Privacy Notice

This Privacy Notice describes how Tego AI, Inc. and its affiliated companies (“Tego”, “Tego AI”, “Tego Security”, “we”, “our”, or “us”) collect, store, use, and disclose personal data when you interact with us.

This includes interactions through our website, products and services, events, marketing activities, online content, advertisements, communications, integrations, and any other business-facing engagement we control (collectively, “Commercial Engagements”).

Scope of This Privacy Notice

This Privacy Notice applies to personal data collected in connection with our Commercial Engagements.

Personal data that we process on behalf of our business customers through our Agentic AI Access Control platform (the “Platform”) as part of the Tego services provided under an applicable order form (“Customer Data”) is not covered by this Privacy Notice. The processing of Customer Data is governed by our contractual agreements with the relevant business customer, including any Data Processing Addendum. To understand how such data is handled, please contact the applicable customer directly.

By visiting our website or otherwise interacting with our Commercial Engagements, you acknowledge that you have read and understood this Privacy Notice. If you do not agree, please do not interact with us or provide us with personal data.

Our Commercial Engagements and Platform are designed for business use only. All personal data covered by this Privacy Notice is treated as relating to individuals acting in a business or professional capacity.

You are not legally required to provide personal data. However, if you choose not to provide it, certain Commercial Engagements may not be available or may function with limited capability.

What This Privacy Notice Covers

This Privacy Notice explains our practices regarding:

• Data collection and processing
• Data uses and lawful bases
• Data storage and international transfers
• Data retention
• Data disclosures
• Cookies and tracking technologies
• Communications
• Data security
• Sale or sharing for targeted advertising
• Data subject rights
• Data controller and processor roles
• Additional notices and contact information

Data Collection and Processing

When we refer to “personal data”, we mean information that identifies or can reasonably be linked to an individual. This does not include anonymized or aggregated data.

Categories of Data Subjects

We collect personal data relating to:

• Business Representatives: Individuals acting on behalf of our business customers, such as administrators, billing contacts, and authorized signatories
• Prospects: Website visitors, event participants, and other prospective customers, users, or partners
• Vendor Representatives: Individuals acting on behalf of our vendors and service providers

Categories of Personal Data Collected

We may collect:

Contact and Business Information
Name, business email address, phone number, job title, employer, professional background, communications with us, feedback, testimonials, billing and contractual details, and commercial interaction history.

Technical and Usage Information
IP address, device identifiers, browser and operating system details, language and locale, activity logs, session recordings, inferred preferences, and engagement analytics.

For purposes of the California Consumer Privacy Act (CCPA), we may have collected identifiers, internet activity information, professional information, geolocation data, commercial information, inferences, and audio or visual information within the past 12 months.

Sources of Personal Data

We collect personal data:

• Automatically through our website and marketing campaigns
• Directly from individuals or business customers
• From service providers supporting our Commercial Engagements

Data Uses and Lawful Bases

We process personal data for the following purposes, relying on one or more lawful bases such as performance of a contract, legitimate interests, compliance with legal obligations, or consent where required:

• Providing and operating our Commercial Engagements
• Monitoring and improving our offerings
• Customer support and technical assistance
• Security, fraud prevention, and abuse detection
• Legal compliance and dispute resolution
• Marketing, advertising, and sales operations
• Event management and promotions
• Business analytics and aggregated insights

Where consent is required by applicable law, your continued interaction with us constitutes consent unless a different form is legally required. You may withdraw consent at any time by contacting privacy@tego.ai.

Data Storage and International Transfers

Our service providers and we store and process personal data in the United States, Israel, and other jurisdictions where our providers or we operate.

We apply appropriate safeguards for international data transfers, including standard contractual clauses or approved transfer mechanisms where required. Israel is recognized as providing an adequate level of data protection by relevant regulatory authorities.

You may request additional information regarding transfer safeguards by contacting us.

Data Retention

We retain personal data only as long as reasonably necessary to:

• Maintain and expand our relationship with you
• Provide our Commercial Engagements
• Meet legal and contractual obligations
• Resolve disputes and enforce agreements

Retention periods are determined based on data sensitivity, processing purpose, legal requirements, and risk considerations. We may delete or anonymize data at any time unless retention is legally required.

How We Disclose Personal Data

We may disclose personal data to:

Service Providers
Hosting, analytics, communications, security, billing, marketing, CRM, transcription, legal, financial, and compliance service providers acting under contractual obligations.

Event Sponsors and Partners
Where you opt in to sponsored events or content, subject to the sponsor’s privacy practices.

Business and Channel Partners
Resellers, distributors, and professional service partners were relevant to service delivery or local engagement.

Legal and Regulatory Authorities
When required by law, court order, or to protect rights, safety, or integrity of our operations.

Affiliates and Corporate Transactions
In connection with internal operations or mergers, acquisitions, restructuring, or insolvency proceedings.

We do not share mobile information for marketing or promotional purposes.

Cookies and Tracking Technologies

We use cookies, pixels, log files, and similar technologies to:

• Improve user experience
• Analyze performance
• Personalize content
• Support security and functionality

You may manage cookie preferences using the cookie widget on our website or through browser settings. For more information, please review our Cookie Policy.

Communications

We may communicate with you through email, phone, SMS, or notifications.

Service Communications
Essential messages related to account operation, security, billing, or service updates.

Promotional Communications
Information about products, features, events, and offers. You may opt out at any time by following the instructions in the message or contacting privacy@tego.ai.

Data Security

We implement reasonable physical, administrative, and technical safeguards to protect personal data. However, no system is completely secure. If you believe your data may be compromised, contact us immediately at privacy@tego.ai.

Sale or Sharing for Targeted Advertising

Under certain US laws, some disclosures of internet or device data may be considered a sale or sharing. We only enable such cookies based on your consent, where required.

You may opt out by adjusting your cookie preferences or enabling Global Privacy Control in your browser.

Your Data Subject Rights

Depending on applicable law, you may have rights to access, correct, delete, restrict, object to processing, or request portability of your personal data, and to opt out of sale or sharing.

Requests may be submitted to privacy@tego.ai. We may verify your identity before fulfilling requests and may retain minimal information for compliance purposes.

Requests related to Customer Data should be directed to the relevant business customer.

Data Controller and Processor Roles

• Tego acts as a data controller for Prospects, Business Representatives, and Vendor Representatives
• Tego acts as a data processor for Customer Data processed on behalf of business customers

Service providers act as processors or sub-processors as applicable.

Additional Notices and Contact Information

Updates
We may update this Privacy Notice from time to time. Material changes will be communicated in advance where required.

External Links
We are not responsible for the privacy practices of third-party websites or services.

Children
Our Commercial Engagements are not intended for minors, and we do not knowingly collect data from minors.

Database Controller (Israel)
For purposes of Israeli law, Tego Security Ltd acts as the database controller.

Contact Us
For questions or concerns, contact our privacy team at privacy@tego.ai.