Privacy Policy | TileBack

1 Introduction

Quick Summary We collect your email and form data. We use it to run the service. We don't sell it. You can export or delete it anytime.

MWANGI ("we", "us", "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, process, store, and protect information when you use TileBack ("Service"), a form backend service available at tileback.com and related domains.

This Privacy Policy applies to:

Account Data: Information you provide when creating and managing your TileBack account
Form Submission Data: Data submitted through forms you create using our Service
Usage Data: Information about how you interact with the Service

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy should be read in conjunction with our Terms of Service.

2 Data Controller and Legal Basis

2.1 Data Controller

For personal data you provide to create and manage your TileBack account, MWANGI is the data controller under the Kenya Data Protection Act (2019) and the EU General Data Protection Regulation (GDPR).

For your account info, we're in charge. For data people submit through YOUR forms, YOU'RE in charge and we're just processing it for you.

For data submitted through forms created by you ("Form Submission Data"), you act as the data controller and we act as a data processor on your behalf. You are responsible for ensuring lawful processing of such data.

2.2 Legal Basis for Processing

We process your personal data under the following legal bases:

Contractual Necessity: To perform our contract with you and provide the Service
Legitimate Interests: To improve our Service, prevent fraud, and ensure security
Legal Obligation: To comply with applicable laws and regulations
Consent: Where you have explicitly consented to specific processing activities

2.3 Data Protection Officer

For data protection inquiries, you may contact our designated representative at:

Email: [email protected]

3 Information We Collect

@ Account Information

When you create a TileBack account, we collect:

Email Address: Used for account identification, authentication, and service communications
Password: Stored in encrypted form using industry-standard bcrypt hashing
Account Creation Date: For service provision and analytics
Subscription Plan: Free, Starter, or Pro tier information

📝 Form Submission Data

When forms created by you receive submissions, we collect and store:

Form Field Data: All data submitted through form fields (text, email, numbers, etc.)
File Uploads (Beta Feature): Files attached to form submissions (Starter: 1 file up to 10MB; Pro: up to 10 files, 25MB each)
BETA - LIMITED AVAILABILITY
File uploads are currently in beta testing with gradual rollout. Performance and availability may vary as we refine this feature. Files are stored for 14 days only.
Submission Metadata: Timestamp, IP address of submitter (if configured), user agent, browser information
Form Configuration: Form names, notification settings, webhook configurations, redirect URLs

You decide what data your forms collect. You're responsible for telling your form users what you're collecting and getting their consent. This includes any files they upload.

💳 Payment Information

If you subscribe to a paid plan:

Payment processing is handled by Stripe, our third-party payment processor
We do not store your full credit card details on our servers
We receive limited payment information from Stripe (last four digits, card type, expiration date, billing status)
Stripe's privacy policy governs their handling of your payment data: stripe.com/privacy

📊 Technical and Usage Data

We automatically collect certain technical information:

Log Data: IP addresses, browser type and version, device information, operating system
Usage Analytics: Pages visited, features used, time spent on Service, API calls made
Performance Data: Error logs, system performance metrics, API response times
Security Data: Login attempts, authentication events, suspicious activity indicators

3.5 Cookies and Similar Technologies

We use cookies and similar technologies for:

Essential Cookies: Session management, authentication, security (required for Service operation)
Functional Cookies: Remembering your preferences and settings
Security Cookies: CSRF tokens and security measures

Most browsers allow you to control cookies through settings. However, disabling essential cookies may prevent you from using certain features of the Service.

4 How We Use Your Information

4.1 Service Provision

Creating and managing your TileBack account
Processing and storing form submissions on your behalf
Sending email notifications of form submissions via AWS SES
Providing access to your dashboard and form data
Exporting data in requested formats (CSV, JSON)
Processing payments for paid subscriptions

4.2 Service Improvement

Analyzing usage patterns to improve features and user experience
Identifying and fixing technical issues and bugs
Developing new features and functionality
Optimizing Service performance and reliability

4.3 Communication

Sending transactional emails (account confirmations, password resets, billing notifications)
Providing customer support and responding to inquiries
Notifying you of important service changes or security updates
Sending service announcements (with option to opt-out for non-essential communications)

4.4 Security and Compliance

Detecting, preventing, and responding to fraud, abuse, and security incidents
Enforcing our Terms of Service and acceptable use policies
Complying with legal obligations and regulatory requirements
Protecting rights, property, and safety of MWANGI, users, and the public

5 Data Sharing and Third-Party Services

We Don't Sell Your Data We do not sell, rent, or trade your personal data. Period.

