Privacy Policy

Tinfiz provides software for businesses that want to support customers through website chat, AI assistance, human handoff, email, WhatsApp, voice, knowledge base content, AI Actions, and analytics. The business using Tinfiz is responsible for the customer data it chooses to collect and process through the platform.

We use information to operate, secure, improve, and support Tinfiz. We do not sell personal data.

Depending on how a workspace uses Tinfiz, we may process the following categories of information:

• Account and workspace data: user name, email address, organization name, role, permissions, authentication metadata, and active workspace settings.
• Customer conversations: messages, replies, AI responses, attachments, conversation status, assignments, notes, timeline events, CSAT ratings, and channel metadata.
• Contacts: customer name, email, phone number, company, tags, custom fields, current page or last seen data passed by the widget, and related conversation history.
• Knowledge Base content: text notes, URLs, uploaded documents, indexed knowledge units, source health, and metadata used to ground AI answers.
• AI Actions data: action configuration, required parameters, execution logs, approval status, latency, failure reasons, and masked secret metadata.
• Usage and billing data: plan, subscription status, checkout metadata, invoices, limits, conversation usage, voice minutes, knowledge base usage, add-ons, and payment provider identifiers.
• Device and diagnostic data: browser information, IP address, logs, error details, session metadata, and security or abuse-prevention signals.

• Provide, maintain, and secure Tinfiz.
• Authenticate users and manage organization membership, roles, and permissions.
• Route, store, and display customer support conversations across enabled channels.
• Generate AI responses using approved workspace knowledge and conversation context.
• Run configured AI Actions and maintain logs, approvals, allowlists, and safety checks.
• Send notifications, operational emails, billing updates, and support communications.
• Measure usage, enforce plan limits, process billing, and prevent abuse.
• Debug issues, improve reliability, and understand product performance.

Tinfiz relies on trusted third-party services to operate the product. The exact services used may depend on which features a workspace enables.

These providers may process data in locations outside your country. Where required, appropriate safeguards should be used for cross-border transfers.

Tinfiz may use cookies, local storage, and similar browser technologies for authentication, session continuity, theme preferences, widget visitor continuity, onboarding state, and product settings.

The website widget may store a visitor identifier in the browser so the same visitor can continue a conversation or create a new conversation without losing context. Website owners using Tinfiz are responsible for giving any cookie or tracking notices required by their laws.

We use reasonable technical and organizational safeguards designed to protect data against unauthorized access, loss, misuse, or alteration. These include workspace-scoped access, server-side plan and permission checks, masked secrets, controlled AI Actions, and human approval flows for sensitive operations.

No method of transmission or storage is fully secure. If you believe you found a security issue, contact us at security@tinfiz.ai.

We retain data for as long as needed to provide Tinfiz, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support billing records. Retention periods may vary depending on the type of data, customer settings, backups, and legal requirements.

Workspace owners may request deletion or export of workspace data by contacting us. We may need to verify identity, confirm authority over the workspace, and clarify scope before completing the request.

Contact hard-deletion may be limited where deletion would break support history, billing records, fraud prevention, or legal obligations. Where possible, we may use deletion, anonymization, or access restriction depending on the request.

Send privacy requests to privacy@tinfiz.ai.

Tinfiz is intended for business use and is not directed to children. Customers should not knowingly use Tinfiz to collect personal data from children unless they have the legal authority and required consent.

We may update this Privacy Policy from time to time. Updates are effective when posted on this page with a revised effective date. If changes are material, we may provide additional notice where appropriate.

For privacy questions, deletion requests, or data access requests, contact privacy@tinfiz.ai.

For security issues, use the security page.