PRIVACY POLICY

Dear User,

Teti, owned by TetiAI LLC (and hereinafter "Teti"), is an AI system that offers an advanced AI platform characterized by short- and long-term memory, with an ecosystem of already integrated apps. Teti aims to create a safe AI aligned and beneficial for all humanity. Teti offers different functionalities to the User, allowing them to advance humanity together.

Users can also create their own custom apps through a simplified system that does not require advanced technical skills, contributing to an ever-expanding app marketplace. The service includes automation features through programmable triggers, file and document management, and a topic organization system that facilitates the navigation of complex conversations.

All the functionalities described above, hereinafter will be referred to as "Services". For further information related to Teti usage and its Services, please see the specific Terms of Use following this link.

This Privacy Policy explains how we collect, use, disclose, and process your personal data when you use Teti where TetiAI LLC acts as a data controller. This Privacy Policy does not apply where TetiAI LLC acts as a data processor and processes personal data on behalf of commercial customers using Teti (for example, if your employer has provisioned you a Teti for work account, or you are using an app that is powered on the back-end with Teti). In those cases, the commercial customer is the data controller, and you can review their policies for more information about how they handle your personal data

For information about how we collect and use personal data to power our Services, when we may receive and process personal data of non-users, and your choices with respect to that information and rights, please sent a specific request to the following e-mail address: [email protected].

This Privacy Policy also describes your privacy rights. More information about your rights, and how to exercise them, is set in the section below.

Please read this page as if you were asking us the questions in the following paragraphs and we were providing you with the answers: if you have any further questions, please do not hesitate to contact us, we are here for you.

You are the subject to be protected and we want to show you our transparency in doing so.

Let us begin!

Who is the Data Controller and how can I contact privacy team?

Data Collection

Data collection begins with user registration, when only the e-mail address is requested as identifying data.

Teti offers two ways of usage that have different impact on data collection and processing: the standard mode, where all conversations and interactions with Teti are saved in the database to ensure continuity and personalization of the Services, and the "incognito" mode that does not permanently save conversational data, offering more privacy for user interactions.

During normal use, the system implements a sophisticated memory mechanism that selectively collects important information from conversations, both those explicitly indicated by the user (so called "user memories") and those automatically identified by AI as relevant for improving future service (so called "AI memories").

Those Data includes personal information (name, age, location, occupation, family status, phone), user preferences (communication style, topics of interest, response preferences, preferred language, time zone), behavioral patterns (activity times, question types, emotional patterns, interaction frequency), and operational context (goals, challenges, areas of expertise, current projects). The collection of this information is always done transparently and with the consent of the user, who can decide whether or not to provide these details during natural conversations with the AI.

The system also represent complex relationships between the user, their preferences, objects of interest, personal and professional relationships, creating a semantic map that allows the AI to better understand the context and provide more relevant and personalized responses.

Furthermore, through user-authorized external integrations, Teti can access data from services such as Gmail (email, contacts, labels), Google Calendar (events, invitations), Google Drive (documents and files), Slack (messages and channels), and other Teti marketplace applications. The system also handles files uploaded by users for analysis, including PDF documents, DOCX, images, CSV, and other formats, with size limitations.

In addition, Teti stores configurations of automatic triggers, history of automations, and data about custom apps created by users themselves.

What Data is collected and processed by TetiAI LLC?

To Access and directly interact with Teti:

• Technical information, IP address and information about the device and browser used by the User;
• Personal information, Identity and contact Data (including but not limited to name, e-mail address, phone number, also used for Teti registration and sign up account);
• Payment information;
• Prompt, Input and Output (including conversational data and user usage of Teti Services. This includes also data and external content that user put into Teti with the interactions);
• User preferences (including but not limited to communication style, topics of interest, response preferences, preferred language, time zone);
• User behavioral patterns (activity times, question types, emotional patterns, interaction frequency);
• User operational context (goals, challenges, areas of expertise, current projects);
• User feedback on Teti Services;

Data Teti receives automatically from user usage of Services:

• Usage information (including but not limited to dates and times of access, information about links you click);
• Log and troubleshooting information (including but not limited to error or potential security incidents);
• Data related to apps that the User decides to integrate with Teti (these integrations use standard OAuth2 protocols or use of API keys to ensure that external data are accessed only with the explicit consent of the user and limited to the scopes needed for the required functionality);
• Only technical cookies.

