TW

Privacy Policy

Learn how TW collects, uses, and protects your personal information.

Privacy Policy

Last Updated: March 1, 2024 Effective Date: March 1, 2024

At TW, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

Information We Collect

Personal Information

We collect information that you provide directly to us:

  • Account Information: Name, email address, company name, phone number
  • Payment Information: Credit card details, billing address (processed securely through third-party payment processors)
  • Profile Information: Job title, department, preferences
  • Communication Data: Support tickets, emails, chat messages

Automatically Collected Information

When you use our services, we automatically collect:

  • Usage Data: Pages visited, features used, time spent, click patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: API calls, errors, performance metrics
  • Cookies: Session cookies, preference cookies, analytics cookies

Data You Upload

  • Dataset Content: Data you upload, create, or store in TW
  • Integration Data: Data synced from connected services
  • Metadata: File names, descriptions, tags, timestamps

How We Use Your Information

We use collected information for:

Service Delivery

  • Providing and maintaining our platform
  • Processing transactions and billing
  • Authenticating users and preventing fraud
  • Providing customer support
  • Sending service announcements and updates

Improvement and Analytics

  • Analyzing usage patterns to improve our services
  • Developing new features and functionality
  • Conducting research and analytics
  • Optimizing performance and reliability

Communication

  • Responding to inquiries and support requests
  • Sending newsletters and product updates (with your consent)
  • Providing personalized recommendations
  • Conducting surveys and gathering feedback

Legal and Security

  • Complying with legal obligations
  • Enforcing our terms and policies
  • Protecting against fraud and abuse
  • Maintaining security and integrity

Data Storage and Security

Security Measures

We implement industry-standard security measures:

// Example: Data encryption
const encrypted = await encrypt(data, {
  algorithm: 'AES-256-GCM',
  keyDerivation: 'PBKDF2',
  iterations: 100000
});
  • Encryption: Data encrypted at rest (AES-256) and in transit (TLS 1.3)
  • Access Controls: Role-based access control and multi-factor authentication
  • Monitoring: 24/7 security monitoring and threat detection
  • Auditing: Comprehensive audit logs of all data access
  • Compliance: SOC 2, ISO 27001, GDPR, HIPAA

Data Location

  • Primary Storage: Data stored in your selected region (US, EU, or APAC)
  • Backups: Encrypted backups stored in same region
  • No Cross-Border Transfers: Data never leaves your selected region without explicit consent

Data Sharing and Disclosure

We do not sell your personal information. We share data only in these circumstances:

Service Providers

Third-party service providers who assist us:

  • Cloud infrastructure (AWS, Google Cloud)
  • Payment processing (Stripe)
  • Analytics (anonymized data only)
  • Customer support tools

All service providers are contractually obligated to protect your data.

Legal Requirements

We may disclose information if required by law:

  • Court orders or legal process
  • Government investigations
  • Protection of rights and safety
  • Fraud prevention

Business Transfers

In the event of merger, acquisition, or sale:

  • You'll be notified before transfer
  • Same privacy protections apply
  • Option to delete data

Your Privacy Rights

Access and Portability

  • Access: Request copies of your personal data
  • Export: Download your data in standard formats
  • Portability: Transfer data to another service
# Request data export via API
curl -X POST https://api.twhelpcenter.com/v1/account/export \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{"format": "json", "include": ["personal_data", "datasets"]}'

Control and Deletion

  • Update: Correct inaccurate information
  • Delete: Request account and data deletion
  • Restrict: Limit how we process your data
  • Object: Object to certain processing activities

Communication Preferences

  • Opt-out: Unsubscribe from marketing emails
  • Preferences: Manage notification settings
  • Do Not Track: We honor Do Not Track signals

Data Retention

| Data Type | Retention Period | Reason | |-----------|-----------------|---------| | Account Data | Active account lifetime + 90 days | Service delivery | | Usage Logs | 12 months | Security and analytics | | Backup Data | 30 days (Pro), 90 days (Enterprise) | Disaster recovery | | Deleted Data | 30 days in backups, then permanently deleted | Recovery window |

Cookies and Tracking

Essential Cookies

Required for service operation:

  • Authentication cookies
  • Session management
  • Security cookies

Optional Cookies

With your consent:

  • Analytics cookies (Google Analytics)
  • Preference cookies
  • Marketing cookies

Managing Cookies

// Cookie preferences can be managed in settings
await api.account.updateCookiePreferences({
  analytics: false,
  marketing: false,
  essential: true // Cannot be disabled
});

Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If we learn we've collected such information, we'll delete it promptly.

International Transfers

For users outside their selected region:

  • Data processed in selected region only
  • Standard Contractual Clauses (SCCs) for EU users
  • Adequate safeguards in place
  • No transfers without legal basis

Third-Party Links

Our platform may contain links to third-party websites. We're not responsible for their privacy practices. Please review their privacy policies.

Changes to This Policy

We may update this Privacy Policy periodically:

  • Notification: Email notice of material changes
  • Review Period: 30 days before changes take effect
  • Continued Use: Implies acceptance of changes
  • Version History: Available on request

California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what data is collected
  • Right to delete personal data
  • Right to opt-out of data sales (we don't sell data)
  • Right to non-discrimination

European Privacy Rights (GDPR)

EU/EEA residents have additional rights:

  • Right to be forgotten
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to lodge complaints with supervisory authority

Contact Us

Privacy Inquiries

  • Email: privacy@twhelpcenter.com
  • Mail: TW Privacy Team, 123 Main St, San Francisco, CA 94105
  • Response Time: Within 30 days

Data Protection Officer

  • Email: dpo@twhelpcenter.com
  • Available: For EU/EEA residents

Compliance Certifications

We maintain compliance with:

  • SOC 2 Type II - Security and availability
  • ISO 27001 - Information security
  • GDPR - European data protection
  • HIPAA - Healthcare data (Enterprise only)
  • PCI DSS - Payment card security

Learn More