We share data only in the following circumstances:

5.1 Third-Party Service Providers

We use trusted third-party services to operate TileBack:

Amazon Web Services (AWS) SES

Purpose: Email delivery for form submission notifications
Data Shared: Email addresses, email content (form submission data)
Privacy Policy: aws.amazon.com/privacy

Stripe

Purpose: Payment processing for paid subscriptions
Data Shared: Billing information, payment method details, transaction data
Privacy Policy: stripe.com/privacy

Amazon S3 (AWS)

Purpose: File upload storage for form submissions (Starter and Pro plans)
Data Shared: Files uploaded through your forms, stored in encrypted S3 buckets
Data Location: Files may be stored in AWS data centers in various regions
Retention: Files are automatically deleted after 14 days
Privacy Policy: aws.amazon.com/privacy

5.2 Your Integrations and Webhooks

If you configure integrations or webhooks, you control where your form data is sent:

Webhook Forwarding (Starter and Pro Plans)

What It Does: Automatically sends form submission data to your specified endpoint URL
Data Shared: All form field data and submission metadata sent to your webhook URL
Your Responsibility: You control the webhook destination and are responsible for how that service processes the data
Security: We recommend using HTTPS endpoints and implementing webhook signature verification

Newsletter Integrations (Pro Plan)

Supported Services: ConvertKit (Kit), Mailchimp, ActiveCampaign
What It Does: Automatically adds form submitters to your email list or newsletter
Data Shared: Email address and any custom fields you configure (name, tags, etc.)
Your Responsibility: You must obtain proper consent from form submitters before adding them to marketing lists. Each newsletter service has its own privacy policy and data handling practices.
Privacy Policies:
- ConvertKit: convertkit.com/privacy
- Mailchimp: intuit.com/privacy/statement
- ActiveCampaign: activecampaign.com/privacy-policy

If you turn on webhooks or newsletter integrations, YOU decide where data goes. We just deliver it. Make sure you tell your form users about these integrations in YOUR privacy policy.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

Valid legal processes (subpoenas, court orders, warrants)
Requests from law enforcement or government authorities
National security or law enforcement requirements
Protection of our legal rights in legal proceedings

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and provide options regarding your data.

6 International Data Transfers

Your data may be transferred to, stored, and processed in various countries where our service providers operate.

Your data is stored in secure data centers. If you're in the EU, we've got you covered with proper safeguards.

6.1 GDPR Compliance for EU Users

For users in the European Economic Area (EEA), UK, or Switzerland:

We rely on standard contractual clauses approved by the European Commission for data transfers
We implement appropriate technical and organizational safeguards to protect your data
You have specific rights under GDPR as outlined in Section 8 of this Privacy Policy

6.2 Data Protection Compliance

We comply with applicable data protection regulations, including:

Implementing appropriate technical and organizational measures to protect personal data
Notifying relevant authorities and affected data subjects of data breaches within 72 hours
Honoring data subject rights (access, correction, deletion, portability, objection)
Maintaining records of processing activities as required by law
Ensuring data processing agreements are in place for our role as data processor for form submission data

You must comply with data protection laws applicable to your jurisdiction and the jurisdictions of your users.

7 Data Retention

7.1 Account Data

We retain your account information for as long as your account is active or as needed to provide the Service. After account closure, we may retain certain information for:

Legal Compliance: As required by tax, accounting, or other legal obligations (typically 7 years)
Dispute Resolution: To resolve disputes, enforce agreements, and protect legal rights
Fraud Prevention: To detect and prevent fraudulent account creation

7.2 Form Submission Data

Form submission data is automatically deleted based on your subscription plan's retention period:

Automatic Deletion by Plan Tier

Free Plan (30-day retention): Submissions older than 30 days are automatically and permanently deleted
Starter Plan (90-day retention): Submissions older than 90 days are automatically and permanently deleted
Pro Plan (1-year retention): Submissions older than 365 days are automatically and permanently deleted

Manual deletion options:

You can delete individual submissions at any time through your dashboard
Deleted submissions are removed from active systems within 30 days
Upon account closure, all form submission data is deleted within 30 days
Backups may retain deleted data for up to 90 days for disaster recovery purposes before permanent deletion

We auto-delete old submissions based on your plan. When you manually delete data or close your account, it's gone from our active systems in 30 days max. Backups take up to 90 days to cycle out completely.

