Privacy Policy

1. Introduction

Tikgu (“we”, “our”, or “Tikgu”) operates the Tikgu service and related websites and applications (the “Service”). This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and what rights you have. We are committed to protecting your privacy and handling your data in line with applicable law, including the GDPR and similar regulations where they apply.

By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.

2. Data we collect

We collect only what is necessary to provide and improve the Service.

• Account and identity. When you sign in (e.g. with email, magic link, or Google), we receive your email address and, where provided by the provider, your name and profile picture. We store a display name and avatar if you set them in your account.
• Onboarding and preferences. Your answers during the guided pick (category, budget, use case, priorities, must-haves) are stored so we can generate recommendations and show you relevant results.
• Recommendation history. We store your past recommendation sessions and results (devices, scores, pros/cons) to personalize the experience and power features like “Recent Fits” and comparison.
• Watchlist and comparisons. Items you add to your watchlist or comparison lists are stored and associated with your account.
• Location (optional). If you use “Deals near me” or similar features, we may use your location or country/currency preferences to show relevant offers. You can control this in settings.
• Newsletter. If you subscribe to our newsletter, we store your email, consent timestamp, and source (e.g. footer). We do not use this for non-consented purposes.
• Technical and usage data. We may collect device type, browser, IP address, and general usage (e.g. pages visited) for security, analytics, and improving the Service. We use cookies and similar technologies as described in our cookie notice.

3. How we use your data

We use your data to:

• Provide the Service (recommendations, watchlist, comparisons, account management).
• Personalize your experience (e.g. “Welcome back”, recent fits, saved preferences).
• Respect rate limits and enforce our Terms of Service.
• Support paid features (e.g. Tech Guru plan, billing) where applicable.
• Send transactional messages (e.g. password reset, email verification) and, with your consent, marketing or product updates (e.g. newsletter).
• Improve the Service (e.g. analytics, debugging, security).
• Comply with legal obligations and protect our rights.

We do not sell your personal data to third parties.

4. Legal basis (where applicable)

Where the GDPR or similar laws apply:

• Contract. Processing necessary to perform our contract with you (providing the Service).
• Legitimate interests. Improving the Service, security, analytics, and fraud prevention, where balanced against your rights.
• Consent. Newsletter and optional marketing; you can withdraw consent at any time (e.g. unsubscribe link).
• Legal obligation. Where we must retain or disclose data to comply with law.

5. Sharing and disclosure

We may share your data with:

• Service providers. Hosting (e.g. Supabase), analytics, email delivery, and payment processors, under strict data-processing terms.
• Affiliates and partners. Only where necessary for the Service (e.g. fulfilment of a subscription). We do not sell your data to advertisers.
• Legal and safety. When required by law, or to protect our rights, users, or the public.

We do not sell or rent your personal data.

6. Retention

We retain your data only as long as needed for the purposes above:

• Account and profile data: until you delete your account or request deletion.
• Recommendation and watchlist data: until you delete your account or the data.
• Newsletter: until you unsubscribe or request deletion.
• Logs and technical data: for a limited period (e.g. security and debugging).

After deletion or account closure, we may retain anonymized or aggregated data and data we must keep for legal compliance.

7. Your rights

Depending on where you live, you may have the right to:

• Access your personal data and receive a copy.
• Rectification of inaccurate or incomplete data.
• Erasure (“right to be forgotten”) in certain circumstances.
• Restriction of processing in certain circumstances.
• Data portability (receive your data in a structured, machine-readable format).
• Object to processing based on legitimate interests or for direct marketing.
• Withdraw consent where processing is based on consent (e.g. newsletter).
• Lodge a complaint with a supervisory authority.

To exercise these rights, use the Account page to delete or update your data where available, or contact us via the Support page. We will respond within the time required by applicable law (e.g. one month under GDPR).

8. Security

We use industry-standard measures (encryption, access controls, secure hosting) to protect your data. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but we take your privacy seriously.

9. International transfers

Your data may be processed in countries outside your residence. Where we transfer data from the EEA or UK, we use appropriate safeguards (e.g. standard contractual clauses or adequacy decisions) as required by law.

10. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date. Material changes may be communicated by email or a notice in the Service. Continued use after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related requests or questions, contact us via the Support page. You can also request a full data export or account deletion there.