At Tillion, protecting privacy is a key priority. The purpose of this privacy policy (the “Privacy Policy”) is to set out how Tillion Inc. (“Tillion”, “we”, “our” or “us”) collects, uses, stores, discloses or otherwise processes personal information about customers and other individuals (collectively “you”) who access or use Tillion’s website (the “Website”), and / or any of our products or services (collectively, the “Services”).
We encourage you to read this Privacy Policy carefully to understand how we handle your personal information and learn about your privacy rights. By using our Services, you acknowledge and agree that we may collect and use your personal information as described in this Privacy Policy.
Specifically, this Policy describes our privacy practices as follows:
1. Personal Information We Collect
2. How We Use Information Collected and Lawful Basis for Processing
3. Disclosure of Personal Data
4. Retaining Personal Information
5. Transfer of Personal Information
6. Cookies and Tracking Technologies
7. Security Measures and Data Protection
8. Your Choices and Data Subject Rights
9. Children’s Privacy
10. Updates and Amendments
11. How to Contact Us
Our Services are designed for businesses. Accordingly, we treat all personal information covered by this Policy, including information about any visitors to our Website, as pertaining to individuals acting as business representatives, rather than in their personal capacity.
Any capitalized but undefined term in this Policy shall have the meaning given to it in our Terms of Service (“Terms”).
When we use the terms “Personal Data” or “Personal Information” in this Privacy Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. It does not include aggregated or anonymized information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual.
When you use or access the Services, we collect certain categories of information about you from a variety of sources, as described below.
Some features of the Services may require you to directly provide us with certain information about yourself. You may elect not to provide this information, but doing so may prevent you from using or accessing these features. Information that you directly submit through our Services includes:
Through your interaction with our Services, we automatically collect (including through the use of analytics and system monitoring tools) Personal Information that may include the following (“Usage Data”):
We may obtain data from partners, such as security providers, to safeguard our Services against fraud, abuse, and other security risks. Additionally, we may collect information from marketing vendors who identify potential customers for our business solutions.
Subject to applicable laws, we will use your Personal Information as necessary to provide our Services and develop it (“Performance of Contract”); to comply with our legal and contractual obligations (“Legal Obligations”); to support our legitimate, such as maintaining and improving our Services, promoting our products and services, developing marketing, protecting and securing our customers, ourselves and our Services from misuse and law violations (“Legitimate Interests”). Where we rely on Legitimate Interests as the lawful basis for processing Personal Data, we have conducted Legitimate Interest Assessments (LIAs) to ensure that such interests do not override your rights and freedoms.
If you reside or are using the Services in a territory governed by privacy laws under which consent is the only or most appropriate legal basis for the processing of Personal Information as described herein (in general, or specifically with respect to the types of Personal Information you expect or elect to process or have processed by us) (“Consent”), your acceptance of our Terms and this Privacy Policy will be deemed as your consent to the processing of your Personal Information for all purposes detailed in the Policy. If you wish to revoke such consent, please contact us via privacy@tillion.ai.
The table below provides more specific information on our purposes, the types of information that may be processed and the legal basis on which we process it:
I. Service Providers: We may engage selected third parties to perform Services complementary to our Services. Such service providers may include hosting and server co-location services, communications and content delivery networks (CDNs), data security services, fraud detection and prevention services, analytics services, e-mail distribution and monitoring services, session, call or activity recording and analysis services, remote access services, performance measurement, data optimization and marketing services, social and advertising networks, content providers, e-mail, voicemails, support and customer relation management systems, and our legal, financial and compliance advisors (collectively, “Service Providers”). Our Service Providers may have access to Personal Information, depending on each of their specific roles and purposes in facilitating and enhancing the Services, and may only use the information for such limited purposes and commit to protect your privacy as determined in our agreements with them. All third-party service providers processing Personal Data on our behalf are bound by Data Processing Agreements (DPAs) that align with GDPR and other relevant privacy regulations. These agreements ensure that your data is processed securely and only for the intended purposes.
