Privacy Policy

Effective: April 26, 2026

This Privacy Policy explains how Tedigo ("we", "us") collects, uses, and protects your information when you visit www.tedigo.com or use Tedigo's products. Each Tedigo product (Agency, Maestro, Console) also publishes its own privacy notice covering product-specific subprocessors.

1. Who We Are

Tedigo is a US-based SaaS provider of AI-powered productivity tools. Contact: privacy@tedigo.net.

2. Information We Collect

2.1. Account Information

Email, name, organization name, and password (hashed) — provided when you register.

2.2. Customer Content

The content you create or upload — chatbot training documents, projects, tasks, conversations, code, voice recordings — depending on which Tedigo product you use.

2.3. Usage and Technical Data

IP address, browser/device information, session timestamps, and feature usage. Used for security, troubleshooting, and aggregated analytics.

2.4. Payment Data

Billing email, name, and payment method are held by our payment processor (Stripe). Tedigo never sees your card data.

3. How We Use Information

To provide and maintain the services, authenticate your account, monitor security, generate aggregated usage statistics, provide customer support, and comply with legal obligations.

We do not use your customer content to train AI models.

4. Subprocessors

We rely on the following categories of third-party providers. Each Tedigo product's privacy notice lists the specific subprocessors that touch that product's data:

Cloud infrastructure — Hetzner Online GmbH (Ashburn, Virginia, USA). EU residency available on request for EU customers.
AI providers — OpenAI, Anthropic, Groq, Google (Gemini), and Fixie.ai/Ultravox are used by various Tedigo products. Bring-your-own-API-key is supported in Agency.
Payment processing — Stripe, Inc. (PCI-DSS Level 1).
DNS — Cloudflare and DigitalOcean (DNS only — they do not store customer content).
Email — Tedigo's self-hosted mail server. No third-party email vendor.

We do not sell your personal information.

5. Data Security

We protect your information using TLS 1.3 in transit, encrypted storage for sensitive data at rest, role-based access controls for our team, JWT-based authentication with revocation, and infrastructure monitoring. No system is completely secure; you are responsible for protecting your account credentials.

6. Data Retention

Account data is retained while your account is active. After deletion, personal data is removed within 90 days unless legal requirements dictate longer retention. Financial records are retained for 7 years (legal requirement). Aggregated, anonymized data may be retained indefinitely.

7. Your Rights

Under GDPR (for EU residents), CCPA/CPRA (for California residents), and similar laws, you have the right to access, correct, delete, export, restrict, or object to processing of your personal data. To exercise these rights, email privacy@tedigo.net. We respond within 30 days.

8. International Transfers

Tedigo's primary infrastructure is in the United States. For EU customer data, cross-border transfers rely on Standard Contractual Clauses and, where available, the EU-US Data Privacy Framework certification of the receiving subprocessor.

9. Children

Tedigo's services are not intended for users under 16. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated by email at least 30 days before they take effect. The effective date above reflects the most recent revision.

11. Contact

For questions about this policy or to exercise your privacy rights, email privacy@tedigo.net. You also have the right to lodge a complaint with your local data protection authority.