Although Teti does not need to process any data in addition to those set out above, any further information that the User provides through the use of Teti will be processed in accordance with our Privacy Policy and in full compliance with the provisions of the relevant legislation (hereinafter, personal data, particular data and information will be jointly referred to and defined as "Data").

Data used to train the Teti Model and/or fine-tuning it

Teti uses pre-existing open source models of third-parties, selected by the development team based on the specific needs of the User and the type of task to be performed. Teti also uses publicly available information via the Internet, materials flagged for safety, security or policy review and data Teti generates internally.

This choice ensures that User Data is not used to modify or train the underlying models, maintaining a clear separation between Data and the AI systems.

For what purposes is the data processed?

Teti uses User Data for the following purposes:

• to provide, enhance, maintain and facilitate Teti Services;
• to communicate with User, including to send User information about Teti Services and events;
• to create and administer User account;
• to prevent and investigate fraud, abuse, violations of Teti Terms of Use, unlawful or criminal activity, unauthorized access to or use of Data or Teti, to protect User rights and to meet legal, government and institutional obligation;
• to investigate and resolve disputes and/or security issues;
• to debug, identify and repairs errors that impact on Teti;
• to improve Teti Services.

Teti may use your prompt, inputs and outputs to improve its Services, unless you opt for the Incognito Mode. Even if you opt for Incognito Mode we will use prompt, inputs and outputs for model improvement when: User conversations are flagged for safety review to improve Teti ability to detect harmful content, enforce Teti policies, or advance Teti safety research, or User has explicitly reported the materials to Teti (including but not limited to Teti feedback).

Legal basis for processing

Data are processed by TetiAI LLC with the following legal bases:

Data disclosure and management

Data will be disclosed and managed by the TetiAI LLC internal Team, previously and constantly trained. Data will also be disclosed to external TetiAI LLC provider described below that helps the functionalities of Teti:

• Railway.com (IaaS Cloud Provider – privacy policy);
• LMNT.com (Voice AI Platform Provider - privacy policy);
• Deepgram (Speech-to-text Function Provider – privacy policy);
• Resend (Mailing Function Provider – privacy policy);
• Together AI (Model Function Provider – privacy policy);
• Openrouter AI (Model Function Provider – privacy policy);
• Hetzner (Cloud Storage Provider – privacy policy);
• Stripe Inc. (Payment Provider - privacy policy);
• Revenuecat.com (Payment Provider – privacy policy);
• Google Inc. App Payment (Payment App Function Provider – privacy policy);
• Apple Inc. App Payment (Payment App Function Provider – privacy policy).

Furthermore, Data may also be disclosed to third-party website and services (when User interact – using Teti – with external websites, apps and services managed by third parties. By interacting with these third parties, User is providing information directly to the third party and not TetiAI LLC and subject to the third party's privacy policy) or with Authorities to fulfill legal obligation.

Data are stored using a distributed architecture for structured data, memory vector management and semantic search, for high-performance caching and graph database management representing complex relationships between users, preferences, and objects. All of these systems are hosted on Railway Cloud IaaS. File storage is managed through Hetzner to ensure performance and reliability in managing documents and media uploaded by users.

The Data are processed with manual and/or computerized tools, also by means of automated tools, suitable to guarantee the confidentiality, integrity and privacy of the Data themselves in compliance with and in accordance with the technical-organizational and security measures provided for by the regulations in force.

What rules are applied for Data transfer?

