Privacy Policy

GooveXCo Ltd. ("we") operates ty\e at tylellm.com. This policy explains what we collect, why, and how to control or delete it.

1. Data we collect

Account

• Email and name (required at signup)
• Phone number (optional, for SMS 2FA)
• Hashed password (bcrypt — never stored in plaintext)
• Avatar URL (if uploaded)

Conversations

• Messages you send and AI responses (saved server-side so you can sync across devices)
• You can turn this off in Settings → Privacy → "Save chat history"

Usage

• Daily message and token counts (for plan limits)
• Last sign-in IP & user-agent per device (for security alerts & Active Devices)
• Audit log of account-affecting actions: login, password change, payment, plan change

Organization workspace data (Organization plan only)

• Workspace membership (which orgs you belong to, your role, invite history)
• Chats you explicitly mark as shared with team — visible to every member of that workspace
• Workspace audit log: who shared / edited / deleted a shared chat, with timestamps + actor identity (visible to admins+)
• Per-seat subscription record (seat count, Stripe customer + subscription IDs)

Payment

• Payment records (plan, amount, currency, timestamp, Stripe IDs)
• We do not store credit-card numbers — Stripe processes these directly

2. How we use it

• Service operation: render the chat, enforce limits, route to the correct AI model
• Account security: 2FA, new-device alerts, session revocation
• Billing: process subscription payments via Stripe
• Personalization (optional): Custom Instructions saved per account, applied to every chat — can be cleared anytime

3. AI model training

By default we do not use your conversations to train AI models. You can explicitly opt in via Settings → Privacy → "Use data to improve AI". When off, your conversations are processed only to generate a response and never enter our training set.

4. Sharing & disclosure

4.1 Sub-processors (vendors)

We share data only with vendors required to run the service:

• AWS (Singapore region): hosting + database
• Stripe: payment processing
• Twilio: SMS OTP delivery
• Amazon SES: transactional email (password reset, security alerts)

Third-party AI models (optional). ty\e's default model is self-hosted on our AWS infrastructure. If you choose a non-default model or use your own API key (BYOK), the content you send (prompts, designs, uploads) is transmitted to that provider — e.g. OpenAI, Google (Gemini), or Anthropic (Claude) — and processed under their privacy terms. A BYOK API key is stored only in your browser (localStorage) and sent with each request; we never store it on our servers.

4.2 Inside an Organization workspace

If you join an Organization workspace, certain data flows between members of that workspace:

• Your name, email, and role are visible to all members of the workspace.
• Chats you mark as "Share with team" become readable and editable by every member of that workspace in real time. The workspace owner (not us) decides who has access via invite + role management.
• Chats you leave private stay private to you — even the workspace owner cannot read them.
• Workspace admins+ can see the audit log of every share / edit / delete action on shared chats (actor, timestamp, target chat). This is a feature, not a bug — it exists for compliance and incident review inside the workspace.
• Workspace owners pay the per-seat subscription; Stripe receipts and invoices are visible to the owner only.

You can leave a workspace at any time (or be removed by the owner / admin). On removal, your existing private chats stay yours; chats you authored that were shared with the team remain in the workspace under your name unless you delete them before leaving.

We do not sell your data. We do not share data with advertisers.

5. Your rights (PDPA / GDPR)

You have the right to:

• Access — download all your data: Settings → Data → "Download account data"
• Rectify — change name, email, phone anytime in Settings → Account
• Delete — Settings → Data → "Delete account" wipes everything within 30 days
• Portability — export your chats as JSON or Markdown
• Object — opt out of any optional processing via the Privacy toggles
• Withdraw consent — anytime, by toggling off the relevant setting or deleting your account

6. Retention

• Active accounts: data retained while account exists
• Deleted accounts: hard-deleted within 30 days
• Account audit logs (login, password change, etc.): retained 12 months for security forensics, then purged
• Workspace audit logs (share / edit / delete on shared chats; member invite / role change): retained 12 months from event, or until the workspace is archived — whichever comes later by no more than 30 days
• Payment records (personal + workspace): retained 7 years to comply with Thai accounting law
• Archived workspaces: chat content + audit log preserved 30 days for owner restore, then hard-deleted

7. Cookies

We use a single first-party cookie (JWT session token) to keep you signed in. No tracking cookies, no third-party analytics that profile you. localStorage holds preferences (theme, font size) on your device only.

8. Children

The service is not directed at users under 13. Do not create an account if you are under 13.

9. International transfers

Data is stored in AWS Singapore. We use standard contractual clauses for any transfer outside Thailand/EU as needed.

10. Data protection contact

Questions, requests, or complaints: privacy@tylellm.com

If we don't respond, you may file a complaint with the Thai Personal Data Protection Committee (PDPC).

11. Changes

Material updates are emailed to registered users 30 days before they take effect.