Tawi AI
DE

Privacy Policy

Last Updated: [TODO: Insert date]

This Privacy Policy explains how Tawi AI ("we", "our", "us") collects, uses, stores, and protects personal data when you use our website and AI services. Processing is performed in compliance with GDPR (EU) 2016/679 and applicable European data protection laws.

Privacy contact: privacy@tawi.ai | [TODO: Legal Company Name], [TODO: Company Address], [TODO: Country]

1. Data Controller

Tawi AI, [TODO: Legal Company Name], [TODO: Company Address], [TODO: Country]. If you have questions about this policy or your data, contact privacy@tawi.ai.

2. Personal Data We Collect

  • Information provided directly: name, email, account credentials, company name, support communications, and prompts/content submitted to the AI service.
  • Automatically collected information: IP address, browser/device data, operating system, usage logs, pages visited, access timestamps, and referrer URLs.
  • Cookies and similar technologies for functionality, performance, analytics, and user experience personalization.

3. Purposes of Processing

  • Providing, operating, and improving services
  • Account and customer management
  • Customer support and communications
  • Security and fraud/misuse prevention
  • Compliance with legal obligations

4. Legal Basis for Processing (GDPR Art. 6)

  • Contractual necessity
  • Legitimate interests (e.g., security and service improvement)
  • Consent (e.g., marketing and non-essential cookies)
  • Legal obligation

5. AI Processing and User Content

When you submit prompts, files, or other inputs, this data may be processed by our AI systems to generate outputs. We apply safeguards to protect data and minimize retention. Where improvement/training activities occur, data may be anonymized or aggregated where feasible.

6. Data Sharing and Third-Party Processors

We may share personal data with trusted providers such as cloud hosting, analytics, payment processors, customer support systems, and infrastructure/security vendors. Such processors operate under Data Processing Agreements (DPAs).

7. International Transfers

If personal data is transferred outside the EEA, we apply appropriate safeguards, including Standard Contractual Clauses (SCCs) or other approved mechanisms.

8. Data Retention

  • Account data: retained while the account is active
  • Support communications: up to 24 months
  • System logs: typically 30-90 days
  • After retention periods: deletion or anonymization

9. Your GDPR Rights

  • Access
  • Rectification
  • Erasure (right to be forgotten)
  • Restriction of processing
  • Data portability
  • Objection to processing
  • Withdrawal of consent

10. Automated Decision-Making

Tawi AI uses automated systems to generate responses but does not make legally binding decisions about users without human oversight.

11. Data Security

We implement appropriate technical and organizational measures, including TLS encryption in transit, access controls, monitoring, infrastructure hardening, and data minimization.

12. Children's Data

Our services are not intended for individuals under 16, and we do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy periodically. The latest version is published on this page with an updated revision date.

14. Contact and Complaints

For privacy inquiries contact privacy@tawi.ai. You also have the right to lodge a complaint with your local EU Data Protection Authority (DPA).

15. Cookie Notice (Summary)

We use cookies for essential functionality, analytics, and experience optimization. Preferences can be managed via the cookie consent banner.