Privacy Policy

Epifi Technologies Private Limited ("Epifi", "we", "us" or "our") developed, owns and operates Tetriz, a software as-a-services platform providing artificial intelligence-based analytics and automation for organisational performance management ("Tetriz") along with certain associated tools and software (collectively, the "Services"). Tetriz aggregates and analyses data from enterprise collaboration, project management and software development tools (including code repositories, issue tracking systems and workplace communication platforms, among other things) to generate insights regarding workforce productivity, operational performance, and business outcomes.

We are committed to protecting your privacy, and this Privacy Policy ("Policy") explains how we collect, use, store, process, disclose and protect information, particularly personal data, when you or your organisation access or use our website located at https://tetriz.ai ("Website") or our Services.

By accessing or using our Website or Services, or otherwise participating in the Tetriz ecosystem, you ("you", "your" or "User") consent to the practices described in this Policy. If you are accessing the Website or the Services on behalf of an organisation, you represent that you have authority to bind the organisation, and its officers, directors, employees and other relevant stakeholders to this Policy. If you do not agree, please discontinue use of the Website and the Services.

1. Who We Are

We are a company incorporated under the Companies Act, 2013, with our registered office at Salarpuria Sattva Knowledge Court, Survey No. 77, Plot No. 9, 6th Floor, Doddenakundi, KR Puram Hobli, Bengaluru - 560048.

2. Categories of Data We Collect

We collect the following kinds of data:

(a) Data from persons who visit our Website. The Website will record certain information automatically, such as your IP address, mobile device or computer, operating system and browser, and geo-location. In addition, we collect any information you provide when you contact us for any reason via our site interface, such as your name, email, address, and other contact information.

(b)Data collected when we process information in the context of providing Services to our customers, including customers that use our Services free of charge. This is data concerning individuals, including the customer's employees, contractors, agents and any other person who accesses the Services through the customer's subscription to the Services. Such data includes data regarding how tools, platforms, systems and code are used, accessed, developed, tested and deployed by Users using our Services. Additionally, it includes names, emails and account profiles on such tools, platforms and systems.

(c)Data concerning Users who access our Services through various means of access, including but not limited to browsers, mobile apps, and application programme interfaces. Such data can include information that is used for your identification or authentication, or to login to our various tools and services, such as names and email addresses, as well as profiles and account information from third party tools, platforms and systems, and metadata of a user's activity relating to third party tools, platforms and systems.

3. Specific Data That We Collect and Usage of Data

(a) Registration Data: In order to access some of our Services, you may first need to create an account. When creating an account, you will be asked to provide information in order to verify your identity. This information may include your name and email address, information from third party providers through whom you access our Services, and any other information we deem reasonably necessary to properly verify your identity. How We Use this Data: We use your registration data to provide you access to our Services, save your preferences, improve the usability of our Services, protect the security of our Services, prevent fraud, and to address any issues that arise. We use your contact details to communicate with you. We also use your contact details to send you newsletters or promotional materials relating to our products and services.

(b) Contact Data: If you contact us for any reason, we collect any personal data you provide, such as your email address and the content of your message. When you sign up for newsletters or email lists we collect your name and email address. We may also collect additional information about the company you work for, including without limitation, its name, size, and location, and your role in the company. If you apply for a job with us, we, or a third party operating on our behalf, collect the information you provide as part of your application and during the course of the application process. This may include your name, contact details, resume, recommendations, and any other information we may request or that you choose to share with us. From time to time, we hold special events in which we may invite you to participate. If you register for an event, we will collect personal data provided as part of the registration process, such as your name, contact details, and any other information we may request. If you have signed up for our newsletters and/or if you have contacted us regarding our Services we may send you newsletters or other promotional materials. We try to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest to you. Note that we may need to contact you about administrative or service-related issues as part of providing the Services to you. This is not direct marketing and even if you opt-out of direct marketing, you will continue to receive these messages. We use this personal data to respond to your inquiry, to provide you with newsletters and to provide you with promotional or informational materials matching the interest you have expressed in your sign up request. If you choose to register for one of our special events, we will use the data you provided us for event planning and logistical purposes, to contact you with updates or to ask for your feedback regarding the event, to improve our events, products and services, and for marketing purposes.

(c) Automatically Collected Data: When you use the Services, we automatically collect information about your computer or mobile device. This includes non-personal data such as your operating system, and personal data such as your IP address, the location associated with your IP addresses, device ID, browsing history and any information regarding your viewing or usage history of the Services. This data is collected through cookies and similar technologies. We use this data to review how users use our Services, to develop new products or services and improve current content, products, and services, to prevent fraud, protect the security of our Services, and address any problems with the Services. This data is often used in an aggregated and non-specific analytical manner. We also use this data in order to provide you with customised content and targeted offers related to our Services.

(d) Statistical Information and Analytics: We want to understand how people are using our Services so that we can make improvements, understand user needs, and tailor our services for users. To do this, we use certain third-party analytics tools that help us gather and compile statistical information. We can also anonymise and aggregate data which we can then share with our business partners.

