Privacy Policy
This Privacy Notice for Tadata Inc. ("we," "us," or "our"), describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:
Visit our website at tadata.com, or any website of ours that links to this Privacy Notice
Use our application or connect your third-party accounts (such as Google services) to our platform
Engage with us in other related ways, including any sales, marketing, or events
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at support@tadata.com.
By creating an account or signing up for our Services, you acknowledge that you have read, understood, and agree to this Privacy Notice, including our use of session recording and analytics as described herein.
SUMMARY OF KEY POINTS
This summary provides key points from our Privacy Notice. You can find more details about any of these topics in the sections below.
What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. This includes data collected through session recording and analytics tools.
Do we process any sensitive personal information? We do not process sensitive personal information.
Do we collect any information from third parties? We do not collect any information from third parties.
How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.
Do we use Google user data? Yes, if you connect your Google account to our Services. Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
How do we keep your information safe? We have organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.
What are your rights? Depending on where you are located geographically, the applicable privacy laws may mean you have certain rights regarding your personal information.
How do you exercise your rights? The easiest way to exercise your rights is by submitting a data subject access request, or by contacting us at support@tadata.com.
1. WHAT INFORMATION DO WE COLLECT?
Personal information you disclose to us
In short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You
The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:
Names
Usernames
Phone numbers
Email addresses
Contact or authentication data
Sensitive Information
We do not process sensitive information.
Social Media Login Data
We may provide you with the option to register with us using your existing social media account details, like your Google, Facebook, or other social media account. If you choose to register in this way, we will collect certain profile information about you from the social media provider, as described in the section called "HOW DO WE HANDLE YOUR SOCIAL LOGINS?"
Information automatically collected
In short: Some information—such as your Internet Protocol (IP) address and/or browser and device characteristics—is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information.
The information we collect includes:
Log and Usage Data: Service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services.
Device Data: Information about your computer, phone, tablet, or other devices you use to access the Services.
Location Data: Information about your device's location, which can be either precise or imprecise.
Client Application Data: Information collected from the specific client application used to interact with the product.
Session Recording Data: We use session recording technology (powered by Mixpanel) to record and analyze how you interact with our Services. This may include mouse movements, clicks, scrolls, keystrokes (excluding sensitive fields like passwords and any data fields containing Google-sourced sensitive information), page navigation, and other interactions with our user interface.
Google API
Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Cookies, Tracking Technologies, and Session Recording
We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your interactions with our Services. Additionally, we use Mixpanel for analytics and session recording purposes.
In short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You
The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:
Names
Usernames
Phone numbers
Email addresses
Contact or authentication data
Sensitive Information
We do not process sensitive information.
Social Media Login Data
We may provide you with the option to register with us using your existing social media account details, like your Facebook, X, or other social media account. If you choose to register in this way, we will collect certain profile information about you from the social media provider, as described in the section called "HOW DO WE HANDLE YOUR SOCIAL LOGINS?"
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
Information automatically collected
In short: Some information—such as your Internet Protocol (IP) address and/or browser and device characteristics—is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
The information we collect includes:
Log and Usage Data: Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take, such as which features you use), device event information (such as system activity, error reports, and hardware settings).
Device Data: We collect device data such as information about your computer, phone, tablet, or other devices you use to access the Services. Depending on the device used, this data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
Location Data: We collect location data such as information about your device's location, which can be either precise or imprecise. How much location data we collect depends on the type and settings of the device you use to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your location settings on your device. However, if you choose to opt out, you may not be able to use certain aspects of the Services.
Client Application Data: Client application data is information collected from the specific client application used to interact with the product.
Session Recording Data: We use session recording technology (powered by Mixpanel) to record and analyze how you interact with our Services. This may include mouse movements, clicks, scrolls, keystrokes (excluding sensitive fields like passwords), page navigation, and other interactions with our user interface. Session recordings help us understand user behavior, identify usability issues, and improve our Services. These recordings are associated with your account and may be reviewed by our team for quality assurance and product improvement purposes.
