Security & Trust
Swiss entity. EU data residency. Enterprise-grade security by default.
Fidelity manifest — verifiable output
Every render declares, machine-readably, exactly what happened to your content — so an agent or a reviewer can trust the result without eyeballing it. Content you supply is bound verbatim; anything a model authored is flagged ai_completed; nothing is dropped silently. A render that is not faithful never bills.
Declared fidelity
Per render and per deck: verbatim / mixed / ai_completed, with field-level provenance naming which values were copied versus authored.
Checked invariants
Arithmetic is verified — waterfalls reconcile, funnels stay monotonic — and a content-coverage check confirms every supplied label actually rendered. Issues surface as counted warnings[] / errors[].
// deck response — a clean 13-slide board pack
"fidelity_manifest": {
"status": "clean",
"slides_total": 13,
"summary": {
"fidelity": { "verbatim": 13 },
"ai_completed": 0,
"truncated": 0,
"errors": 0,
"min_font_pt": 9
}
}From a blind external evaluation: “trust the warnings; don’t trust a warning-free render.” The manifest is what makes SlideForge safe to compose into an automated workflow — silent content loss is the only sin.
Data Handling
Minimal data collection
We store only your email address and authentication ID. No passwords, no credit card numbers, no tracking profiles.
Credential-free responses, authenticated downloads
API response bodies never carry download credentials. Files are fetched with your API key (ownership-checked), or via short-lived single-use download links minted on demand (POST /v1/jobs/{id}/download-url) — 5-minute TTL, one fetch, instantly revocable, audit-logged.
User-scoped storage
All files are stored in isolated, user-scoped paths. No cross-tenant data access is possible at the storage layer.
Automatic deletion
Output files are subject to lifecycle-based auto-deletion. We do not retain your slide content indefinitely.
Infrastructure
EU data residency
All compute, storage, and database infrastructure runs in Azure West Europe (Netherlands). No transatlantic data transfers for processing.
Encryption at rest & in transit
AES-256 encryption at rest (Azure managed keys). TLS 1.2+ for all data in transit. No unencrypted endpoints.
Swiss entity
Operated by Smart Data Brokers GmbH, registered in Zurich, Switzerland. Subject to the Swiss Federal Act on Data Protection (FADP), which has EU adequacy status.
No shared credentials
All secrets are stored in Azure Key Vault. No credentials in source code, no shared API keys between tenants.
AI Processing & Data Flow
SlideForge has two render modes. Your data only touches AI models in brief mode, and only for intent routing.
Brief mode (AI-assisted routing)
Brief (text) → SSG intent routing → deterministic pattern render → PPTX → private blob storage → header-authenticated download
Only the text brief is sent to AI models, and only to route it to a render pattern — the slide itself is drawn deterministically. No files, images, or personal data are transmitted. AI providers do not retain API inputs for training.
Code mode (zero-AI path)
Your python-pptx code → sandbox execution → PPTX → private blob storage → header-authenticated download
No AI models are involved. Your data never leaves our Azure infrastructure. Ideal for sensitive or regulated content.
Sub-processors
| Provider | Purpose |
|---|---|
| Microsoft Azure | Compute, storage, database |
| Auth0 (Okta) | Authentication |
| Stripe | Payments |
| Google (Gemini) | AI model provider |
| Cerebras | AI model provider |
Compliance
Swiss FADP
Primary governing law. EU adequacy decision enables cross-border data flows without additional safeguards.
GDPR aligned
Data processing aligned with GDPR principles. DPA available on request for enterprise customers.
EU AI Act
All AI-generated PPTX files include transparency metadata identifying content as AI-generated, per limited-risk disclosure requirements.
Data Processing Agreement
We provide a standard Data Processing Agreement (DPA) for enterprise customers who require a formal contractual framework for personal data processing.
Our DPA covers: data controller/processor roles, processing purposes and scope, sub-processor management, data subject rights, breach notification procedures, data deletion and return, and cross-border transfer mechanisms.
To request a signed DPA, contact us at contact@slideforge.dev.
Security Questionnaire
We maintain pre-filled responses to common vendor security questionnaires (CAIQ, SIG Lite). If your procurement team requires a completed questionnaire, email contact@slideforge.dev and we will return it within 2 business days.