4. How We Share Information

We do not sell your personal data. We share data only in the following manner:

(a) Within Epifi: We share data with our affiliates where this is necessary to provide you with our products and Services, and for the purpose of management of our business.

(b) Within Your Organisation: Dashboard metrics, scores and derived analytics are shared with authorised administrators and managers within your customer organisation, subject to the role-based access controls configured by the organisation.

(c) Service Providers and Third Party Tools: We disclose data that we collect from and / or about you, to our trusted service providers and sub-contractors who have agreed to confidentiality restrictions and who use such information solely on our behalf in order to help us provide you with Services. We also utilise large language model providers in relation to the Services.

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our Website and Services through behavioral metrics, heatmaps, and session replay to improve and market our products / services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products / services and online activity. Additionally, we use this information for site optimisation and fraud / security purposes. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

(d) Legal and Regulatory Disclosures: We may disclose information where required by law, court order, or government authority to the extent legally required. We will endeavour to notify the relevant User prior to such disclosure where legally permitted.

(e) Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred to the successor entity, subject to equivalent privacy protections.

5. Data Localisation and Cross-Border Transfers

We primarily store and process data on servers located in India. Where data is processed or stored outside India, we ensure that such transfer is:

• Subject to standard contractual clauses or equivalent safeguards;
• Compliant with applicable data protection laws; and
• Disclosed to the relevant customer organisation at the time of onboarding.

6. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies for authentication, session management, and product analytics. We use:

• Essential cookies: required for the Services to function (login sessions, security tokens).
• Analytics cookies: to understand aggregate usage patterns, with IP anonymisation enabled.

You may disable non-essential cookies through your browser settings. Disabling essential cookies will impair Service functionality. We do not use third-party advertising cookies.

7. Data Retention

We retain personal data for as long as necessary to fulfil the purposes described in this Policy, or as required by applicable law.

Operational data collected through connected integrations and applications is retained for the duration of the active subscription and for a reasonable period thereafter to allow for data retrieval, dispute resolution, and transition. Account and registration data is retained until deletion is requested and confirmed. Aggregated, de-identified analytics do not constitute personal data and are not subject to retention limits. Where a legal hold applies by reason of a court order, regulatory requirement, or ongoing dispute, data may be retained beyond the above periods for the duration of that obligation, and affected customer organisations will be notified where legally permissible.

Upon subscription termination, customer data is deleted within such timeline as is prescribed by applicable law, except where retention is required by law.

8. Your Rights

You have the following rights, exercisable by contacting privacy@tetriz.ai:

(a) Right to Access: Obtain confirmation of whether we process your personal data and receive a summary of data processed.

(b) Right to Correction and Erasure: Request correction of inaccurate data and erasure of data no longer necessary for the stated purpose, subject to legal retention obligations.

(c) Right to Grievance Redressal: Lodge a complaint with our Grievance Officer.

(d) Right to Withdraw Consent: Withdraw consent for optional data processing (e.g., prompt coaching) at any time, without affecting Services to which you are entitled under your subscription.

(e) Right to Nominate: Nominate another individual to exercise rights on your behalf in the event of death or incapacity.

9. Security

We implement reasonable security practices and procedures including appropriate technical and organisation security measures, policies and procedures as required under applicable law. We use measures such as physical, electronic, and procedural safeguards, access control, internal policies, backups and encryption to protect your data.

However, we recognise that no security system is impenetrable. Therefore, while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. You are responsible for the security of the devices you use and for keeping your credentials protected.

10. Queries

For general privacy queries: privacy@tetriz.ai

11. Children's Privacy

The Website and the Services are intended for use by working professionals. We do not knowingly collect personal data from individuals under the age of 18 (eighteen). If we become aware that personal data of a minor has been collected, we will delete it promptly.

12. Third Party Providers

Certain features of the Website and Services are delivered through third-party tools and platforms. Where such tools independently collect or process your data, their respective privacy policies govern that processing and Tetriz does not control and is not responsible for the data practices of such third parties. We recommend reviewing the privacy policies of any third-party tools you interact with through our Website or Services.

13. Changes to This Policy

We may update this Policy from time to time. Material changes, including changes to processing purposes, data categories collected, sub-processors, or your rights, will be notified to customer organisations with at least 30 (thirty) days' advance written notice. Non-material changes (such as contact detail updates or clarifications) will be reflected with an updated "Last Updated" date. Continued use of the Services after the effective date constitutes acceptance of the revised policy.

14. Governing Law and Jurisdiction

This Policy is governed by the laws of India. Any disputes arising under this Policy shall first be subject to the dispute resolution mechanism set out in the Terms of Use (including the mandatory 30 (thirty) day good-faith negotiation period and binding arbitration under the Arbitration and Conciliation Act, 1996, with seat in Bengaluru). Nothing in this Policy shall be construed as conferring exclusive court jurisdiction in a manner inconsistent with the arbitration clause in the Terms of Use. Either party may seek urgent interim relief from courts of competent jurisdiction in Bengaluru.