II. Advertising Partners: We do not disclose or use your information to advertise any third party’s products or services via the Services. However, we may disclose your information to third-party advertising partners to market our own Services and grow our Services’ user base, such as to provide targeted marketing about our own Services via third-party services. Please see the “Your Choices” and “Data Subject Rights” sections below for additional information.
III. Legal Compliance: We may disclose or allow government and law enforcement officials access to your Personal Information, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect the security or integrity of our Services.
IV. Protecting Rights and Safety: We may share your Personal Information if we believe in good faith that this will help protect the rights, property or safety of our Company, any of our users, or any members of the general public.
V. Merger, sale, or other structural change: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of some or all assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
VI. Professional Advisors: As necessary, we will share your Personal Data with professional advisors such as auditors, law firms, or accounting firms.
We will retain your Personal Data for only as long as necessary to provide our Services to you or fulfill the purposes for which it was collected. This includes legitimate business purposes, such as resolving disputes, ensuring safety and security, complying with legal obligations, or protecting our rights, property, or products, prevent harm, promote safety, security and integrity or to have proof and evidence concerning our relationship in case of legal issues following the termination of Services.
When determining the length of time to retain your information, we consider various criteria, including the following factors:
If the retention purpose has been fulfilled, we will securely delete, restrict access to, or de – identify your Personal Information unless further retention is required by law. If deletion is not possible due to legal or technical constraints, we will ensure that your Personal Data is securely archived and access is restricted. Additionally, under applicable privacy laws, you have the right to request deletion of your Personal Data, subject to legal or contractual obligations.
Except as required by applicable law or specific agreements with you, we are not obligated to retain your Personal Information for any particular period and may securely delete, restrict access to, or de-identify it at our sole discretion.
We may store and process Personal Information by using third parties in the European Union, the United States and other countries, as reasonably necessary for the performance of our contract with you and for the proper performance and delivery of our Services, or as may be required by law. While privacy laws may vary between jurisdictions, we require our Service Providers to provide us with adequate security commitment to protect your privacy as required under the applicable law and this Privacy Policy.
The Personal Information we collect may be transferred to, stored at, processed in, or accessed from countries outside the jurisdiction in which you are based, including in jurisdictions where our servers, affiliates, service providers, or other third parties are located. Specifically, we have servers for our Services in the United States and support, engineering, and other operational teams who may process your Personal Information from various locations, including the United States. We only transfer Personal Data outside the European Economic Area (EEA) to jurisdictions with an adequacy decision by the European Commission or using Standard Contractual Clauses (SCCs) where applicable. You can contact us at privacy@tillion.ai for further details about our data transfer mechanism
If you are located in the European Economic Area (EEA), Switzerland or the UK, please note that in case of transfer of Personal Information related to you to other jurisdictions, we will use appropriate safeguards by way of entering into the European Union (EU) Standard Contractual Clauses with the relevant recipients of such information.
By using our Services and acknowledging this Privacy Policy, you consent to the transfer of your Personal Information across borders to jurisdictions where we have databases or affiliates.
While data protection laws vary between countries, we apply the protections described in this Privacy Policy to your Personal Data regardless of where it is processed. If you wish to inquire further about our data transfer mechanisms, please contact us at support@tillion.ai.
We use cookies and other technologies for performance, tracking, analytics and personalization purposes. Non-essential cookies will only be deployed after receiving your explicit consent via our Cookie Consent Banner. We may share aggregated and anonymized cookie data with our service partners for our legitimate business purposes.
Cookies are packets of information sent to your web browser and then sent back by the browser each time it accesses the server that sent the cookie. Some cookies are removed when you close your browser session. These are the “Session Cookies”. Some last for longer periods and are called “Persistent Cookies”. We use both types.
We use Persistent Cookies to remember your log-in details and make it easier for you to log-in the next time you access the Platform. These cookies may also be used for analytics, personalization, and improving user experience.
