Privacy Policy

Introduction

Tytle is committed to ensuring the protection of all personal data that we process in connection with our website (tytle.io and its subdomains), digital environments (portals and dashboards), and simulation tools, in compliance with the General Data Protection Regulation (GDPR).

Personal data refers to all information relating to you as an identified or identifiable natural person. Our services are not designed for minors.

Tytle operates as both a data controller and data processor. Our data privacy manager is L.W.P. Pessers (dpm@tytle.io). For regulatory concerns, you may contact Portugal's national data protection authority (CNPD).

About Personal Data and How We Collect, Use, and Store It

We collect the following categories of personal data:

Identity Data: name, job title
Contact Data: address, email, phone number
Financial Data: income, assets, debts
Marketing and Communication Data: preferences
Profile Data: username, password, tax simulation data
Technical Data: IP addresses, browser information, location
Transaction/Payment Data: referrals, payment details

We collect data through three methods: direct provision (forms, emails, chat), automated collection (cookies, server protocols), and third-party sources (analytics providers, payment processors).

We use your data to register users, simulate tax scenarios, store simulation data, manage referrals, share information with tax advisors, monitor service efficiency, manage relationships, create payment links, protect business operations, analyze service improvements, and make recommendations.

Marketing communications require your prior consent. You can opt out at any time. If the purpose of data processing changes, we will notify you.

Disclosures of Your Personal Data

We may share your personal data with external third parties including payment processors, analytics providers, and hosting providers. Data may also be disclosed to parties involved in business transfers, who could use your information consistent with this policy.

International Transfers

When we transfer your data outside the European Economic Area, we use European Commission-approved standard contractual clauses or rely on EU-US Data Privacy Framework certification to ensure adequate protection. Specific transfer mechanisms are available upon request.

Data Security

We have implemented appropriate security measures to prevent accidental loss, unauthorized access, alteration, or disclosure of your personal data. Access is limited to employees and contractors with a legitimate business need, who operate under confidentiality obligations.

We have procedures in place to manage any suspected data breach and will notify you and any applicable regulator where legally required.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of unauthorized disclosure, and any applicable legal requirements.

You may request details of our retention policy by contacting us. Anonymized data may be used indefinitely for research and statistical purposes.

Your Legal Rights

Under data protection law, you have the right to:

Request access to your personal data
Request correction of inaccurate information
Request deletion (erasure) of your personal data
Object to certain processing of your data
Request restriction of processing
Request transfer of your data to a third party
Withdraw consent at any time

Requests are processed within one month. Identity verification may be required. We may charge a reasonable fee for unfounded or repetitive requests.

To exercise any of these rights, please contact our data privacy manager at dpm@tytle.io.