Last Updated: Nov 5, 2025

Privacy Policy

Introduction

Teech! Limited (“Teech!”, “we”, “us” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose and protect personal data in connection with our website, platform, APIs, software and related services (collectively, the “Service”). This policy complements and is incorporated into our Terms & Conditions. If you do not agree with this Policy, please do not use the Service.

Data controller and contact information

Teech! Limited is the data controller for Personal Data processed via the Sites and the Service.

Registered address: Flat/Rm B02, 8/F, Tung Ming Industrial Building, 3 San Yick Lane, Tuen Mun, New Territories, Hong Kong.

Contact: info@goteech.io.

Scope and who this policy applies to

This Policy applies to persons who: (a) visit our websites; (b) register for or use our Service; or (c) provide personal data to us as a customer, end user, visitor, or other contact. If you are a customer of a third-party using Teech! on your behalf (a “Client”), some processing may be carried out on the Client’s instructions; in those cases, the Client may be the data controller and Teech! the processor under applicable law.

Personal data we collect

We collect personal data necessary to provide and improve the Service and to operate our business.

Categories include:

  • Account and sign-in data. Email, name, profile details, and authentication data (including Google or Microsoft SSO tokens where you use those sign-ons).
  • Service usage and audit data. Usage logs, session identifiers, timestamps, IP address (approximate location), device and browser metadata, token consumption and administrative activity.
  • Content data. Prompts, messages, files, images, video, code and the corresponding model outputs you submit or receive. You are responsible for the content you submit and for ensuring you have the necessary rights and lawful basis to provide it.
  • Communications and support. Messages, tickets, and related contact information.
  • Payments and billing. Billing name, billing address and payment card or payment processor identifiers when you purchase paid services.
  • Cookies and tracking. Cookies and similar technologies used for analytics and product improvement; see our Cookie Policy for details.
We also process other personal data you knowingly provide (for example in support requests or surveys).

Legal bases for processing

Where applicable law (e.g., GDPR) requires us to identify a legal basis for processing personal data, we rely on one or more of the following:

  • Contractual necessity. Processing necessary to perform our contract with you (e.g., to deliver the Service).
  • Consent. Where you consent to specific processing (e.g., marketing). You may withdraw consent at any time.
  • Legitimate interests. For certain operational purposes (e.g., fraud prevention, platform analytics and product improvement), where such interests are balanced against your rights.
  • Legal obligation. To comply with a court order, law enforcement request or other legal requirement.
We will inform you where specific processing relies on consent or legitimate interests and how you may object where applicable.

How we use personal data

We process personal data for purposes that include: (a) providing, operating and maintaining the Service; (b) authentication and account management; (c) analytics, product improvement and research using aggregated or de-identified data where feasible; (d) customer support; (e) billing and payment processing; (f) security, abuse prevention, and compliance; and (g) legal obligations and enforcement of our Terms.

Model training and AI-related commitments

  • No training on identifiable customer prompts without consent. Unless you provide explicit prior written consent, Teech! Limited will not use identifiable customer prompts, files or model outputs to train our core models or to create models or datasets that we subsequently provide to other customers. This commitment is an operational policy at Teech!.
  • Aggregated and de-identified use. We may use aggregated, de-identified or otherwise non-identifiable data derived from usage for service improvement, measurement and research. We apply reasonable safeguards to reduce re-identification risk.
  • Third-party models. The Service may incorporate third-party AI models. Those models may have their own terms and data practices; we will disclose material third-party use in relevant product documentation and — where required by third-party terms — seek explicit consent for any restricted scope processing (for example, when using Google restricted scopes).

Third-party services, integrations and disclosures

  • Service providers and subprocessors. We use third parties to provide hosting, analytics, payment processing, email delivery, identity providers, support and other services. We contractually require such providers to process personal data only as instructed and to implement reasonable security measures.
  • Customer-enabled integrations. If you enable an integration (for example, connecting a Google Drive account or other external connector), the third party’s terms and privacy policy govern that third party’s processing of personal data. You should review those third-party policies before enabling integrations. Teech! remains responsible for selecting and supervising processors as required by applicable law.
  • Legal requests and safety. We may disclose personal data in response to lawful requests by public authorities or to protect the rights, property or safety of Teech!, our users, or others.

