Privacy Policy

Last Updated: June 9, 2026

Overview

Copresent ("Copresent," "we," "us," or "our") lets multiple people control a Google Slides presentation together in real time. This is the single privacy policy for all of Copresent, and it covers our marketing website (copresent.app), the web remote / controller app, and the Copresent Chrome extension. It explains what information we handle, how we use it, and the choices you have. We are committed to collecting as little as possible.

Copresent is operated from the United States. If you use Copresent, your information is processed in the United States.

What We Don't Collect

  • A lasting copy of your slides. Copresent does not keep a permanent copy of your presentation. The limited slide data we use to keep co-presenters in sync — the presentation title, your speaker notes, and a server-rendered thumbnail image of the current slide — is handled only while the presentation is live and is deleted when it ends. See "Google Sign-In and Google User Data" below.
  • Passwords or Google credentials. Hosts sign in with Google through Google's own secure OAuth flow; co-presenters who join with a magic link don't sign in at all. We never receive anyone's Google password.
  • We do not sell your personal information and we do not share it for cross-context behavioral advertising. We do not use Google user data to train AI or machine-learning models.

Google Sign-In and Google User Data

Signing in with Google is optional. Basic copresenting — starting a presentation, joining from any device, and moving slides forward and back — works for everyone without signing in. Signing in unlocks the two features that need access to your deck: speaker notes and live slide previews (a thumbnail image of the current slide), which are then shared with the co-presenters in your session. A session where no one signs in has slide navigation only — no notes and no previews. This section explains exactly what Google user data Copresent accesses when you do choose to sign in, how we use it, how long we keep it, and whether we share it. Co-presenters who join with a magic link are never asked to sign in themselves; they simply see the notes and previews that the signed-in host's access enables.

Data we access. When you sign in with Google, you grant Copresent the following OAuth scopes:

  • openid, email, profile — your basic Google account information: your Google account ID, email address, name, and profile picture.
  • https://www.googleapis.com/auth/drive.file — per-file access limited to the specific Google Slides presentation you select. You explicitly choose, via Google's own file picker, the one deck you want to present; we cannot see any of your other Drive files. From that deck we read its title, its slide IDs and revision ID, and your speaker notes, and we generate a thumbnail image of the current slide. We cannot create, edit, or delete your slides.

How we use it.

  • Your account information is used to create and secure your Copresent account and to show co-presenters who is hosting the session.
  • Your Slides data is used for a single purpose: to show the current slide (as a server-rendered thumbnail) and your speaker notes to the co-presenters you invite, so they can follow along and help control the deck. Rendering happens on our server so the preview stays live even when your presentation window is in the background.
  • We use a Google "refresh token" solely to renew this read-only access so you don't have to sign in again every session.

How long we keep it.

  • Google Slides data — the presentation title, slide IDs, revision ID, speaker notes, and rendered thumbnails — is kept only for the duration of the live presentation and is deleted when the presentation ends.
  • Your account information (Google ID, email, name, profile picture) and your encrypted refresh token are retained so you can sign back in and use previews in future sessions. The refresh token is encrypted at rest. We keep these until you sign out, revoke Copresent's access, or ask us to delete your account.

How we share it. We do not sell your Google user data and we do not share it with third parties for their own purposes. It is processed only by the infrastructure providers we use to operate Copresent — Google Cloud (Firestore) and Amazon Web Services — acting on our behalf to provide the service. We do not use Google user data for advertising, and we do not use it to develop, improve, or train generalized or non-personalized AI or machine-learning models.

Limited Use. Copresent's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Revoking access and deletion. You can revoke Copresent's access to your Google account at any time from your Google Account permissions page. To delete the account information we hold, contact us at hello@copresent.app and we will remove it.

Information You Provide

  • Presenter name. When you join a presentation you enter a display name so other co-presenters can see who is in the session. It is stored in your browser and sent to our backend while you are connected.
  • Session ID / magic link. You paste a session ID or open a magic link to join a presentation. We use it only to route you to the correct live session.
  • Google sign-in (hosts). If you choose to sign in with Google, we receive the Google account and Slides data described in "Google Sign-In and Google User Data" above.
  • Messages you send us. If you email us, we receive your message and contact details to respond.