When User interact with Teti and its Services, the Data is transferred to TetiAI LLC servers in UE. Despite this, Data may also be transferred in the US, or to other countries outside the European Economic Area and the UK. Where information is transferred outside the European Economic Area or the UK, TetiAI LLC ensure it benefits from an adequate level of data protection by relying on adequacy decision (pursuant to the article 45 of the EU/2016/679 General Data Protection Regulation) or Standard Contractual Clauses (pursuant to the article 46 of the EU/2016/679 General Data Protection Regulation).

In other situations, TetiAI LLC relies on derogations provided under applicable data protection law to transfer information to a third country (such as Data Privacy Framework declaration).

The above mentioned subjects may act, as the case may be, as external data processors or autonomous data controllers in compliance with the laws in force. You may request an updated list of the companies to which the Data will be communicated at any time from TetiAI LLC, through a specific request to be sent using the contact channels indicated in this Privacy Policy. The User will also have the right to obtain from TetiAI LLC a copy of the Data held abroad and to obtain information about the place where such data is stored making an express request to be sent using the contacts indicated in this Privacy Policy.

Data retention

Data is retained until the User voluntarily deletes the account or following an explicit request for deletion. After that, TetiAI LLC retains Data for security reasons for a maximum of 5 years; furthermore, TetiAI LLC could use Data, only in anonymized form, to improve Teti. This policy allows us to maintain continuity of service and personalization of the user experience over time, which is fundamental to the functioning of Teti memory system.

Security Measures on Data

Users are authenticated exclusively through magic links received via email or directly through Google authentication using standard OAuth2 protocols. This eliminates the need to manage passwords and significantly reduces security risks related to credentials. All communication is through encrypted connections (HTTPS/TLS). Currently, when a user requests account deletion, Teti proceeds with complete data deletion rather than anonymization processes. This choice ensures the complete removal of personal information from the system, offering the highest guarantee of privacy to the user who decides to discontinue using the service.

What are User rights?

By contacting the e-mail address mentioned in "Who is the Data Controller and how can I contact privacy team?" section, you can ask TetiAI LLC at any time:

• right to know - the right to know what personal data TetiAI LLC processes about User, including the categories of personal data, the categories of sources from which it is collected, the business or commercial purposes for collection, and the categories of third parties to whom TetiAI LLC disclose it;
• right to access, rectification, limitation and deletion – access to the Data concerning the User, the rectification of inaccurate Data, the integration of incomplete Data, their deletion (right to be forgotten), the limitation of processing;
• right to portability – to receive in a structured format, common use and readable by automatic device the Data concerning the User and, if technically feasible, to transmit such data to another data controller without hindrance;
• right to withdraw the consent and opposition – to withdraw the consent given at any time by the User; as well as oppose at any time the processing of Data, giving evidence of the reasons justifying the opposition;
• any other request for clarification regarding the processing of Data carried out by the Data Controller;
• to lodge a complaint with the competent Supervisory Authority pursuant to article 77 EU 679/2016 General Data Protection Regulation.

TetiAI LLC does not engage in decision making based solely on automated processing or profiling in a manner which produces a legal effect (i.e., impacts your legal rights) or significantly affects you in a similar way (e.g., significantly affects your financial circumstances or ability to access essential goods or services). Furthermore, TetiAI LLC does not sell User Data as that term is defined by applicable laws and regulations.

When a User requests account deletion, all associated Data is completely deleted from the system, including conversations, memories, uploaded files, trigger configurations, integrations with external apps, structured user profile Data, and all relationships mapped. This deletion process is irreversible and ensures that no traces of User Data remain in the Teti infrastructure.

Other provisions

Children

Teti Services are not directed towards, and we do not knowingly collect, use, disclose, sell, or share any information from children under the age of 18. If User become aware that a child under the age of 18 has provided any Data to TetiAI LLC while using Teti Services, please email TetiAI LLC at [email protected] and TetiAI LLC will investigate the matter and, if appropriate, delete the Data.

