Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Taufinity B.V. ("Taufinity", "we", "us") collects, uses, and protects personal data when you use Taufinity Studio ("the Service").

Data Controller

For account and platform data, Taufinity B.V. is the data controller. For personal data processed through widgets and chat interactions, your organization is the data controller and Taufinity acts as a data processor. See Data Governance for details.

Data We Collect

Account data. When you sign in with Google SSO, we receive your name, email address, and profile picture. This data is used to authenticate you and manage your account.

Usage data. We collect information about how you use the Service, including page views, feature usage, and API calls. This data is used to operate, maintain, and improve the Service.

Content data. Content you create, upload, or generate through the Service is stored to provide the Service. You retain ownership of your content (see Terms & Conditions).

Chat data. If your organization enables chat logging, widget conversations are stored in encrypted form. Chat logging is opt-in and disabled by default.

How We Use Your Data

To provide, operate, and maintain the Service
To authenticate your identity and manage access
To communicate with you about your account and the Service
To comply with legal obligations

We do not sell your personal data. We do not use your content to train AI models.

We share data only as necessary to provide the Service:

AI providers — Content sent to AI models for processing (see AI Providers)
Cloud infrastructure — Hosting, storage, and database services in EU regions
As required by law — When legally obligated to disclose

A list of sub-processors is available upon request.

Under GDPR, you have the right to:

Access your personal data
Rectify inaccurate data
Erase your data (right to be forgotten)
Port your data to another service
Object to processing
Restrict processing

To exercise these rights, contact your organization administrator or email us at [email protected].

Data Retention

Account data is retained while your account is active. After account closure, data is deleted within 30 days
Chat logs (when enabled) are retained until deleted by your organization or until the organization's encryption key is destroyed
Usage data is retained in aggregated form for analytics

Security

We protect your data with encryption at rest and in transit, per-organization encryption keys for chat data, and role-based access controls. See Data Governance for details.

Cookies

We use essential cookies for authentication and session management. See our cookie consent mechanism on the login page.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service.

Contact

For privacy-related questions:

Email: [email protected]
Taufinity B.V., the Netherlands

Privacy Policy ​

Data Controller ​

Data We Collect ​

How We Use Your Data ​

Data Sharing ​

Your Rights (GDPR) ​

Data Retention ​

Security ​

Cookies ​

Changes to This Policy ​

Contact ​