Privacy Policy

1. Our role

Tessellatic builds business-to-business software and developer APIs for fraud detection, risk scoring, and financial-market data. Our software analyzes data and returns signals only — it never holds, moves, or transmits customer funds. When a business customer uses our Services to process data about its own users, that customer is the controller of the data and Tessellatic acts as its service provider or processor, handling the data only to provide the Services under our agreement with that customer.

2. Information we collect

• Contact information you provide when you email us or request information (such as your name, email address, and message content).
• Account and API data needed to provision and operate Services for business customers, such as account identifiers and API keys.
• Customer data submitted to the APIs by business customers for processing, handled on their behalf and subject to their instructions.
• Technical and usage data such as IP address, request metadata, and logs collected to operate, secure, and improve the Services.

3. How we use information

We use information to:

• provide, maintain, secure, and improve the Services;
• respond to inquiries and provide support;
• detect, prevent, and investigate fraud, abuse, and security incidents;
• comply with legal obligations and enforce our agreements.

We do not sell personal information. We do not use customer data submitted to the APIs for any purpose other than providing the Services to the relevant customer, except as required by law.

4. Service providers

We use a limited set of trusted third-party providers — for example, cloud hosting, infrastructure, and email delivery — to operate the Services. These providers process information only on our behalf and under contractual obligations consistent with this Policy.

5. Data retention

We retain information for as long as necessary to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. Customer data submitted to the APIs is retained and deleted in accordance with our agreement with the relevant customer.

6. Security

We maintain administrative, technical, and organizational measures designed to protect information against unauthorized access, disclosure, alteration, and destruction. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Your choices

Depending on your location, you may have rights to access, correct, or delete personal information we hold about you, or to object to certain processing. Where Tessellatic acts as a processor on behalf of a business customer, please direct such requests to that customer; we will assist them as required by our agreement. To exercise rights for information we control directly, contact us using the details below.

8. International users

Tessellatic is based in the United States, and information we process may be stored and processed in the United States and other countries where we or our service providers operate. By using the Services, you understand that your information may be transferred to and processed in those locations.

9. Governing law and changes

This Policy is governed by the laws of the State of Delaware, United States. We may update this Policy from time to time; when we do, we will revise the effective date above.

10. Contact

Questions about this Policy or our data practices may be sent to legal@tessellatic.com. For security disclosures, contact security@tessellatic.com.