Cookies and tracking technologies

Overview. We use cookies, web beacons, pixel tags, local storage and similar technologies (collectively, “cookies and tracking technologies”) to operate the Service, provide features, protect security, remember your preferences, measure and analyze visits and usage, and deliver targeted or generic advertising.

Analytics vendors and configuration. We use third-party analytics providers to collect and analyze usage information. These providers may include Google Analytics (configured via Google Tag Manager) and other analytics vendors we may engage from time to time. Analytics vendors may set cookies, collect device identifiers, and log IP addresses and event data.

What we collect for analytics. For analytics we may collect: page and screen views, session duration, feature usage, events (for example button clicks), browser and device type, operating system, referrer, approximate geolocation derived from IP address, and aggregated error or performance information. Analytics data is used to monitor and improve the Service, understand usage patterns, detect and diagnose errors, and measure engagement.

IP anonymization and minimization. Where supported by the vendor, we configure analytics tools to anonymize or truncate IP addresses before storage and to limit collection of personally identifying data. We also use aggregation and de-identification to reduce re-identification risk.

Retention of analytics data. We retain analytics data for a limited period to support product improvement and business analytics. By default, raw/identifiable analytics logs are retained for up to 26 months (a common industry default) unless we specify a different retention period in your customer settings or the relevant DPA. Aggregated, de-identified metrics may be retained for longer periods for trend analysis and product development.

Use of analytics for product improvement and research. Analytics data may be combined with other usage signals to create aggregated product metrics and to prioritize product improvements. Aggregated and de-identified analytics may be used for internal research and to improve models and features, consistent with our model-training commitments in Section 7.

Marketing and advertising. We may use analytics and cookies to understand the effectiveness of our marketing and advertising campaigns. If we engage in cross-site tracking or targeted advertising, we will disclose that practice and provide opt-out mechanisms where required.

Controls, choices and opt-outs.
  • Cookie banner and preferences. We present cookie preferences via an on-site cookie banner where required by law. You can accept or reject non-essential cookies (analytics and marketing) via that interface. Essential cookies required to run the Service are not optional.
  • Browser controls. You can control cookies via your browser settings (for example, blocking or deleting cookies). Please note that blocking cookies may affect functionality.
  • Vendor opt-outs. For Google Analytics, you may install the Google Analytics Opt-out Browser Add-on or use vendor-provided opt-out links or controls. For other vendors we will list opt-out links in our cookie policy or on request.
  • Do Not Track (DNT). Our website does not automatically honor DNT signals from browsers; please use the methods above to control analytics tracking.
  • Request assistance. If you want assistance with removing analytics cookies from your account or with stricter retention controls, contact info@goteech.io and we will work with you where reasonably possible.
Changes to analytics vendors. We may change analytics vendors from time to time. Where such a change materially affects data transfers or retention, we will update our subprocessors list and, where required by contract or law, notify customers.

International transfers and hosting locations

Processing necessary to operate the Service may occur in Hong Kong and in other jurisdictions where our processors operate. We employ contractual safeguards (e.g., standard contractual clauses where required) and take reasonable steps to ensure an adequate level of protection for international transfers.

Retention, export and deletion of data

  • Retention. We retain personal data only for as long as necessary to provide the Service, meet legal obligations, resolve disputes and enforce agreements. For customer accounts, retention periods and export windows will be described in your customer settings and the Data Processing Addendum (DPA) where applicable.
  • Export options. Customers may request export of their User Content in a machine-readable format during an account/contract termination or within a stated export window. We will provide reasonable export assistance.
  • Deletion/Anonymization. After the retention period or upon confirmed deletion requests (subject to applicable legal/stored obligations), we will delete or irreversibly anonymize personal data in our systems and backups in accordance with our retention schedule.

