DRAFT TEMPLATE — review with qualified legal counsel before relying on it.
This Privacy Policy explains what personal data Tevrix processes, why, on what legal basis, how long it is kept, and the rights available to individuals.
1. Who we are
Tevrix ("we", "us", "the Service") provides booking and customer-relationship software for service businesses. When a business uses Tevrix to manage its own clients, that business is the data controller for its client records and Tevrix acts as a data processor on its behalf. For account, billing, and website data we describe below, Tevrix is the controller.
You can reach us about any privacy matter at hello@tevrix.http.lv.
2. Personal data we process
We process the following broad categories of personal data:
- Account data: name, email address, password hash, and organisation details you provide when registering.
- Billing data: subscription tier, invoicing details, and VAT identifiers (payment-card data is handled by our payment provider, not stored by us).
- Client records you enter: information a business stores about its own customers, such as names, contact details, appointment history, and notes.
- Usage and technical data: log entries, IP address, device and browser type, and timestamps needed to operate and secure the Service.
- Communications: messages you send to support and related metadata.
3. Purposes and legal bases
We process personal data to provide and maintain the Service (performance of a contract), to bill subscriptions (contract and legal obligation), to keep the Service secure and prevent abuse (legitimate interests), to comply with applicable law (legal obligation), and, where you have opted in, to send product communications (consent).
4. Where your data is stored
Personal data is hosted within the European Union by default. Where a sub-processor is engaged, we use providers that offer appropriate safeguards consistent with EU data-protection law. A current list of sub-processors is maintained on our Sub-processors page.
5. How long we keep it
We keep personal data only as long as necessary for the purposes described, or as required by law (for example, invoicing records for statutory periods). When you close an account, we delete or anonymise associated personal data within a reasonable period, except where retention is legally required.
6. Your rights
Subject to applicable law, you may request access to your personal data, correction of inaccurate data, erasure, restriction of processing, portability, and you may object to certain processing or withdraw consent at any time. You may also lodge a complaint with your local supervisory authority.
- Access and export are available from within the product where applicable.
- To exercise a right or raise a concern, contact hello@tevrix.http.lv. We respond within the timeframes required by law.
7. Security
We apply technical and organisational measures appropriate to the risk, including encryption in transit, access controls, and audit logging. No method of transmission or storage is completely secure, but we work to protect personal data and to notify the relevant parties of incidents as required by law.
8. Changes to this policy
We may update this policy from time to time. Material changes will be signalled by updating the version and effective date shown at the top of this page, and, where appropriate, by direct notice.