/ Privacy
Try free Back home
Legal

Privacy Policy

Effective January 1, 2026 · TDS.SO LTD, Cyprus

1. Overview

TDS.SO LTD ("Service", "we") respects your privacy. This policy describes what data we collect when you use tds.so and the dashboard at app.tds.so, how we use it, and what rights you have.

By using the service, you agree to this policy. If you don't agree — please don't use the service.

2. What data we collect

2.1 Account

  • Email — for sign-in, notifications, password recovery.
  • Name or handle (optional) — for display in the UI.
  • Telegram ID (if connected) — for ban alerts.
  • Payment data — payment method, amount and status are stored; transactions are processed by our payment providers. We never see or store card or wallet credentials.

2.2 Usage data

  • IP address and User-Agent of dashboard visits — for security and audit.
  • Action logs — link creation, template edits, domain activation.
  • Product metrics — clicks, conversions, AI-generator usage.

2.3 Click data from your traffic

When a visitor follows a link created through the service, we process technical data about that click to provide click analytics and fraud / bot protection to the link owner:

  • IP address, approximate geolocation (country / region / city) and ISP.
  • User-Agent, browser, operating system, device type and language.
  • Bot, proxy / VPN and Tor signals used to assess traffic quality.
  • Referrer and tracking parameters (sub-IDs) passed in the link.

This data is kept separately per account and is not combined into a cross-customer visitor profile.

2.4 What we do NOT collect

  • Content of your landings or creatives outside our infrastructure.
  • Content of third-party sites you link to.
  • Card or wallet credentials — these stay with the payment provider.

3. Cookies and tracking

We use cookies for:

  • Sessions — to keep you signed in.
  • UI preferences — theme, language, stats period.
  • Analytics — anonymous aggregated info on landing visits.

Details — see the Cookie Policy. You can disable cookies in your browser. The cookie banner on the landing page lets you choose between "Accept all" and "Essential only".

4. How we use data

  • Service delivery (TDS, antibot, analytics).
  • Billing and tax compliance.
  • Security: fraud detection, abuse protection.
  • Support: contact via email or Telegram if you reach out.
  • Product improvement: aggregated usage analytics (which features are used).
  • Marketing: email updates only (you can unsubscribe).

5. Who we share data with

We don't sell your data to third parties. We share only in these cases:

  • Hosting & infrastructure: server, CDN, DDoS-protection and object-storage providers, depending on region.
  • Payments: payment and acquiring providers that process transactions. We never see or store card or wallet credentials.
  • Email delivery: email and SMTP providers used to send notifications.
  • Error & performance monitoring: error-tracking and performance-monitoring services.
  • Analytics: web-analytics services — loaded only after you accept analytics cookies.
  • Support: chat and ticketing service.
  • AI content generation: AI providers for text and image generation.
  • Safety & anti-abuse: domain-safety checks, bot protection, and IP-intelligence / geolocation services.
  • Notifications: messaging and push-notification platforms.
  • Legal requirements: court orders or government requests in Cyprus / EU jurisdiction.
  • Merger / acquisition: with at least 30 days' notice.

6. Your rights

Regardless of your country, you have the right to:

  • Access — request a copy of your data.
  • Correction — update or correct profile data.
  • Deletion — delete your account and related data (except what we must legally retain, e.g., billing — 7 years).
  • Export — download your data as JSON / CSV.
  • Unsubscribe — opt out of marketing emails.

Requests — to privacy@tds.so. We respond within 30 days.

7. Data security

  • All connections — HTTPS with TLS 1.3.
  • Passwords stored as a bcrypt hash; API and unsubscribe tokens stored hashed (SHA-256).
  • Two-factor authentication (TOTP) — recommended for all users.
  • Backups — daily, encrypted at rest.
  • Access to production data is limited to authorized personnel on a need-to-know basis, with audit logging.

8. Retention

  • Active account: as long as it exists.
  • After deletion: 30-day soft-delete (recoverable), then full deletion.
  • Billing records: 7 years (tax law requirement).
  • Security logs: 90 days.

9. Policy changes

For material changes, we'll notify you 14 days in advance via email and dashboard banner. The last-updated date is at the top of this page.

10. Contact

TDS.SO LTD
Registered in Cyprus
Email: privacy@tds.so
Telegram: @tdschat