Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your information.
1. Who we are
Tallal Technologies ("we," "our," "us") is a Pakistan‑based software company that builds AI‑powered web, mobile and automation solutions for clients worldwide. This Privacy Policy explains how we collect, use, disclose and protect your information when you interact with our websites, apps, chatbots, APIs, subscriptions, social‑media pages or any other service that links to this Policy (collectively, the "Services").
If you don't agree with this Policy, please don't use our Services. Using them means you accept the practices below.
2. What we collect
| Category | Examples | Source |
|---|---|---|
| Information you provide | Name, business name, e‑mail, phone, billing address, payment details (handled by our payment processor), project files, messages, voice or video recordings you upload, survey responses | Directly from you |
| Automatic data | IP address, device type, browser, OS, referring URLs, pages viewed, clicks, time spent, error logs, cookie IDs, in‑product telemetry, usage statistics of our AI models | Collected automatically via cookies, SDKs and server logs |
| Third‑party data | Verification checks, social‑media profile info, credit‑checking (for corporate accounts), analytics from Google Analytics / Plausible / similar | From partners & publicly available sources |
We do not knowingly collect data from children under 13. If we learn we have, we delete it.
3. Why we use your data
| Purpose (and our legitimate interest, if applicable) | Lawful basis (GDPR) |
|---|---|
| Provide, maintain and improve the Services; train and fine‑tune AI models you explicitly ask us to customise | Performance of a contract |
| Respond to enquiries, support requests and bug reports | Legitimate interest |
| Process payments and prevent fraud | Performance of a contract / Legitimate interest |
| Send critical service e‑mails (e.g., outages, security alerts) | Legitimate interest |
| Send marketing e‑mails or WhatsApp messages about new features (only if you opt‑in) | Consent |
| Comply with legal obligations (tax, accounting, KYC) | Legal obligation |
We never sell your personal information.
4. Cookies & tracking
We use first‑ and third‑party cookies, local storage and similar tech for:
- Session management
- Analytics
- Remembering your preferences
- Security (e.g., rate‑limiting)
You can disable cookies in your browser, but some features may break.
5. How we share information
We share only when necessary:
| Recipient | Why |
|---|---|
| Service providers (cloud hosting, payment processors, e‑mail services, analytics) | To run core infrastructure under strict data‑processing agreements |
| AI vendors/LLM APIs (e.g., OpenAI, Anthropic) | To generate responses when you invoke those models |
| Business transfers | If we merge, sell assets or face insolvency, data may transfer subject to this Policy |
| Authorities | To comply with law, court orders or defend legal claims |
| Your explicit request | e.g., when you integrate your Tallal Technologies workspace with a third‑party tool |
6. International transfers
Our primary servers are in the US and EU. By using our Services, you acknowledge your data may be transferred to—and processed in—countries that may have data‑protection laws different from your own. We rely on Standard Contractual Clauses or equivalent safeguards where required.
7. Retention
We keep data only as long as needed for:
- the purpose we collected it for,
- any compatible purpose, or
- legal/contractual obligations.
Back‑ups are purged on a rolling 30‑day basis; project assets you delete are unrecoverable after 7 days.
8. Security
We employ:
- AES‑256 encryption at rest
- TLS 1.3 in transit
- Role‑based access controls
- Annual penetration tests
- 24/7 automated monitoring
No system is 100% secure, but we work hard to protect you.
9. Your rights
If you're in the EEA/UK you can request to:
- Access, rectify or delete your data
- Restrict or object to processing
- Receive an export ("data portability")
- Withdraw consent at any time (marketing)
If you're in California (CCPA/CPRA) you can:
- Know what categories we've collected
- Delete your data
- Opt‑out of "selling" or "sharing" (we don't do either)
Email us to exercise any right; we may verify your identity first.
10. Third‑party links & integrations
Our Services may link to sites or tools we don't control (e.g., YouTube embeds, Stripe Checkout). Their own privacy policies apply.
11. Changes to this Policy
We'll post any updates here and, if changes are material, notify you by e‑mail or in‑app. Continued use after the effective date means you accept the revised Policy.
12. Contact us
Questions, requests or complaints?
If you're in the EU/UK, you may also lodge a complaint with your local Data Protection Authority.
Last updated: September 24, 2025