Privacy practices for Tindorah services.

Tindorah acts as controller for website, account, billing, and relationship-management data tied to our services. For customer or end-user data processed on behalf of an organization, Tindorah may act as processor or subprocessor as described in the applicable contract or data processing agreement.

The exact contracting entity, contact route, and any appointed privacy representative are provided in the commercial documentation used to onboard your organization.

We may collect contact details, company details, login identifiers, support communications, billing and contract records, and technical metadata needed to authenticate users and operate accounts and workspaces.

Depending on the product used, we may process operational configuration, security logs, audit trails, and customer-provided content under customer instructions.

Depending on the context, processing is based on contract performance, legitimate interests in securing and improving the services, legal obligations, or consent where consent is the appropriate basis.

Customers remain responsible for choosing a valid legal basis for their own data collection, outreach, notices, and any recordings or monitoring where applicable.

We share data only with authorized personnel, contracted subprocessors, infrastructure providers, and professional advisors who need it to deliver, secure, or support the services.

Where Tindorah processes customer data on behalf of a customer, processing scope is governed by the commercial agreement, any DPA, and documented customer instructions.

We retain data for as long as needed to provide the services, secure accounts, resolve disputes, enforce agreements, and meet statutory retention duties. Retention periods depend on data type and contractual context.

We implement technical and organizational measures designed to protect personal data. Where data is transferred internationally, we use appropriate safeguards as required by applicable law and contract.

Depending on applicable law, you may have rights to access, correct, delete, restrict, or port your personal data, and to object to certain processing.

To exercise rights or request documentation such as a DPA, please contact us through your assigned support or commercial channel.

We use cookies and similar technologies to keep the site working, maintain security-related behavior such as CSRF protection, remember your language choice, and support authentication and session management.

Where optional analytics or non-essential cookies are used, we will provide notice and, where required, a choice before enabling them.