// Trust & Security Report
Beautiful Slides, Inc. (Beautiful.ai)
AI presentation software for individuals, freelancers/agencies, teams, and enterprises
Certifications held
4
Maturity
Growth
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on beautiful.ai“SOC 2 Type 2 compliance verifies the effectiveness of a company's data security controls over time.”
Verify on beautiful.ai“We use third-party, PCI-compliant, payment processors, which collect payment information on our behalf in order to complete transactions.”
> Show 2 unconfirmed / not-held certifications
source: beautiful.aiNot mentioned anywhere on the Beautiful.ai security page or privacy policy.
source: beautiful.aiNot mentioned anywhere on the Beautiful.ai security page or privacy policy.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
United States (Google Cloud hosting). No EU/regional data-residency option advertised. Privacy policy: 'we use Google Cloud Hosting to host our Site and Services.' DPA with EU Standard Contractual Clauses available on request via privacy@beautiful.ai.
Vendor states data processed by its AI models will not be used to train public LLM models and is retained for a maximum of 30 days to mitigate abuse; AI sub-processors are contractually barred from using customer data for training. Quote: 'Data processed by our AI models will not be used to train public LLM models... Data will be retained for a maximum of 30 days to mitigate against abuse.'
// Security controls
Penetration testing
Annual web application penetration test by an independent specialist firm. Quote: 'Beautiful.ai hires an independent firm that specializes in web application security to test our platform annually.'
beautiful.aiHosting / subprocessor
Google Cloud (hosting and asset storage); Stripe for PCI-compliant payments
beautiful.ai// Products & data scope
data: Registration data (email, password), presentation content uploaded by user, usage/telemetry data. Single-user account.
Self-serve subscription. AI features covered by the same no-public-LLM-training and 30-day retention posture.
data: Shared slide libraries, brand themes, collaborator email addresses, user permissions. Account owner ('Customer') controls retention/access of Authorized Users' data.
Adds collaboration, locked themes, viewer analytics. Customer is the data controller for Authorized User content per privacy policy.
data: Same content/usage data plus SSO/SCIM identity attributes; advanced permissions, brand guardrails, audit logs.
SAML SSO, SCIM provisioning, enterprise-grade security controls, DPA with SCCs available on request. Best fit for compliance-sensitive buyers.
data: Prompts, pasted outlines, and source material submitted to AI models; processed by third-party AI sub-processors.
Not trained into public LLMs; 30-day max retention; sub-processors barred from training on customer data.
// What to watch
- Privacy policy last revised June 14, 2023 (somewhat dated, though security page content is current).
- No ISO 27001 or HIPAA — normal for this product category but relevant for regulated buyers.
- No public bug bounty program.
- No regional data-residency choice; US hosting only with DPA/SCCs on request.
// At a glance
Pricing model
Subscription SaaS (free trial; Pro for individuals, Team, and Enterprise tiers)
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Beautiful Slides, Inc. (Beautiful.ai)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
beautiful.ai