§ Privacy
Teemates LLC · Pennsylvania, USA
Record
Privacy Policy
Operator
Teemates LLC
Version
tos-34b6c37980ebStatus
Draft — attorney review pending
Privacy Policy
TransparencyKit — Teemates LLC · Effective date: pending: DATE · Contact: support@transparencykit.com
> DRAFT — FOR ATTORNEY REVIEW.
1. What We Collect
| Category | Examples | Source |
|---|---|---|
| Account data | Name, business name, email, password hash | You |
| Intake responses | Descriptions of your business, products, and AI systems provided through the guided questionnaire | You |
| Payment data | Handled by Stripe; we never store full card numbers | Stripe |
| Usage data | Pages visited, feature usage, device/browser info, IP address | Automatic |
| Communications | Support emails, feedback | You |
We do not intentionally collect sensitive personal information (health, biometrics, government IDs) and ask that you not include personal data about individuals in intake responses — describe your systems, not your users.
2. How We Use It
- Generate your Deliverables and operate your account
- Process payments and send transactional email (receipts, delivery, renewal notices)
- Send the regulatory-monitoring digest you subscribed to
- Improve the Service, prevent fraud and abuse, and comply with law
- Marketing email only with your consent or as permitted by law — unsubscribe anytime
We do not sell or share personal information for cross-context behavioral advertising.
3. AI Processing Disclosure
Your intake responses are processed by third-party large language model infrastructure (Anthropic) to generate Deliverables. Our API-based processing is configured for business use; your inputs are used to produce your outputs, not to build public models by us.
4. Service Providers (Subprocessors)
| Provider | Purpose | Location |
|---|---|---|
| Anthropic | AI document generation | United States |
| Supabase | Database, authentication, storage | United States |
| Stripe | Payments, tax calculation | United States |
| Resend | Transactional & digest email | United States |
| Netlify | Site hosting | United States |
Each provider is bound by contractual terms restricting use of your data to providing services to us.
5. Retention
Account and intake data are retained while your account is active and for up to 24 months after, then deleted or anonymized, unless longer retention is required by law (e.g., tax records). You may request earlier deletion (Section 7).
6. Security
We use industry-standard safeguards: encryption in transit, hashed credentials, role-restricted database access, and least-privilege API keys. No system is perfectly secure; report concerns to support@transparencykit.com. If a data breach affects your personal information, we will notify you and applicable regulators as required by law.
7. Your Rights
Everyone: You may request access to, correction of, or deletion of your personal information, or export of your data, by emailing support@transparencykit.com. We respond within 30 days.
EEA/UK visitors (GDPR/UK GDPR): Our legal bases are contract performance (operating the Service), legitimate interests (security, improvement), consent (marketing), and legal obligation. You additionally have rights to restrict or object to processing, data portability, and to lodge a complaint with your supervisory authority. Data is processed in the United States; where required, transfers rely on Standard Contractual Clauses or providers' EU–US Data Privacy Framework certifications. ⚖️ Attorney: assess whether an EU Article 27 GDPR representative is needed if EEA customer volume grows.
California residents (CCPA/CPRA): You have rights to know, delete, correct, and opt out of sale/sharing (we do not sell or share), without discrimination for exercising them.
8. Cookies
We use essential cookies only (login sessions, checkout). We do not use third-party advertising cookies, and we do not currently use analytics. If we add analytics, it will be privacy-respecting and this policy will be updated. Adjust preferences via your browser or our cookie banner where displayed. Our site does not respond to browser Do Not Track signals; we honor Global Privacy Control signals where legally required (and we do not sell or share personal information in any case).
9. Children
The Service is for businesses only and not directed to anyone under 18.
10. Changes
We will post updates here with a new effective date and email account holders about material changes.