Privacy Policy.

This Privacy Policy describes how Tellzm collects, uses, and protects information when you use our service at tellzm.com, our API at api.tellzm.com, and our MCP endpoint at mcp.tellzm.com.

The short version: we collect what we need to run the service, we don't sell anything, and you can export or delete your data at any time. The long version is below.

Account information. When you sign up, we collect your name, email address, and authentication tokens from our identity provider (Clerk). You can add an avatar and timezone from your profile.

Workspace content. Everything you create inside Tellzm — projects, tasks, sections, comments, checklists, custom fields, routines, dynamic data tables, views, attachments — is stored on our servers so we can show it to you and the people you've invited.

Usage data. We log operational events: when you sign in, which features you use, errors your client reports, and the timestamps of those events. This is used for reliability, debugging, and capacity planning.

AI assistant activity. When you connect Claude or ChatGPT through the Model Context Protocol, we log each tool call the assistant makes: the tool name, the timestamp, a scrubbed summary of the parameters (never the raw content of a record), and the result status. This is for your audit trail.

Billing information. For paid plans, Stripe processes your payment. Tellzm only stores a Stripe customer id and the current plan status — we never see your card number.

Device data. Like most web services, our servers receive your IP address, browser user-agent, and referring URL on each request. We keep these in access logs for a short window (see retention below).

We use the data above to:

• operate the service — authenticate you, serve your content, sync integrations, and route notifications
• keep the service reliable — investigate errors, detect abuse, and prevent unauthorized access
• respond to your support requests — we won't open a workspace without a clear reason tied to your ticket, and every such access is logged
• send you transactional email — workspace invites, comment mentions, task assignments, and the occasional critical service notice. You can disable most of these in settings
• improve Tellzm — by looking at aggregated, de-identified usage patterns, never your actual content

We do not use your content to train public machine learning models. Not ours, not anybody else's.

We do not sell your personal data or workspace content to anyone. Ever. If the business is ever acquired, we'll give you notice and the option to export and delete your data before any transfer.

We share data with a short list of sub-processors that are essential to running Tellzm:

• Clerk — handles sign-in, sign-up, and session management. They receive your email and authentication events.
• Stripe — handles subscription billing. They receive your payment details directly; we never see your card.
• Resend — sends transactional email. They receive recipient addresses and email bodies.
• AWS / Cloudflare R2 — stores file attachments you upload to tasks and records.
• Sentry — captures error reports. We scrub personally-identifiable content before sending error payloads.
• Google — if you connect Google Sheets, we send the sheet data you explicitly configure through the Google Sheets and Drive APIs.
• Anthropic & OpenAI — if you connect Claude or ChatGPT via MCP, those assistants query your workspace on your behalf. Tellzm is the surface they touch; we don't proactively send anything to them.

Each sub-processor is bound by a data processing agreement that restricts them to the specific purpose listed above. If we add or remove one, we'll update this list.

Tellzm uses a small number of cookies, all of them strictly necessary to run the service:

• a session cookie set by Clerk to keep you signed in
• a CSRF token cookie set by our API to prevent cross-site request forgery

We do not use advertising cookies, tracking pixels, or third-party analytics that follow you around the web. No banner required because we're not doing any of the things banners are for.

We keep your data for as long as your account is active. When you delete a record, a table, or a whole workspace, we soft-delete it first — the data stays recoverable from your settings for 30 days so you can undo mistakes. After 30 days, the soft-deleted entity is permanently removed from production systems by a nightly garbage-collection worker.

Encrypted database backups may retain recently-deleted data for up to 90 additional days before the backup rotation expires. We can't selectively delete from a backup, but we never restore a backup into production except for disaster recovery.

Operational logs (access logs, audit trails, MCP invocation records) are retained for 90 days for security and debugging, then hard-deleted.

Depending on where you live (GDPR in the EU/UK, CCPA/CPRA in California, LGPD in Brazil, PIPEDA in Canada, and so on), you have some or all of the following rights. Tellzm honors them for every user, regardless of where you live:

• Access — request a copy of the personal information we hold about you
• Correction — ask us to fix inaccurate data
• Deletion — ask us to remove your account and content (subject to legal holds)
• Portability — export your workspace content in a machine-readable format
• Restriction and objection — limit how we process your data, or object to specific processing
• Withdraw consent — revoke any consent you previously gave, going forward

To exercise any of these, email hello@tellzm.com. We respond within 30 days, usually faster. If you think we haven't handled your request properly, you can lodge a complaint with your local data protection authority.

We take security seriously. Here's what's in place:

• TLS 1.2+ on every connection (tellzm.com, api.tellzm.com, mcp.tellzm.com)
• Database at rest encrypted by our hosting provider
• Sensitive credentials (OAuth refresh tokens, integration API keys) encrypted at the application layer with AES-256-GCM
• Workspace isolation enforced at the service layer — every query checks membership before returning data
• Audit logs for MCP tool calls so you can see exactly what every assistant did on your behalf
• Rate limiting and abuse detection on authentication endpoints

No system is perfectly secure. If you discover a vulnerability, please email security@tellzm.com responsibly — we'll acknowledge within 48 hours and work with you to fix it.

Tellzm's servers are hosted in the European Union. If you access the service from elsewhere, your data crosses borders to reach us. Where required by law (e.g. for EU/UK users when we work with sub-processors in other regions), we rely on Standard Contractual Clauses and equivalent safeguards.

Tellzm is not intended for children under 16. We don't knowingly collect personal data from anyone in that age range. If you believe we have, email hello@tellzm.com and we'll delete it right away.

We may update this policy from time to time. Material changes will be announced in your workspace or by email at least 14 days before they take effect. The “last updated” date at the top of this page always reflects the current version.

For any privacy question, exercising your rights, or reporting a concern, email hello@tellzm.com. For security issues specifically, use security@tellzm.com.