While we respect Global Privacy Control (GPC) signals and other opt-out mechanisms where legally required, we currently do not respond to older "Do Not Track" signals in the HTTP header from a browser or mobile application. However, you can manage your cookie preferences—including whether or not to accept cookies and how to remove them—through your browser settings or via our Cookie Consent Banner. Please note that disabling cookies may affect the availability and functionality of certain features on our Site.
Additional information and a list of the cookies we use can be found in our Cookies Policy.
We are committed to securing your Personal Information and employ industry-standard physical, procedural, and technical security measures, including encryption where appropriate, to safeguard your data. However, no method of transmission over the internet or electronic storage is one – hundred percent secure, and therefore, we cannot guarantee absolute protection of your Personal Information.
While we take all reasonable steps to protect your data, we cannot ensure or warrant that our Services will be entirely immune to unauthorized access, malfunctions, unlawful interceptions, security breaches, or misuse by third parties.
In the event of a data breach affecting your Personal Information, we will notify relevant supervisory authorities and affected individuals as required by applicable law within the legally mandated timeframes.
To the fullest extent permitted by applicable law, we disclaim liability for unauthorized disclosure or access to your Personal Information resulting from circumstances beyond our reasonable control.
By using our Services or providing your information to us, you consent to receiving electronic communications from us regarding security, privacy, and administrative updates related to your use of the Services.
If you do not agree to the collection, use, or sharing of Personal Information as described in this Policy, please do not use the Services or provide us with such information. By using the Services or providing us with Personal Information through the Services, you are "opting in" to the collection, use, and sharing of that information as described in this Policy.
Depending on where you live, you may have certain rights under applicable privacy laws, including but not limited to the EU or UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA). These rights may include:
If you wish to exercise any of these rights, please contact us at privacy@tillion.ai.
When you make a request to exercise your rights, we may need to verify your identity. This could include asking you to provide identifying information, such as your email address or a government-issued ID. If you authorize someone else to make a request on your behalf, we will require proof of authorization (e.g., a power of attorney) and may still require you to verify your identity directly with us.
If we decline your request to exercise your rights, you may appeal our decision by contacting us at privacy@tillion.ai. Appeals will be reviewed, and we will respond within 30 days from receipt of your appeal. If you wish to unsubscribe from promotional communications or newsletters, you can do so by following the “unsubscribe” instructions included in those communications or by contacting us at privacy@tillion.ai.
Please note:
For more details about your privacy rights under applicable data protection laws, you can refer to the following resources:
If you have specific questions about your privacy rights in your region, please contact us at privacy@tillion.ai.
Our Services are intended for general audiences and are not directed at individuals under the age of 18. We do not knowingly collect, use, or store Personal Information from individuals under 18 without verifiable parental or legal guardian consent, where required by applicable law.
If we become aware that we have inadvertently collected Personal Information from an individual under 18 without proper consent, we will take immediate steps to delete such information from our records.
If you believe that we might have inadvertently collected Personal Information from someone under the age of 18, please contact us immediately at privacy@tillion.ai.
Parents and legal guardians: If you become aware that your child has provided us with Personal Information without your consent, please contact us immediately. We will take all reasonable steps to verify your identity as the child’s parent or legal guardian before processing your request.
We may modify this Privacy Policy from time to time, in which case we will update the “Last Updated” date at the top of this Privacy Policy. If we make material changes to the way in which we use or disclose information we collect, we will use reasonable efforts to notify you (such as by emailing you at the last email address you provided us, by posting notice of such changes on the Services, or by other means consistent with applicable law) and will take additional steps as required by applicable law. If you do not agree to any updates to this Privacy Policy, please do not continue using or accessing the Services.
If you have questions regarding this Privacy Policy or wish to exercise your privacy rights, you may contact our Data Protection Officer (DPO) at: privacy@tillion.ai.