Privacy Policy

How tells handles the messages and profiles you bring to it.

Effective date: 2 May 2026 · Version 2026-05-02 · 18+ only · Data controller: voiddo (Israel; doing business as "vøiddo") · No EU establishment

1. Who we are — data controller

tells is operated by voiddo (doing business as "vøiddo"), a six-person studio based in Israel, shipping AI-flavoured tools, browser extensions and weird browser games. "voiddo" is the legal business name; "vøiddo" (with stroked-ø) is the stylized brand wordmark used across our products. For the purposes of GDPR and equivalent regimes, voiddo is the data controller for personal data processed via tells.voiddo.com, the tells browser extensions, the tells API, and the tells PWA. Contact: support@voiddo.com. tells is part of the vøiddo product portfolio at voiddo.com.

EU representative. vøiddo does not currently maintain an establishment in the European Union. [OWNER-CONFIRM]: appointment of an Article 27 GDPR representative for the EU is on the regulatory roadmap. Until appointment, EU and EEA data subjects may exercise all GDPR rights directly via support@voiddo.com; we honour the same procedural and timing rules as if a representative were in place.

UK GDPR. The same applies to UK residents — direct contact at support@voiddo.com.

For B2B / white-label customers — see the Data Processing Agreement; in that relationship vøiddo acts as data processor for the practitioner / enterprise's clients, and the practitioner / enterprise is the controller.

2. What tells receives

• Account data: email address, hashed password (bcrypt cost 12), preferred language, selected onboarding spotlight, plan tier, billing-cycle counters.
• The text you submit for analysis — messages, profile excerpts, voice-coach drafts. This is the most sensitive data tells handles.
• Tracked persons — display labels you assign to people whose messages you are analyzing over time. Display names are encrypted at rest when you enable Patterns mode.
• Operational metadata — request timestamps, IP at signup (used for fraud-flag checks only, never exposed in API responses), token counts and model used for cost accounting.

3. Process and forget — the default

For the Free, Starter, and Pro tiers without Patterns mode enabled, the message text and profile content you submit are processed in memory, sent to tells AI v1.0, the analysis is returned to you, and the inputs are not retained. The analysis output is stored so that you can return to your history; both inputs and outputs are hard-deleted 90 days after creation regardless of plan.

4. Patterns mode (Pro / Forensic, opt-in only)

When you explicitly enable Patterns mode, tells stores both the input and the output of each analysis to support the diff-over-time feature. All data stored in this mode is encrypted at rest with AES-256-GCM. The encryption key is held in a separate environment-variable scope, not in the database. A snapshot of the encrypted analysis cannot be read without both the database row and the key — they are kept apart.

5. Crisis detection

tells runs a locale-aware keyword scan on every submitted message before sending it to tells AI v1.0. If a crisis keyword (suicide ideation, self-harm, imminent abuse) is detected, the analysis still runs but the response includes localized hotline resources for your country and a clear disclaimer. tells is not a substitute for professional help. If you or someone you know is in crisis, please use the resources provided in the response.

6. We do not use your data for training

Inputs and outputs from your tells analyses are never used to train, fine-tune, or evaluate tells AI v1.0. The engine is trained and calibrated separately on volunteer cohorts and internal evaluation sets, never on customer submissions.

7. Sub-processors and third parties

tells AI v1.0 is our proprietary analysis engine: prompts, cultural framing, output schemas, post-processing, quality gates, and product behaviour are vøiddo work. vøiddo AI infrastructure processes the analysis step under contractual data-protection terms. The full sub-processor list is published at /legal/sub-processors.html for vendor due-diligence reviewers.

• tells AI v1.0 inference infrastructure — receives the message or profile text plus our system prompt to perform the analysis step under enterprise data-protection terms; not used for model training.
• Paddle — Merchant of Record for all paid plans. Handles billing, taxes/VAT, chargebacks. Receives your email and billing address; never receives the content of your analyses. Privacy.
• Sentry — error tracking. PII scrubbing is enabled (send_default_pii=False); request bodies are not forwarded.
• Plausible Analytics — page-view-level statistics on the marketing site. No cookies. No content-level analytics — never on the body of an analysis.

