Privacy Policy

Effective Date: Mar 30, 2024 Last Updated: Feb, 1 2026

Tufa is a trade name owned and operated by Tufa Pro Ltd (“we,” “us,” or “our”). We operate the SaaS application accessible from https://tufa.io/ (the “Service”).

One of our main priorities is the privacy of our visitors and users. This Privacy Policy document contains types of information that is collected and recorded by Tufa and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us at support@tufa.io.

1. Information We Collect

We collect information to provide our social media generation and scheduling services. This includes:

A. Personal Identification Information When you register for an account, we may ask for your contact information, including items such as your name, company name, email address, and payment information (processed via our third-party provider, Stripe).

B. Social Media Platform Data To provide our core service—generating and posting content—Tufa integrates with third-party social media platforms including, but not limited to, LinkedIn, X (Twitter), Facebook, Instagram, BlueSky, and Threads.

When you link a social media account, we store:

  • OAuth Access Tokens: Encrypted tokens that allow us to post on your behalf.

  • Basic Profile Information: Your profile name and avatar/image to identify the account within our dashboard.

We do not sell your personal data or social media data to third parties.

C. Content and Usage Data

  • User Inputs: Text prompts and media you upload for content generation.

  • Log Files: Standard logging of IP addresses, browser type, ISP, date/time stamps, and referring/exit pages. This is used for analyzing trends and administering the site.

2. How We Use Your Information

We use the information we collect in various ways, including to:

  • Provide, operate, and maintain our Service.

  • Process your transactions and manage your subscription.

  • Generate content using Artificial Intelligence (via Microsoft Azure).

  • Post content to your connected social media accounts upon your request.

  • Communicate with you regarding updates, support, or marketing.

  • Find and prevent fraud.

3. Artificial Intelligence and Data Privacy

Tufa utilizes Microsoft Azure to provide AI-generated content.

  • Privacy of Inputs: The text prompts and data you input into Tufa are sent to Azure for processing.

  • No Training on User Data: Your inputs and the generated outputs are private. They are not used to train the public AI models or shared with other users.

4. Data Retention and Account Deletion (Platform Term 4.b Compliance)

We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.

How to Request Data Deletion: You have the right to request the deletion of your account and all associated data at any time. You may do so using either of the following methods:

  1. Self-Serve Deletion (Recommended):

    • Log in to your Tufa account.

    • Navigate to Account Settings.

    • Click the “Delete Account” button.

    • Result: This action immediately removes your account, deletes all generated content, and revokes/deletes all stored social media access tokens.

  2. Email Request:

    • Send an email to support@tufa.io with the subject line “Request for Account Deletion.”

    • We will process your request and confirm deletion within 7 business days.

Revoking Social Media Access: You may also disconnect Tufa from your social media accounts at any time via the settings menu within the respective social media platform (e.g., via Facebook Business Integrations or Twitter Apps).

5. Third-Party Service Providers

We may share your data with trusted third-party service providers solely for the purpose of operating our business. These include:

  • AWS (Amazon Web Services): For secure cloud hosting and infrastructure.

  • Stripe: For payment processing. We do not store your full credit card details on our servers.

  • Microsoft Azure: For AI content generation.

Advertising: While we generally do not display third-party advertisements within our SaaS dashboard, we may use cookies and tracking technologies (like Google Analytics) on our public-facing website to analyze traffic and marketing effectiveness. You can choose to disable cookies through your individual browser options.

6. General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Tufa Pro Ltd aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information.

Your rights include:

  • The right to access, update, or delete the information we have on you.

  • The right of rectification.

  • The right to object.

  • The right of restriction.

  • The right to data portability.

  • The right to withdraw consent.

To exercise these rights, please contact us at support@tufa.io.

7. Children’s Information

Tufa does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately, and we will do our best efforts to promptly remove such information from our records.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

9. Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us.

Tufa Pro Ltd 124 City Road London, EC1V 2NX United Kingdom Email: support@tufa.io