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority

8.3 How to Exercise Your Rights

To exercise any of the above rights, please contact us at hello@reedy1stdecks.site with the subject line “Privacy Rights Request.” We will respond to your request within 30 days. We may need to verify your identity before processing your request. There is no fee for exercising your rights, unless requests are manifestly unfounded or excessive.

9. International Data Transfers

Reedy 1st Decks is based in India. If you are accessing our website or services from outside India, please be aware that your information may be transferred to, stored, and processed in India. By using our services, you consent to the transfer of your information to India.

For clients in the EEA/UK, we ensure that any international data transfers comply with GDPR requirements through appropriate safeguards, including standard contractual clauses where applicable.

10. Children’s Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete such information as soon as possible. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at hello@reedy1stdecks.site.

11. Third-Party Links

Our website may contain links to third-party websites, services, or platforms (such as LinkedIn, Instagram, YouTube, WhatsApp, Razorpay, and Stripe). We are not responsible for the privacy practices, content, or security of these third-party sites. We encourage you to read the privacy policies of any third-party website you visit. This Privacy Policy applies only to information collected by Reedy 1st Decks through our website and services.

12. Do Not Track (DNT) Signals

Some web browsers transmit “Do Not Track” (DNT) signals to websites. Since there is no universally accepted standard for how DNT signals should be interpreted, our website does not currently respond to DNT signals. However, we use privacy-focused analytics (Umami) that does not track individual users across websites and does not use persistent cookies for tracking purposes.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the “Last updated” date at the top of this page
  • Post a notice on our website homepage for at least 30 days
  • Notify existing clients via email if the changes materially affect how we handle their data

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website or services after any changes constitutes your acceptance of the updated policy.

14. Grievance Officer

In accordance with the Information Technology Act, 2000 and the rules made thereunder, the name and contact details of our Grievance Officer are:

Name: Aarav Kumar
Designation: Founder & Creative Director, Reedy 1st Decks
Email: hello@reedy1stdecks.site
Phone: +91 85551 32498
Address: 90 Feet Rd, Malahi Pakri, East Indira Nagar, Hanuman Nagar, Patna, Bihar 800020
Availability: Monday–Saturday, 10:00 AM – 7:00 PM IST

The Grievance Officer shall acknowledge your complaint within 48 hours and resolve it within 30 days from the date of receipt.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through any of the following channels:

Email: hello@reedy1stdecks.site
Phone: +91 85551 32498
WhatsApp: +91 85551 32498
Postal Address: Reedy 1st Decks, 90 Feet Rd, Malahi Pakri, East Indira Nagar, Hanuman Nagar, Patna, Bihar 800020, India
Hours: Monday–Saturday, 10:00 AM – 7:00 PM IST