7.3 File Uploads

Files attached to form submissions are subject to shorter retention periods for privacy and cost optimization:

File Storage Period: Uploaded files are automatically deleted 14 days after the submission date, regardless of your plan's data retention period
File Metadata: Information about the file (filename, size, upload date) is retained with the submission data according to your plan's retention period
Recommendation: Download important files promptly after submission, as they will be permanently deleted after 14 days

Files uploaded through forms are deleted after 14 days to protect privacy and reduce storage costs. The submission record (including file names) stays for your plan's retention period, but the actual files are gone after 14 days.

7.4 Log and Technical Data

Technical logs and usage data are retained for operational and security purposes:

Security Logs: Up to 12 months for security monitoring and incident response
Performance Logs: Up to 6 months for Service optimization
Analytics Data: Aggregated analytics may be retained indefinitely in anonymized form
Audit Logs: Activity logs for account actions, form changes, and administrative operations are retained for up to 90 days for security, compliance, and dispute resolution purposes

8 Your Rights and Choices

You're In Control Your data, your rules. Access it, export it, correct it, or delete it anytime.

Access & Portability

View your account data and form submissions in your dashboard
Export data in CSV or JSON formats
Request copies of data we hold about you

Correction

Update your email and password through account settings
Contact us to correct any inaccurate personal data

Deletion & Erasure

Delete individual form submissions anytime
Close your account to delete all data
Request deletion of personal data (subject to legal retention)

Restriction & Objection

Request limitation of data processing
Object to processing based on legitimate interests
Opt-out of non-essential emails

8.5 Additional GDPR Rights

If you are in the EEA, UK, or Switzerland, you have additional rights:

Right to Lodge Complaint: File a complaint with your local data protection authority
Right to Object to Automated Decision-Making: We do not currently use automated decision-making or profiling

8.6 Exercising Your Rights

To exercise any of these rights, contact us at:

Email: [email protected]
Subject line: "Data Subject Rights Request"

We will respond to your request within 30 days. We may require identity verification to protect your data from unauthorized access.

9 Data Security

We implement appropriate technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction:

9.1 Technical Safeguards

Encryption in Transit: All data transmitted to and from TileBack is encrypted using TLS/SSL
Encryption at Rest: Database encryption for sensitive data
Password Security: Passwords hashed using bcrypt with salt
Secure Authentication: JWT-based authentication with secure token management
API Security: Rate limiting, CSRF protection, input validation

9.2 Organizational Safeguards

Access Controls: Limited employee access to personal data on a need-to-know basis
Security Training: Regular security awareness training for personnel
Vendor Management: Due diligence on third-party service providers
Incident Response: Procedures for detecting and responding to security incidents

9.3 Staff Access to Data

Our authorized personnel may access your data in limited circumstances:

Customer Support: To investigate and resolve support requests you submit
Security Incidents: To investigate potential security breaches, abuse, or Terms of Service violations
System Maintenance: To perform necessary system maintenance, debugging, or service improvements
Legal Compliance: When required to comply with legal obligations or valid legal processes

All staff access is logged, monitored, and subject to strict confidentiality obligations. We access your data only when reasonably necessary and with appropriate authorization.

Our staff can see your data when you ask for help, if there's a security issue, or if we're legally required to. All access is logged and limited to what's necessary. We don't snoop around in your data for fun.

Security Reality Check While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

10 GDPR Compliance

TileBack is committed to full compliance with the EU General Data Protection Regulation (GDPR) for all users, regardless of location. This section provides transparency into our GDPR compliance framework.

