Skip to content

Privacy Policy

Last Updated: May 15, 2026

Plain English Summary

What this policy covers: This explains what information TinyFirm collects about you, why we collect it, how we protect it, and what rights you have over your data.

The short version: TinyFirm collects very little data. We need your email to communicate with you, your company info from the apply form to assess fit, and Stripe handles your payment. We never see or store your credit card number. We don’t track you across the web, we don’t sell your data, and we don’t use advertising cookies. The TinyFirm product runs entirely on your local machine.

Your rights: You can request a copy of all data we have about you, ask us to delete it, or correct inaccuracies. Email contact@tinyfirm.dev and we’ll handle it within 30 days.

Effective Date: May 15, 2026

1. Introduction

1.1. This Privacy Policy describes how TinyFirm, operated by Tartarian Tech Solutions LLC, collects, uses, stores, and protects personal information when you visit tinyfirm.dev, apply for our services, or subscribe.

1.2. TinyFirm is the data controller for information collected through our website and subscription process.

2. Information We Collect

2.1. Apply Form Submissions: Company name, role/title, team size, Cursor usage, project description, timeline, and optional additional information.

2.2. Contact Information: Email address for communication.

2.3. Payment Information: Processed entirely by Stripe. TinyFirm does NOT collect, store, or access credit card numbers, bank details, or security codes.

2.4. GitHub Username: For repository access management.

2.5. Communication Records: Email correspondence related to subscription and support.

2.6. Scheduling Data: Name and email via Cal.com for booking calls.

3. Information We Do NOT Collect

3.1. Workspace Data: TinyFirm does NOT access, collect, store, monitor, or process any data from your local workspace, including source code, AI-generated code, agent memory, project plans, or file contents.

3.2. Usage Telemetry: The TinyFirm product does not phone home or send telemetry.

3.3. Browsing Behavior: No analytics service is currently used. No tracking of page views or clicks.

3.4. Third-Party Tracking: No tracking pixels, advertising cookies, social media widgets, or third-party tracking technology.

4. How We Use Your Information

4.1. Apply form submissions: Assess fit for service. Email: Service communications. Payment (via Stripe): Process payments. GitHub username: Repository access. Communication records: Support and dispute resolution.

4.2. We do NOT use your information for advertising, selling to third parties, profiling, or training AI models.

5. Data Sharing and Third Parties

5.1. We share data only with: Stripe (payment processing), GitHub (repository access), Cal.com (scheduling), and Tuta (email communication).

5.2. We do not sell, rent, or trade your personal information.

5.3. We may disclose information if required by law.

5.4. In a business transfer, we will notify you before your data becomes subject to a different policy.

6. Cookies and Tracking

6.1. TinyFirm’s website uses minimal cookies: session cookies only (if any), no persistent cookies, no third-party cookies, no advertising or tracking cookies.

7. Analytics (Planned)

7.1. TinyFirm plans to implement Plausible Analytics, a privacy-focused, cookie-free, GDPR-compliant analytics service. This policy will be updated when implemented.

8. Data Retention

8.1. Apply form submissions (non-subscribers): 12 months. Subscriber info: Duration + 12 months. Payment records: 7 years. Communication records: Duration + 24 months. GitHub username: Removed upon cancellation.

8.2. After retention, data is permanently deleted or anonymized.

8.3. You may request earlier deletion at any time.

9. Your Rights

9.1. All Users: Right to Access, Correction, Deletion, and to Object.

9.2. EU/EEA Residents (GDPR): Data Portability, Restrict Processing, Withdraw Consent, Lodge a Complaint.

9.3. California Residents (CCPA): Right to Know, Delete, Opt-Out of Sale (satisfied by default), Non-Discrimination.

9.4. Send requests to contact@tinyfirm.dev with subject “Privacy Request.”

9.5. Acknowledged within 5 business days, fulfilled within 30 calendar days.

10. Data Security

10.1. We implement appropriate measures including encrypted email (Tuta), access controls, secure payment processing via Stripe (PCI-DSS Level 1), and private GitHub repository access controls.

10.2. Breach notification within 72 hours.

11. International Data Transfers

11.1. TinyFirm is based in the United States. EU/EEA transfers conducted under the EU-US Data Privacy Framework or Standard Contractual Clauses.

12. Children’s Privacy

12.1. Services are not directed at children under 16. We do not knowingly collect their information.

13. Changes to This Policy

13.1. Material changes communicated via email and prominent website notice for 30 days.

14. Contact Information

TinyFirm / Tartarian Tech Solutions LLC

Email: contact@tinyfirm.dev

Website: tinyfirm.dev

15. California-Specific Disclosures

15.1. TinyFirm does not sell personal information.

15.2. No financial incentives for data retention or sale.

15.3. Authorized agents may make requests with written authorization.