Tiddy's Privacy Policy
Last updated on April 21, 2025
At Tiddy, protecting your data and privacy is our priority. In short:
We do not use cookies to track our visitors' browsing habits.
We collect only the necessary data required to provide and improve our service.
Any third-party service we use is carefully chosen to ensure they follow strict data privacy standards.
You have full control over your personal data and can request its deletion at any time.
We do not monetize or share your data with advertisers or unrelated third parties.
Data We Collect
| Name | Description |
|---|---|
| Unique ID | Anonymized identifier generated to recognize returning users, without personally identifiable information. |
| Email Address | Collected via Resend for transactional and essential service communications only. |
| Payment Details | Processed securely by Lemon Squeezy. We do not store your payment details directly. |
| User behavior | Basic usage analytics processed anonymously using Seline to help improve our services. |
| Country | Derived anonymously from your IP address to better understand our user demographics. |
| HTTP Referrer | Collected if available, to better understand how users discover our services. |
| Processed Emails | We analyze email content (such as subject, sender, snippets, body) to generate insights. We store only the Gmail message ID (emailId) for the purpose of fetching and analyzing content when necessary. We do not store full email content or addresses in our database. |
| User Authentication | We use Clerk for secure user authentication and identity management. Clerk handles sign-in and authorization without exposing email addresses to our systems. |
| Processed Calendar Events | We do not store calendar text or descriptions. We only store the calendar ID, event date, location, and event URL (if available). This limited data is used solely to render calendar views and improve navigation. |
| Folios | We organize and store processed email and calendar data into structured "folios" within our internal database, helping users track activities such as job applications and related statuses. |
Key takeaway: No sensitive or personally identifiable information is stored unnecessarily.
Use of Gmail Data and AI/ML
We use Gmail data solely to extract user-specific insights, such as identifying job application emails or summarizing content for the user’s benefit. We do not use any Gmail or Workspace API data to train, develop, or improve generalized AI or machine learning models. All AI analysis is done via session-based processing using the OpenAI API, and no Gmail content is retained for model training purposes.
Cookies
The only cookie we use is a first-party session cookie necessary to remember your login status. You can delete this cookie from your browser at any time.
How We Use Third-party Services
To offer you a seamless and secure experience, we carefully select and use trusted third-party services:
Authentication: Clerk handles user sign-in and identity securely without exposing email addresses to Tiddy.
Analytics: We use Seline to collect anonymous usage data, helping us understand how users interact with Tiddy, without collecting personal identifiers. We do not store this data in our database.
Emails: Essential transactional and service emails are managed through Resend. Your email is never shared outside of these necessary transactional communications.
Payments: Payments are securely handled by Lemon Squeezy. Your financial details are encrypted and processed directly by them.
Hosting: Our servers and databases are securely hosted in the European Union using trusted providers, including Hetzner for API hosting and for database hosting.
The only cookie we store is a first-party session cookie that remembers your login status. This cookie can be deleted at any time.
Visitor and Client Profiles
Tiddy does not build detailed visitor profiles, nor do we aggregate or share your personal data for marketing or external purposes. Any information collected is strictly used to provide and enhance the functionality and security of our service.
Your Data Rights
You have the right to request access to, rectification of, or deletion of your personal data.
You can request data deletion by contacting us directly.
We are fully compliant with GDPR and similar data protection laws, ensuring your data privacy is respected.
Hosting and Security
All data in transit is encrypted using industry-standard HTTPS/TLS. Gmail-related data is never stored directly. We only store Gmail message IDs, which are anonymized and do not contain any user-identifiable content. Our infrastructure is hosted in the EU using trusted providers (Hetzner), with strict access controls and audit logging to ensure that only authorized services can access sensitive data.
We do not retain full email bodies, contact information, or personal message content in our database. Temporary data used for analysis is processed in-memory and discarded immediately after analysis.
Questions or Concerns?
For any questions regarding this privacy policy or our practices, please contact us:
Email: support@tiddy.comWe're committed to transparency and the protection of your data.