1. Introduction

Tuqqi Systems LTD. ("Tuqqi", "we", "us", "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our Platform and Website, in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws.

2. Data Controller Information

Data Controller:

Tuqqi Systems LTD.

Contact Email: i@tuqqi.com

For any questions regarding this Privacy Policy or the processing of your personal data, please contact us at the email address above.

3. Definitions

• Personal Data: Any information relating to an identified or identifiable natural person.
• Processing: Any operation performed on personal data, such as collection, recording, storage, use, disclosure, or erasure.
• Data Subject: An individual whose personal data is processed.
• Platform: Tuqqi's SaaS platform that provides search, updates, knowledge management, task and project management, CRM solutions, and collaboration services.
• Website: The Tuqqi website that provides information about our Services.
• Device: Any digital device used to access the Platform and Website, including desktop computers, laptops, mobile phones, tablets, or other electronic devices.

4. Categories of Personal Data We Collect

4.1 Data Collected Automatically

When you access our Platform and Website, we automatically collect:

• Session duration and timestamps
• Pages and content accessed
• Frequency and scope of usage
• Browser type and version
• Operating system
• IP address
• Device information

4.2 Data You Provide Voluntarily

We collect personal data that you voluntarily provide, including but not limited to:

Identity Data: Full name, job title, profile photos

Contact Data: Email address, phone number, physical address

Professional Data: Company name, company size, country, LinkedIn profile URL, personal website

Application Data: Resume/CV, cover letter, portfolio

Communication Data: Content of messages, chat conversations, video calls

User Content: Tasks, projects, documents, posts, and any content you upload to the Platform

Customer Data: Information about your customers that you input into the CRM features

5. How We Collect Personal Data

We collect personal data through the following means:

1. Contact Forms: When you contact us through our Website, we collect your name, email address, phone number, job title, company name and size, and the content of your inquiry.

2. Newsletter Subscription: When you subscribe to our newsletter, we collect your email address.

3. Live Chat: When you use our live chat feature, we collect your name, email address, and the content of your conversation.

4. Questionnaire: When you complete our evaluation questionnaire, we collect your full name, work email address, company name, country, and number of employees.

5. Career Applications: When you apply for a position, we collect your full name, email address, phone number, resume, LinkedIn profile URL, personal website, cover letter, portfolio, and any additional information you provide.

6. Partnership Program: When you apply for our partnership program, we collect your full name, email address, job title, company name, country, website or LinkedIn page, and any additional details you provide.

7. Consulting Sessions: When you schedule a consulting session, we collect your name, email address, and session content.

8. Internship Applications: When you apply for an internship, we collect your full name, email address, phone number, and address.

For Customer Users (Platform Users)

9. Tasks & Projects: Content within tasks and projects you create and share.

10. Knowledge Management: Content within knowledge management processes, including recruitment and invoice management data.

11. Chat & Video Calls: Your name and the content of communications.

12. CRM: Information about your customers and interactions.

13. Social Network: Your name, photos, posts, and other content shared on the Platform's social features.

6. Legal Bases for Processing

Under GDPR, we process your personal data based on the following legal grounds:

6.1 Performance of a Contract (Article 6(1)(b) GDPR)

We process your personal data when necessary to:

• Provide you with access to our Platform and Services
• Manage your account and user profile
• Deliver the features and functionalities you have requested
• Respond to your inquiries and provide customer support
• Process job applications

6.2 Consent (Article 6(1)(a) GDPR)

We process your personal data based on your explicit consent for:

• Sending marketing communications and newsletters
• Processing data beyond what is necessary for the contract
• Using non-essential cookies

You have the right to withdraw your consent at any time by contacting us at i@tuqqi.com. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

6.3 Legitimate Interests (Article 6(1)(f) GDPR)

We process your personal data based on our legitimate interests to:

• Improve and develop our Platform and Services
• Ensure network and information security
• Prevent fraud and unauthorized access
• Conduct analytics to understand user behavior
• Personalize your experience on the Platform

We have conducted a legitimate interest assessment to ensure our interests do not override your fundamental rights and freedoms.

6.4 Legal Obligation (Article 6(1)(c) GDPR)

We process your personal data when necessary to comply with legal obligations, such as:

• Responding to lawful requests from public authorities
• Maintaining records required by applicable laws
• Complying with court orders or legal processes

7. Purposes of Processing

We use your personal data for the following purposes:

7.1 Service Delivery

• Providing and maintaining the Platform and Services
• Processing transactions and managing your account
• Providing customer support and responding to inquiries
• Enabling collaboration features among Customer Users

7.2 Service Improvement

• Analyzing usage patterns to improve user experience
• Developing new features and functionalities
• Conducting research and testing
• Troubleshooting technical issues

7.3 Security

• Verifying user identity and preventing unauthorized access
• Detecting and preventing fraud, abuse, and security incidents
• Conducting security investigations and risk assessments
• Protecting the integrity of our Platform and Services

7.4 Communication

• Sending service-related notifications
• Providing updates about changes to our Services or policies
• Sending marketing communications (with your consent)

8. Data Sharing and Recipients

We may share your personal data with the following categories of recipients:

8.1 Within Your Organization

As part of the Platform functionality, your personal data may be shared with other Customer Users within your organization.