What is Session Recording?
Session recording is a technology that allows us to record and replay your interactions with our Services. This includes capturing your mouse movements, clicks, scrolls, taps, form interactions (excluding sensitive data like passwords and payment information), page navigation, and time spent on different parts of our application.
Why We Use Session Recording
We use session recording to:
Understand how users interact with our Services
Identify and fix usability issues and bugs
Improve the user experience and interface design
Provide customer support by understanding issues you may encounter
Analyze user behavior to improve our product features
Third-Party Analytics Provider
We use Mixpanel as our analytics and session recording provider. Mixpanel may collect and process data on our behalf in accordance with their privacy policy. For more information about how Mixpanel handles data, please visit their privacy policy at https://mixpanel.com/legal/privacy-policy/.
Your Consent
By creating an account or signing up for our Services, you consent to our use of session recording and analytics as described in this Privacy Notice. If you do not wish to have your sessions recorded, please do not use our Services or contact us to discuss alternative arrangements.
2. GOOGLE API SERVICES USER DATA DISCLOSURE
IMPORTANT: This section specifically addresses how Tadata accesses, uses, stores, and shares Google user data. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
2.1 Data Access and Justification
Our application, Tadata, integrates with Google services to provide core functionality, and in doing so, we access certain Google user data. We only request access to the narrowest scopes necessary to provide the following prominent, user-facing features. This is a complete list of the Google data we access, the scope we request, and its purpose:
2.2 Limited Use Policy Compliance
CRITICAL: Notwithstanding any other provision in this Privacy Policy, if you grant Tadata access to your Google data, our use of that data is subject to these additional, strict requirements mandated by the Google API Services User Data Policy:
No Selling: We will NOT sell Google user data to any third party, under any circumstances.
No Advertising Use: We will NOT use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
No General AI/ML Training: We will NOT use Google user data to create, train, or improve generalized machine learning or artificial intelligence models. Google data is only used for personalized, user-specific AI/ML features within your individual account to provide or improve user-facing features.
Limited Transfer: We will NOT transfer or share Google user data with any third party, except:
As necessary to provide or improve the prominent, user-facing features of the app (and only with your explicit consent)
For security purposes (e.g., investigating abuse or a security breach)
To comply with applicable laws or regulations
As part of a merger, acquisition, or sale of assets, with explicit prior user consent
Affirmative Statement: Tadata's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
2.3 Human Access Restrictions
Human access to Google user data (including email content, document text, calendar events, and file contents) is strictly prohibited, except in the following limited and necessary circumstances:
With Explicit User Consent: If we obtain your explicit, documented consent to access specific data for a specific support purpose (e.g., investigating a bug or troubleshooting a user-reported issue at your request).
For Security Purposes: When necessary for security purposes, such as investigating abuse, potential fraud, or a security breach affecting your account.
Legal Compliance: To comply with applicable laws, regulations, or valid legal processes.
2.4 Google User Data Deletion
Upon your request to delete your account or any Google user data, we will promptly delete all Google user data from our systems and all backup archives, subject only to any legally required retention periods. You may request deletion by contacting us at support@tadata.com or through the account settings in our application.
2.5 Data Security for Google Data
We implement appropriate technical and organizational security measures to protect Google user data, including:
Encryption of data in transit using TLS/SSL protocols
Encryption of data at rest
Access controls limiting data access to authorized personnel only
Regular security assessments and monitoring
Secure token storage with automatic revocation upon account deletion
3. HOW DO WE PROCESS YOUR INFORMATION?
In short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
To facilitate account creation and authentication and otherwise manage user accounts.
To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.
For analytics and product improvement. We process your information, including through session recording via Mixpanel, to analyze how users interact with our Services, identify usability issues, improve user experience, and enhance our product features.
To provide user-facing features. We process Google user data solely to provide or improve the prominent, user-facing features described in Section 2.1.
4. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law. We may process your information for the purposes of entering into or fulfilling contractual obligations, to comply with laws, to protect your rights, or to fulfill our legitimate business interests.
If you are located in the EU or UK, this section applies to you.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:
Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. Learn more about withdrawing your consent.
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services at your request prior to entering into a contract with you.
Legal Obligations. We may process your information when we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
If you are located in Canada, this section applies to you.
We may process your information if you have given us specific permission (i.e., express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time.
In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:
If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
For investigations and fraud detection and prevention
For business transactions provided certain conditions are met
If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim
For identifying injured, ill, or deceased persons and communicating with next of kin
If we have reasonable grounds to believe an individual has been, is, or may be a victim of financial abuse
If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province
If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records
If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced
If the collection is solely for journalistic, artistic, or literary purposes
If the information is publicly available and is specified by the regulations
5. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
In short: We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law.
If you are located in the EU or UK, this section applies to you. The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases:
Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you.
Legal Obligations. We may process your information when we believe it is necessary for compliance with our legal obligations.
Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party.
6. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?
In short: We offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies.
As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies (collectively, "AI Products"). These tools are designed to enhance your experience and provide you with innovative solutions.
How We Process Your Data Using AI
All personal information processed using our AI Products is handled in line with our Privacy Notice and our agreement with third parties. Importantly, Google user data processed by our AI features is used exclusively for personalized, user-specific features within your individual account. We do NOT use Google user data to train generalized AI/ML models.
7. HOW DO WE HANDLE YOUR SOCIAL LOGINS?
In short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you.
Our Services offer you the ability to register and log in using your third-party social media account details (like your Google, Facebook, or other social media account). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive depends on the social media provider concerned, but will often include your name, email address, and profile photo, as well as other information you choose to make public on such a social media platform.
We will use the information we receive only for the purposes that are described in this Privacy Notice. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider.
8. HOW LONG DO WE KEEP YOUR INFORMATION?
In short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this Notice will require us keeping your personal information for longer than three (3) months past the termination of the user's account.
Google User Data Deletion: Upon your request to delete your account or any Google user data, we will promptly delete all Google user data from our systems and all backup archives, subject only to any legally required retention periods. You may request deletion at any time by contacting us at support@tadata.com.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
9. HOW DO WE KEEP YOUR INFORMATION SAFE?
In short: We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. These measures include:
Encryption of data in transit using industry-standard TLS/SSL protocols
Encryption of data at rest
Regular security assessments and vulnerability testing
Access controls and authentication mechanisms
Secure token storage and management
Employee security training and awareness programs
However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
10. CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.
11. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
In short: If you are a resident of certain U.S. states, you may have specific rights regarding your personal information.
If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you and how we have processed it, correct inaccuracies, get a copy of, or delete your personal information.
Your Rights
Right to know whether or not we are processing your personal data
Right to access your personal data
Right to correct inaccuracies in your personal data
Right to request the deletion of your personal data
Right to obtain a copy of the personal data you previously shared with us
Right to non-discrimination for exercising your rights
Right to opt out of the processing of your personal data if it is used for targeted advertising or sale of personal data
How to Exercise Your Rights
To exercise these rights, you can contact us by submitting a data subject access request, by emailing us at support@tadata.com, or by referring to the contact details at the bottom of this document.
12. DO WE MAKE UPDATES TO THIS NOTICE?
In short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
If you have questions or comments about this notice, you may email us at support@tadata.com or contact us by post at:
Tadata Inc.
548 Market St PMB 766478
San Francisco, CA 94104
United States
14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To exercise this right, please contact us by using the contact details provided above or by submitting a data subject access request to support@tadata.com.
Google User Data: You may disconnect your Google account from our Services at any time through your account settings. Upon disconnection or upon your request, we will revoke OAuth tokens, cease processing your Google data, and delete all Google user data from our systems in accordance with the timelines described in this policy.
Last updated December 16, 2025