Tacmind Privacy Policy

• Visit our websites, including https://tacmind.com and any subdomains,
• Use our products and services related to AI search, GEO, AEO and SEO optimization (the “Services”), or
• Interact with us in connection with sales, marketing, events, or support.

• For data we process about visitors, leads, and users of our own Services (e.g. demo requests, logins, billing), Tacmind acts as data controller.
• For data we process on behalf of our customers inside the Tacmind platform (for example, data they connect to measure AI visibility), Tacmind generally acts as a data processor. In that case, processing is governed by our Data Processing Agreement (DPA) or similar contract with each customer, not by this Privacy Policy.

• Account and profile data: Name, surname, job title, company name, business email, business phone number, password (hashed), language and country, as well as any other information you choose to add to your account or workspace.
• Contact and communication data: Information you provide when you:
  
  • Request a demo or contact us via forms, email, chat or social media,
  • Subscribe to newsletters or product updates,
  • Respond to surveys or feedback requests.

This may include your contact details, the content of your messages and any attachments you send us.

• Billing and payment data: Company legal details, billing contact, VAT / tax ID, invoicing address and partial payment information (we use third-party payment providers and do not store full card numbers on our systems).
  
• Customer content and configuration: When you use Tacmind, you may provide:
  
  • Domains, URLs, brand names and product names,
  • Lists of keywords, prompts, topics, competitor brands and other configuration data,
  • Content you upload or connect (e.g. public pages, sitemaps, feeds, or documentation) to analyze AI visibility.

This information is processed to deliver the Services you have requested.

• Usage data: Log data about how you interact with our website and product, such as pages viewed, features used, date and time, referring URLs, browser type, and clickstream data.
• Device and technical data: IP address, device type, operating system, browser type and version, and other technical identifiers.
• Cookies and similar technologies: We use cookies, pixels, and similar technologies to:
  
  • Keep you logged in and secure our platform,
  • Remember your preferences (language, region, etc.),
  • Understand how our website and product are used,
  • Support our marketing and analytics.

For more information, please refer to our separate Cookie Policy.

• Customers and workspace admins who invite you to use Tacmind with your business email.
• Integration partners and third-party tools you choose to connect (for example, analytics or data platforms that send us information under your instructions).
• Service providers that support our sales, marketing, analytics, or support operations (e.g. CRM, email tools, live chat).

In all cases, we only receive data from third parties where they are legally permitted to share it with us.

• Creating and managing user accounts and workspaces
• Providing access, support and configuration of Tacmind features
• Integrating with third-party tools, APIs or platforms you connect

Legal basis: performance of a contract (Art. 6(1)(b) GDPR) and, for related security and service improvement, our legitimate interest (Art. 6(1)(f) GDPR).

• Managing subscriptions, plans and renewals
• Issuing invoices and handling payments
• Managing free trials, upgrades, and downgrades

Legal basis: performance of a contract and compliance with legal obligations (e.g. tax and accounting rules).

• Responding to questions, requests and technical issues
• Sending operational messages (e.g. essential product updates, security notices, changes to terms or policies)

Legal basis: performance of a contract and our legitimate interest in maintaining the Service.

• Analyzing usage patterns and performance
• Running experiments, tests and product research
• Developing new features for GEO, AEO, AI visibility and SEO workflows

Where possible, we use aggregated or anonymized data for these purposes.

Legal basis: our legitimate interest in improving the Services.

• Sending product updates, newsletters and invitations to events or research
• Tailoring messaging based on your role, company type or interactions with Tacmind

Legal basis: your consent (e.g. newsletter opt-in) and/or our legitimate interest in promoting our Services to business contacts.

You can opt out of marketing emails at any time by using the unsubscribe link included in each message.

• Responding to lawful requests from authorities
• Keeping records required by applicable law
• Preventing fraud, abuse or misuse of our Services

Legal basis: compliance with legal obligations and our legitimate interest in protecting our rights and those of our users.

• Performance of a contract – to provide the Service you or your company has purchased or trialed.‍
• Consent – for certain marketing communications, non-essential cookies and similar technologies.‍
• Legitimate interests – e.g. to improve the Service, ensure security, prevent abuse, and grow our business in a proportionate way.
• Legal obligations – e.g. tax, accounting and regulatory requirements in Spain or the EU.

Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

• Provide the Services and maintain your account,
• Comply with our legal obligations,
• Resolve disputes and enforce our agreements, and
• Maintain necessary business records.

Retention periods may vary depending on the type of data and our contractual or legal obligations. When data is no longer necessary, we will delete it or anonymize it in a secure manner.

• Service providers and processors: Third-party vendors that help us operate our infrastructure, product, analytics, email and communications, payments, CRM, and support. These providers only process data according to our instructions and under contractual obligations of confidentiality and security.
• Group entities and business partners: If we operate through subsidiaries or affiliates, we may share data within our corporate group for internal administrative purposes and to deliver the Services.
• Customers and workspace administrators: If you use Tacmind through your employer, certain information (such as your name, email address and usage within the workspace) may be visible to other users in your organization and to admin users.
• Authorities and legal disclosures: Where required, we may disclose information to public authorities, courts, regulators, or legal advisors to comply with law or protect our rights, property or safety, or the rights, property or safety of others.
• Business transfers: In the context of a merger, acquisition, financing, or sale of all or part of our business, personal data may be transferred as part of the transaction, subject to appropriate safeguards.

• On the basis of an adequacy decision by the European Commission (where applicable), or
• Using Standard Contractual Clauses or equivalent safeguards approved under applicable law, and
• With additional technical and organizational measures where needed.

• Access controls and authentication,
• Encryption in transit and/or at rest where appropriate,
• Segmentation of environments and least-privilege access,
• Security monitoring and logging,
• Policies, training and confidentiality commitments for staff and contractors.

• Right of access – to obtain confirmation as to whether we process your personal data and, if so, to receive a copy.
• Right to rectification – to request correction of inaccurate or incomplete data.
• Right to erasure – to request deletion of your data when it is no longer necessary, when you withdraw consent, or in other situations specified by law.
• Right to restriction of processing – to request that we restrict processing in certain circumstances.
• Right to data portability – to receive your personal data in a structured, commonly used and machine-readable format and to transmit it to another controller where technically feasible.
• Right to object – to object at any time, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling. You also have the right to object to processing for direct marketing.
• Right to withdraw consent – where processing is based on your consent, you can withdraw it at any time.

• Post the updated version on https://tacmind.com/privacy-policy, and
• Indicate the date of the latest update at the top of the page.