Information Stored in Your Browser

We use your browser's local storage to save:

  • A randomly generated presenter ID, so we can recognize you when you rejoin a session.
  • Your presenter name.
  • For signed-in hosts, a Copresent session token (so you stay signed in) and your basic Google profile details for display.
  • Recent presentations you have joined, so you can return to them.
  • Interface preferences, such as speaker-notes font size and visibility.

This data stays on your device. You can remove it at any time by clearing site data for the relevant domain in your browser settings.

Information Sent to Our Backend

While you are connected to a presentation, our backend receives real-time messages containing your presenter ID, presenter name, the session's magic ID, and slide-navigation events (move next/previous, current slide index). We hold the live session state in memory so co-presenters can join and stay in sync.

To let a session recover after a dropped connection or a server restart, we also store a limited record of the session — the presenter list, the current slide, and, for signed-in hosts, the session-scoped Slides data described above — in Google Cloud Firestore.

Session deletion. The session-scoped Slides data (title, slide IDs, revision ID, speaker notes, and thumbnails) and the live session record exist only for the lifetime of the presentation. When the presentation ends, they are deleted. Your Copresent account information and encrypted Google refresh token are retained separately, as described under "How long we keep it."

Analytics & Automatic Data

We use PostHog to understand how Copresent is used and to capture front-end errors. PostHog's autocapture is enabled, which records page views, clicks, and form interactions along with device and browser metadata such as user-agent, screen size, and approximate location derived from your IP address. We associate these events with your randomly generated presenter ID. We use this only to improve the product; we do not sell it, and we do not send your Google user data to PostHog.

Our hosting providers also generate standard web-server request logs (IP address, request path, user-agent) as part of operating the service securely.

Cookies & Similar Technologies

Copresent does not set its own advertising or cross-site tracking cookies. PostHog may set cookies or use local storage to maintain an anonymous analytics identifier. You can block or clear these through your browser settings or browser-level tracking protections.

Third-Party Services (Sub-Processors)

  • Google (Sign-In & Slides API). When you sign in with Google, we use Google's OAuth service to authenticate you and the Google Slides API to read the presentation you are presenting, as described in "Google Sign-In and Google User Data." Copresent is not affiliated with or endorsed by Google.
  • Google Cloud Firestore. We store Copresent account information, the encrypted Google refresh token, and limited session records in Google Cloud Firestore (a Google database service) in order to keep you signed in and to support session recovery.
  • Google Firebase Hosting. Our website and web remote are hosted on Firebase, which receives standard request logs.
  • Amazon Web Services (AWS). Our backend runs on AWS in the United States (us-west-2).
  • PostHog. Product analytics and error capture, as described above. We do not send Google user data to PostHog.

Data Retention

Google Slides data accessed through your Google sign-in (the presentation title, slide IDs, revision ID, speaker notes, and thumbnails) is retained only for the duration of the live presentation and is deleted when it ends. Your Copresent account information and encrypted Google refresh token are retained until you sign out, revoke Copresent's access, or request deletion. Live presentation relay data is retained only while a session is active. Data stored in your browser remains until you clear it. Analytics data is retained according to PostHog's retention settings, and server logs are retained for a limited period for security and operational purposes.

Your Rights & Choices

Depending on where you live, you may have rights to access, correct, delete, or limit the use of your personal information, and to opt out of certain processing. Because co-presenters do not create accounts and most data lives transiently or on your own device, you can exercise many of these choices directly by clearing your browser's site data and disabling analytics through your browser.

If you signed in with Google, you can revoke Copresent's access at any time from your Google Account permissions page, and you can ask us to delete the account information we hold by emailing hello@copresent.app.

California residents (CCPA/CPRA): We do not sell your personal information and we do not share it for cross-context behavioral advertising. You may request access to or deletion of personal information we hold, and we will not discriminate against you for exercising these rights.

To make a request, contact us at hello@copresent.app.

Children's Privacy

Copresent is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

Security

We take reasonable measures to protect the limited information we handle, including encrypted connections (HTTPS/WSS), encrypting the Google refresh token at rest, and keeping live session data in memory rather than in a persistent database. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Changes to This Policy

We may update this policy from time to time. Material changes will be reflected by updating the "Last Updated" date at the top of this page, and where appropriate we will provide additional notice.

Questions?

Email us at hello@copresent.app. Copresent is operated from the United States.