10.1 Data Storage and Sovereignty

Where Your Data Lives

Primary infrastructure is hosted in secure, industry-certified data centers
Form submission data is stored in encrypted PostgreSQL databases
File uploads (when enabled) are stored on Amazon S3 with encryption at rest
Data may be processed in Kenya or other jurisdictions where our service providers operate
For EU users, we implement Standard Contractual Clauses (SCCs) for international data transfers

Your data is stored securely with encryption. If you're in the EU, we use approved legal mechanisms (SCCs) to transfer data outside the EU legally.

10.2 Data Retention Policy

How Long We Keep Your Data

Free Plan: Form submissions are automatically deleted after 30 days
Starter Plan: Form submissions are automatically deleted after 90 days
Pro Plan: Form submissions are automatically deleted after 1 year (365 days)
File Uploads: All uploaded files are automatically deleted after 14 days, regardless of your plan
Account Data: Retained while your account is active; deleted within 30 days of account closure
Backups: Deleted data may remain in backups for up to 90 days before permanent deletion

You can manually delete individual submissions or entire forms at any time through your dashboard, initiating immediate deletion from active systems.

10.3 Right to Data Export

Data Portability

Export all form submissions in CSV or JSON format directly from your dashboard
Download individual submission data at any time
No restrictions or delays - instant access to your data
Exports include all form fields, submission metadata, and timestamps
For comprehensive account data requests, contact us at [email protected]

You can export your data anytime, in standard formats (CSV or JSON), with one click. No waiting, no approval needed.

10.4 Right to Deletion

Data Erasure Rights

Individual Submissions: Delete specific form submissions immediately from your dashboard
Entire Forms: Delete entire forms and all associated submissions
Account Closure: Close your account to trigger deletion of all data within 30 days
Data Subject Requests: If form submitters request deletion of their data, you can delete their submissions manually or contact us for assistance
Permanent Deletion Timeline: Active systems delete data immediately; backups are purged within 90 days

As a data processor for form submissions, we provide you (the controller) with tools to honor deletion requests from your users. For your own account data deletion, simply close your account or contact us.

10.5 Standard Contractual Clauses (SCCs)

For EU users, international data transfers are protected by:

Standard Contractual Clauses (SCCs) approved by the European Commission
Additional technical and organizational safeguards (encryption, access controls, security monitoring)
DPAs incorporating SCCs available for enterprise customers upon request
Regular review and updates to ensure compliance with evolving GDPR guidance

10.6 Third-Party Integrations and GDPR

When you use integrations (webhooks, newsletter services), data may be shared with third parties you configure. You are responsible for:

Ensuring third-party services comply with GDPR if processing EU personal data
Reviewing privacy policies of integrated services (ConvertKit, Mailchimp, ActiveCampaign)
Obtaining proper consents from form submitters for data sharing with third parties
Documenting your legal basis for sharing data with third-party processors

If you connect TileBack to other services, make sure those services are also GDPR-compliant. You're the controller, so you need to ensure the whole data pipeline is legally sound.

11 Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms:

We will notify affected users via email within 72 hours of discovering the breach
We will notify the Office of the Data Protection Commissioner (Kenya) as required by law
For EU users, we will notify relevant EU data protection authorities as required by GDPR
Notifications will include the nature of the breach, likely consequences, and measures taken to address it

If you become aware of a security vulnerability or breach, please report it immediately to: [email protected]

12 Children's Privacy

TileBack is not intended for use by individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from children.

If we discover that we have collected personal data from a child without parental consent, we will delete such information immediately. If you believe we have collected data from a child, please contact us at [email protected].

Note for Form Creators You are responsible for ensuring your forms comply with laws regarding children's data (such as COPPA in the US). You must implement appropriate age verification and parental consent mechanisms if collecting data from children.

13 Data Processing Agreement (DPA)

When you use TileBack to collect form submission data, a data processing relationship exists between you (the data controller) and MWANGI (the data processor).

13.1 Standard Data Processing Terms

By using the Service, you agree to our standard data processing terms, which include:

Processing Instructions: We process form submission data solely according to your documented instructions (form configuration, integrations, retention settings)
Confidentiality: Our personnel handling your data are bound by confidentiality obligations
Security Measures: We implement appropriate technical and organizational measures as described in Section 9
Sub-processors: We use third-party sub-processors as disclosed in Section 5 (AWS SES, AWS S3, Stripe)
Data Subject Rights: We assist you in fulfilling data subject rights requests through data export and deletion tools
Data Breach Notification: We notify you of data breaches affecting your form submission data within 72 hours
Deletion Assistance: Upon termination, we delete or return form submission data according to your plan's retention policy

13.2 Requesting a Formal DPA

For enterprise customers or those with specific compliance requirements (GDPR Article 28, CCPA, sector-specific regulations), we can provide a formal, executed Data Processing Agreement.