Additional provisions relevant to residents of Canada

This content should be read in conjunction with the rest of TetiAI LLC Privacy Policy. In case of conflict between TetiAI LLC Privacy Policy and these additional provisions, the additional provisions shall prevail in relation to residents of Canada.

Consent. By expressly consenting to this Privacy Policy, User confirm that has read, understand, and consent to the collection, use, processing, and disclosure of User Data in accordance with this Privacy Policy and understand that, in jurisdictions where it is available, TetiAI LLC also relies on other lawful bases for the foregoing as more fully set out in this policy. TetiAI LLC will only collect, use and disclose User Data with User consent, unless otherwise permitted or required by law. User consent may be given expressly or implied, depending on the circumstances and the sensitivity of the information involved. User may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice.

Cross-jurisdictional Transfers. By providing TetiAI LLC with User Data, User acknowledge and agree that Data may be transferred or disclosed to other jurisdictions for processing and storage outside of Canada, including to the United States and the countries listed on TetiAI LLC subprocessor (expressed in "Data disclosure and management" section of this privacy policy), where laws regarding the protection of Data may be less stringent than the laws in User jurisdiction. Furthermore, TetiAI LLC may disclose User Data in these jurisdictions in response to legal processes or where TetiAI LLC believes in good faith that disclosure is required or permitted by law.

Contact. If User has any questions or comments about Teti processing Data, or to exercise User rights as outlined in "What are User right?" section, please contact TetiAI LLC at [email protected].

Additional provisions relevant to residents of Brazil

This content should be read in conjunction with the rest of TetiAI LLC Privacy Policy. In case of conflict between TetiAI LLC Privacy Policy and these additional provisions, the additional provisions shall prevail in relation to residents of Brazil.

Legal Bases. Depending on the specific purpose of the processing, TetiAI LLC may rely on different grounds than those listed under "Legal basis for processing" section 2, where permitted by and in accordance with the Brazilian General Data Protection Law;

Data Subject's Rights. Brazilian General Data Protection Law grants certain rights regarding User Data, which differ from the ones listed under "What are User right?" section. TetiAI LLC will respond to User requests to exercise the rights below in accordance with applicable law:

• confirmation of whether User data is being processed. User has the right to receive a confirmation on whether TetiAI LLC processes Data;
• access to User data. User has the right to know what Data TetiAI LLC processes;
• correction of incomplete, inaccurate or outdated Data. User has the right to request the correction of Data that is incomplete, inaccurate, or outdated;
• anonymization, blocking or erasure of Data. User has the right to request the anonymisation, blocking or erasure of data that is unnecessary, excessive or processed in non-compliance with the provisions of the law;
• portability of Data to a third party. User has the right to request portability of Data to a third-party, as long as this does not infringe on our trade secrets;
• information of public and private entities with which we shared Data. User has the right to request information of public and private entities with which we have shared User Data;
• information about the possibility to refuse to provide consent and the respective consequences, when applicable;
• withdrawal of your consent. User has the right to withdraw your consent (free of charge);
• request a review of decisions made solely based on automated processing of Data.

International Data Transfers. User acknowledge that TetiAI LLC is a company based and headquartered in the United States. Any information TetiAI LLC hold about User may be transferred to, used, processed, and stored in the United States and other countries and territories, which may not have data privacy or data protection laws equivalent to those in your country or territory. For the proper operation of the Services, TetiAI LLC needs to carry out international transfers of personal data. In the case of Brazil, TetiAI LLC will rely on Standard Contractual Clauses (approved by the Brazilian Data Protection Authority and available here) for User data transfers where required and in instances where they are not covered by an adequacy decision.

Privacy policy updates

TetiAI LLC may make amendments and/or additions to this Privacy Policy, also as a consequence of changes in the applicable legislation. User may view the text of the Privacy Policy constantly updated on the TetiAI LLC website or app in the Privacy Policy section or make an explicit request by contacting TetiAI LLC or the DPO directly at the e-mail addresses expressed in the "Who is the Data Controller and how can I contact privacy team?" section.

Last update: October 2025