8.2 Service Providers

We engage third-party service providers who process personal data on our behalf:

Microsoft Azure is used for cloud hosting and infrastructure and operates in the EU and the US.

Amazon Web Services (AWS) provides cloud services and operates in the EU and the US.

Intercom is used for customer communication and operates in the US.

Zapier is used for workflow automation and operates in the US.

Sentry is used for error monitoring and operates in the US.

Cumul.io is used for analytics and operates in the EU.

All service providers are bound by data processing agreements that require them to process personal data only on our instructions and implement appropriate security measures.

8.3 Legal Requirements

We may disclose your personal data when required by law, court order, or other legal process, or when necessary to protect our rights, property, or safety.

8.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity.

9. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses with our service providers.
• Adequacy Decisions: Where applicable, we transfer data to countries that the European Commission has determined provide adequate data protection.
• Data Privacy Framework: For transfers to the US, we work with providers certified under the EU-US Data Privacy Framework where applicable.

You may request a copy of the safeguards we use by contacting us at i@tuqqi.com.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Account data is retained for the duration of the account plus three years after deletion.

Communication records are retained for three years from the date of communication.

Marketing consent records are retained for the duration of consent plus three years.

Job applications are retained for two years from the application date unless the applicant is employed.

Analytics data is retained for 26 months.

Legal and compliance records are retained as required by applicable law.

After the retention period expires, we securely delete or anonymize your personal data.

11. Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

11.1 Right of Access (Article 15)

You have the right to obtain confirmation of whether we process your personal data and to receive a copy of that data.

11.2 Right to Rectification (Article 16)

You have the right to request correction of inaccurate personal data and completion of incomplete data.

11.3 Right to Erasure ("Right to be Forgotten") (Article 17)

You have the right to request deletion of your personal data when:

• The data is no longer necessary for the purposes for which it was collected
• You withdraw consent (where consent was the legal basis)
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed
• Deletion is required by law

11.4 Right to Restriction of Processing (Article 18)

You have the right to request restriction of processing when:

• You contest the accuracy of your data
• Processing is unlawful but you prefer restriction over erasure
• We no longer need the data but you need it for legal claims
• You have objected to processing pending verification of our legitimate grounds

11.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

11.6 Right to Object (Article 21)

You have the right to object to processing based on legitimate interests or direct marketing. For direct marketing, we will stop processing immediately upon objection.

11.7 Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects. We do not currently engage in such automated decision-making.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: i@tuqqi.com

We will respond to your request within one month. This period may be extended by two additional months if necessary, considering the complexity and number of requests.

We may request verification of your identity before processing your request.

12. Data Controller vs. Data Processor

When Tuqqi is the Data Controller

Tuqqi acts as the Data Controller for personal data collected through the Website, including contact forms, newsletter subscriptions, job applications, and other direct interactions.

When Tuqqi is the Data Processor

Tuqqi acts as the Data Processor for personal data that Customer Users input into the Platform. In this case, the Customer (your employer or organization) is the Data Controller. If you wish to exercise your rights regarding data processed on the Platform, please contact your organization's administrator first. We will assist them in fulfilling your request.

13. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. Our cookies include:

Essential cookies are required for platform functionality and last for the duration of the session.
Performance cookies are used for analytics and performance monitoring and are stored for up to two years.
Functional cookies remember user preferences and are stored for up to one year.
Marketing cookies are used to deliver personalized content with user consent and are stored for up to one year.

Managing Cookies

You can manage your cookie preferences through:

• Your browser settings
• Our cookie consent banner

Please note that disabling certain cookies may affect Platform functionality.

For more information about cookies, visit .

14. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of data in transit and at rest
• Access controls and authentication mechanisms
• Regular security assessments and penetration testing
• Employee training on data protection
• Incident response procedures

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

15. Children's Privacy

Our Platform and Website are not intended for children under the age of 16. We do not knowingly collect personal data from children under 16.

If you are under 16 years of age, you may not use our Services unless verifiable parental consent has been provided.

If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information.

16. Third-Party Links

Our Platform and Website may contain links to third-party websites. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party sites you visit.

17. Right to Lodge a Complaint

If you believe that our processing of your personal data infringes GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Posting the updated policy on our Website
• Sending an email notification (for significant changes)

The "Last Updated" date at the top of this policy indicates when it was last revised.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Tuqqi Systems LTD.

Email: i@tuqqi.com

20. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the State of Israel, without regard to conflict of law principles.

For disputes arising from this Privacy Policy:

• EU residents may bring claims in the courts of their Member State of residence
• Non-EU residents agree to the exclusive jurisdiction of the competent courts in Tel Aviv, Israel

__________________

This Privacy Policy is provided in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679, the California Consumer Privacy Act (CCPA), and other applicable data protection laws.