Security and breach notification

We maintain administrative, technical and physical measures to protect personal data (including access controls, role-based permissions, and encryption in transit and at rest for sensitive information). If we become aware of a data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify affected individuals and relevant regulators in accordance with applicable law and as soon as reasonably practicable.

Your rights

Depending on applicable law, you may have rights to: access your personal data, correct inaccuracies, object to or restrict processing, request erasure, and request portability of your data. To exercise rights, please contact info@goteech.io . We respond to requests in accordance with applicable laws and may ask for identity verification.

Children and special categories of personal data

The Service is not intended for children under applicable minimum ages. Where organisations deploy the Service for minors (for example schools), the deploying organisation is responsible for obtaining necessary permissions and consents. Do not submit special category personal data (sensitive personal data) without explicit lawful basis; if you must, contact us in advance so we can evaluate safeguards.

Data processing addendum (DPA) and enterprise controls

We will provide a standard DPA on request and will negotiate reasonable DPA terms for enterprise customers, including details on subprocessors, security measures and audit rights.

Changes to this policy

We may update this Policy from time to time. Material changes will be posted on the Site with an updated effective date and, where reasonable, we will provide notice via email or in-app message. Continued use of the Service after changes indicates acceptance.

Definitions

Capitalized terms used in this Policy have the meanings given in our Terms & Conditions. For clarity, the following definitions apply in this Privacy Policy:

  • Aggregated Data means statistical or other information derived from User Content or Service usage that does not identify an individual and cannot reasonably be re-identified.
  • Controller means the natural or legal person that, alone or jointly with others, determines the purposes and means of processing Personal Data.
  • Data Subject means an identifiable natural person to whom Personal Data relates.
  • De-identified or Anonymised means Personal Data that has been processed so that the Data Subject is no longer identifiable and where re-identification is not reasonably likely using commercially reasonable means.
  • Personal Data means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, by reference to an identifier (for example, name, ID number, online identifier, location data) or one or more factors specific to that person.
  • Processor means a natural or legal person which processes Personal Data on behalf of a Controller.
  • Processing (and Process) means any operation or set of operations performed on Personal Data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure by transmission, alignment, combination, restriction, erasure or destruction.
  • Security Incident means an actual or reasonably suspected unauthorized access to, acquisition, disclosure, alteration or destruction of Personal Data or other event that materially compromises the confidentiality, integrity or availability of Personal Data.
  • Service means the Teech! Limited website, platform, APIs, software and related services made available to users.
  • Subprocessor means any third-party engaged by Teech! Limited to process Personal Data on behalf of Teech! Limited in connection with the Service.
  • User Content means any content (including prompts, files, images, audio, video, code, messages and model outputs) that you or your users upload to, submit through, or generate using the Service.
  • Sensitive Personal Data (or special categories of personal data) means data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data for identification, health data, sex life or sexual orientation, or other categories required by applicable law to be treated as sensitive.
  • DPA means Data Processing Addendum (if any) executed between Teech! Limited and a customer that sets out additional terms applicable to processing of Personal Data.
  • Export or Data Export means a copy of User Content provided to a customer or authorized user in a machine-readable format for the purpose of retention or migration.
  • Where a defined term in this policy conflicts with a definition in a Data Processing Addendum or a written customer agreement, the specific agreement will govern as between Teech! Limited and that customer.
Where a defined term in this Policy conflicts with a definition in a Data Processing Addendum or a written customer agreement, the specific agreement will govern as between Teech! Limited and that customer.

Additional information about data collection and processing

Legal action: We may use Personal Data for legal purposes, in court or in the stages leading to possible legal action arising from misuse of the Service. We may be required to disclose Personal Data upon lawful request of public authorities.

System logs and maintenance: For operation and maintenance, our systems and third-party services may collect logs that record interactions with the Service (e.g., IP address, request metadata, error logs).

Contact us

For privacy questions, requests, or complaints, contact: info@goteech.io. For formal Data Protection requests under Hong Kong PDPO, please write to our registered address.