AgencyAgency

Privacy Policy

Effective: December 28, 2025

Our Privacy Commitment

At Tedigo Agency, privacy isn't just complianceβ€”it's fundamental to how we build trust. This document explains our data practices in plain language, focusing on transparency and your control over your information.

πŸ“Š The Data Lifecycle at Tedigo

Collection Phase

We gather information through three primary channels:

  • β€’
    Direct Input: Information you provide when creating accounts, configuring chatbots, or uploading training materials
  • β€’
    Platform Activity: Usage patterns, feature interactions, and performance metrics
  • β€’
    Third-Party Integrations: Data from connected services like payment processors and AI providers

Processing Phase

Your data powers these core functions:

  • β€’Training and optimizing your AI chatbots
  • β€’Analyzing conversation patterns for insights
  • β€’Preventing fraud and maintaining security
  • β€’Personalizing your dashboard experience

Storage & Retention

We maintain different retention periods based on data type:

Account Data

Active duration + 90 days

Chat Logs

Based on your plan (30-365 days)

Training Data

Until manually deleted

Analytics

Aggregated indefinitely

πŸ” Detailed Data Categories

Identity Information

Names, email addresses, company details, and profile photos you provide. This creates your account identity and enables team collaboration.

Legal basis: Contract fulfillment

Business Content

Documents, knowledge bases, and custom responses you upload to train chatbots. This remains your intellectual property.

Legal basis: Legitimate interest in service provision

Interaction Logs

Conversations between users and your chatbots, including timestamps and metadata. Essential for quality improvement and support.

Legal basis: Legitimate interest in service optimization

Technical Metadata

IP addresses, browser information, device identifiers, and session data. Used for security and performance optimization.

Legal basis: Legitimate interest in platform security

Financial Records

Billing information, transaction history, and payment methods. Securely processed through certified payment partners.

Legal basis: Contract fulfillment and legal compliance

🀝 Data Sharing Framework

Our Sharing Principles

βœ“We never sell your personal data to third parties

βœ“Sharing is limited to essential service operations

βœ“All partners undergo security vetting

βœ“You maintain ownership of your business content

Essential Service Partners

🧠

OpenAI

Processes natural language for chatbot responses. Data is encrypted and not used for their model training.

☁️

Cloudflare R2

Stores uploaded documents securely with encryption at rest and in transit.

πŸ’°

Stripe

Handles payment processing with PCI-compliant security standards.

πŸ›‘οΈ Security Architecture

Encryption Standards

AES-256 encryption for data at rest, TLS 1.3 for data in transit. All API communications use secure tokens with automatic rotation.

Access Controls

Multi-factor authentication available, role-based permissions, and comprehensive audit logging of all data access.

Infrastructure Security

SOC 2 compliant hosting, regular penetration testing, and 24/7 security monitoring with automated threat detection.

Incident Response

Documented response procedures with 72-hour breach notification commitment and dedicated security team oversight.

βš–οΈ Your Privacy Rights

Regardless of your location, we provide these fundamental rights:

Access & Portability

Request a complete copy of your data in machine-readable format

Rectification

Correct any inaccurate or incomplete personal information

Erasure

Request deletion of your data, subject to legal retention requirements

Restriction

Limit how we process your data in certain circumstances

Objection

Opt-out of specific data uses like marketing communications

Withdrawal

Revoke consent for data processing at any time

To exercise any right, email privacy@tedigo.net with your request. We respond within 30 days.

🌍 Global Privacy Compliance

European Union (GDPR)

Full GDPR compliance with data processing agreements, privacy by design, and EU representative designation.

California (CCPA/CPRA)

Consumer rights honored including sale opt-out, though we don't sell personal information.

International Transfers

Standard contractual clauses and appropriate safeguards for cross-border data transfers.

πŸ”„ Policy Updates

This policy evolves with our services and regulations. Material changes trigger email notifications to all users at least 30 days before taking effect. Minor clarifications may be made without notice but are always reflected in the effective date above.

You can view the complete version history of this policy in ourpublic repository.

πŸ“ž Contact & Accountability

Data Protection Officer

For privacy-specific inquiries:

privacy@tedigo.net

Response time: 48 hours

General Support

For account and service questions:

support@tedigo.net

Available 24/7

Supervisory Authority: You have the right to lodge complaints with your local data protection authority if you believe we haven't adequately addressed your privacy concerns.