To request a DPA, contact us at: [email protected] with subject line "DPA Request" and include:

Your organization name and contact details
Applicable jurisdiction and regulatory requirements
Any specific terms or Standard Contractual Clauses (SCCs) needed

If you need a signed legal agreement about how we handle your form data (for GDPR, corporate compliance, etc.), just ask. We'll get you a proper DPA within a few business days.

14 Your Responsibilities as a Data Controller

When you use TileBack to collect data through forms, you act as a data controller. You are responsible for:

14.1 Lawful Processing

Ensuring you have a lawful basis to collect and process form submission data
Obtaining necessary consents from form submitters
Complying with data protection laws applicable to your jurisdiction and your users' jurisdictions

14.2 Privacy Notices

Providing clear privacy notices to form submitters explaining what data you collect and how you use it
Informing submitters that TileBack processes data on your behalf
Including links to this Privacy Policy where appropriate

14.3 Data Subject Rights

Responding to data subject access requests from form submitters
Honoring deletion, correction, and other data rights requests
Using TileBack's tools to manage and delete form submission data as required

14.4 Compliance Checklist for Form Creators

Your Legal Obligations Before collecting data through TileBack forms, ensure you have completed ALL of the following:

Privacy Notice: Posted a clear privacy policy on your website explaining what data you collect and how you use it
Consent Mechanism: Obtained explicit, informed consent from form submitters (checkbox, opt-in, etc.)
Data Minimization: Only collect data that is necessary for your stated purposes
Legal Basis: Identified your lawful basis for processing (consent, contract, legitimate interest, legal obligation)
Data Protection Registration: If required in your jurisdiction, registered as a data controller with the appropriate authority
Cross-Border Transfers: If collecting data from EU users, implemented appropriate safeguards for international data transfers
Children's Data: If collecting data from children, obtained parental consent and implemented COPPA/age-appropriate protections
Sensitive Data: If collecting sensitive personal data (health, financial, biometric), implemented enhanced protections and obtained explicit consent

Think of it this way: we're the kitchen handling the cooking, but you're the restaurant owner responsible for the menu, ingredients, and customer disclosures. If someone gets food poisoning from your recipe, that's on you, not us.

15 Cookies and Tracking Technologies

15.1 Types of Cookies We Use

Essential Cookies (Required)

These cookies are necessary for the Service to function:

Session Cookies: Maintain your logged-in state
Authentication Tokens: Verify your identity
CSRF Tokens: Protect against cross-site request forgery attacks
Security Cookies: Detect and prevent abuse

Functional Cookies (Optional)

These cookies enhance your experience:

Preference Cookies: Remember your settings and preferences

15.2 Managing Cookies

You can control cookies through your browser settings:

Most browsers allow you to refuse all cookies or only third-party cookies
You can delete existing cookies from your browser
Note: Disabling essential cookies will prevent you from using the Service

Learn more about cookie management:

16 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make changes, we will:

Update the "Last updated" date at the top of this page
Notify you via email if the changes are material
Post a notice on the Service
For significant changes, provide at least 30 days' notice before changes take effect

If we change how we handle your data, we'll tell you. If you don't like the changes, you can export your data and close your account.

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

17 Contact Information

Get in Touch

TileBack is operated by MWANGI. For privacy-related questions, concerns, or to exercise your data rights:

General Privacy Inquiries:
[email protected]

Data Protection Officer:
[email protected]
Subject: "DPO - [Your Request]"

Security Issues:
[email protected]
For urgent security matters only

Data Subject Rights Requests:
[email protected]
Subject: "Data Subject Rights Request"

Regulatory Authorities

Kenya:
Office of the Data Protection Commissioner
www.odpc.go.ke

EU/EEA:
You have the right to lodge a complaint with your local supervisory authority.
Find your authority