Data & Privacy

Data Policy

Tektome handles data responsibly, lawfully, and transparently. This policy explains what we collect, why we process it, how we protect it, and the rights and choices available to our customers and the people whose data we handle. It complements our Trust & Security commitments.

  • Data we collect & purpose limitation

    We collect only the data needed to deliver and improve our services — account and contact details, the project and design content you provide, and operational and usage data. Each category is processed for clearly defined purposes and is not used in ways incompatible with those purposes.

  • Lawful basis & consent

    We process personal data only where we have a lawful basis to do so — such as performance of a contract, legitimate interests, a legal obligation, or consent. Where we rely on consent, you can withdraw it at any time without affecting prior lawful processing.

  • Data protection & encryption

    We employ robust safeguards — including encryption in transit and at rest, granular access controls, and secure data-handling procedures — to protect sensitive and personal information throughout its lifecycle, in line with relevant privacy regulations.

  • Your data & AI

    Your content remains yours. We do not sell your data, and we do not use customer content to train shared or third-party foundation models without your explicit, opt-in consent. AI features operate on your data solely to deliver results back to you.

  • Data retention & deletion

    We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, or to resolve disputes. When data is no longer required, it is securely deleted or anonymised, and customers can request deletion of their data.

  • Data residency & hosting

    Customer data is hosted with reputable infrastructure providers under appropriate contractual and security safeguards. Where data is transferred across regions, we apply recognised transfer mechanisms to keep it protected.

  • Sub-processors & third parties

    We engage a limited set of vetted sub-processors to operate our services. Each is bound by contractual obligations requiring data-protection standards consistent with this policy. We do not share personal data with third parties for their own marketing.

  • Regulatory compliance

    Our data practices are designed to align with applicable data-protection regulations, including the EU/UK GDPR and Japan's Act on the Protection of Personal Information (APPI). We review our controls regularly as regulations evolve.

  • Your privacy rights

    Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data, and to object to or restrict certain processing. To exercise these rights or ask a question, contact our team and we will respond in line with applicable law.

Questions about this policy? Contact privacy@tektome.com · Last updated June 2026.