8. Your rights — GDPR / CCPA

Regardless of jurisdiction, tells gives every user:

• Right to export — full JSON export of your account, history, and tracked-person labels via Settings → Privacy.
• Right to delete — account deletion clears every row associated with you (analyses, snapshots, refresh tokens, feedback) within 30 days. Audit-log entries necessary for fraud and billing reconciliation are retained as required by law.
• Right to rectify — you can edit your email, preferred language, and spotlight at any time.
• Right to opt out — Patterns mode is opt-in; switching it off purges all snapshots in addition to stopping further storage.

9. Auto-purge — 90 days

A daily background task hard-deletes every analysis row whose expires_at column has passed. This applies to all tiers, with or without Patterns mode. For tiered access to longer history, request export via Settings → Privacy before the cycle elapses.

10. Cookies and similar technologies

tells uses only what is strictly necessary for the application to function:

• Session JWT — held client-side (memory + refresh token), used to authenticate API calls.
• Refresh-token cookie — HttpOnly, Secure, SameSite=Lax. Used to renew the session.
• Locale preference — localStorage value tells_lang remembering your selected language. Optional, you may clear it any time.
• Local bot guard — a first-party proof-of-work challenge loaded on register / login / forgot-password and paid checkout. It runs in your browser, sends no data to an external challenge provider, and does not place advertising cookies.

There are no advertising cookies, no third-party trackers on the application surface, no Facebook Pixel, no Google Analytics, no LinkedIn Insight, no cross-site identifiers, no fingerprinting scripts. Plausible Analytics on the marketing page is cookie-less by design. No consent banner is therefore required for the application surface; the marketing page declares its single page-view counter in plain text.

11. International data transfers — SCCs and equivalent

vøiddo is established in Israel. Israel is recognised by the European Commission as providing adequate protection for personal data transferred from the EEA (Commission Decision 2011/61/EU). Transfers from the EEA to vøiddo therefore rely on the EU adequacy finding for Israel as their primary lawful basis.

From vøiddo, personal data is transferred to the following countries during processing:

• To the United States or to EU regions, depending on routing — vøiddo AI infrastructure (AI inference infrastructure sub-processor · vøiddo AI infrastructure) for the analysis step of tells AI v1.0. The transfer relies on the EU adequacy decision where applicable and the EU Standard Contractual Clauses (SCCs, Module 2 — Controller to Processor) incorporated by reference into the vøiddo AI infrastructure Data Processing Addendum.
• To the United States — Sentry for error-tracking metadata only (no analysis content, PII scrubbing on). Transfer relies on the EU SCCs incorporated into the Sentry DPA.
• Within the EEA — Plausible Analytics (Germany) for marketing-page page-view counters only.
• To the United Kingdom and to international banking corridors — Paddle (UK) for billing. Transfer relies on the UK adequacy regulations and the EU SCCs incorporated into the Paddle DPA.

Where the EU adequacy finding for Israel is challenged or withdrawn, we will fall back to SCCs (Module 1 — Controller to Controller) for direct transfers from EEA data subjects to vøiddo and notify by email.

12. Your rights — California (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (as amended by CPRA) gives you the rights below, in addition to the GDPR-style rights in §8 above. We honour all of them globally as a baseline.

• Right to know — what personal information we have collected about you, the categories of sources, the purposes, the categories of third parties with whom we share it. The full disclosure is in §2 (what we receive) and §7 (sub-processors). The one-click export at Settings → Privacy returns a JSON copy of every row associated with you.
• Right to delete — one-click "Delete account" performs hard deletion + cryptographic deletion as described in §8 above and §5 of the DPA.
• Right to correct — edit your email, preferred language, and spotlight at any time in Settings.
• Right to opt out of "sale" or "sharing" of personal information. vøiddo does not sell your personal information and does not share it for cross-context behavioural advertising. There is no Sale/Share to opt out of. We make this commitment formally and put no other party in a position where it would be possible. If this ever changes, we will publish a "Do Not Sell or Share My Personal Information" link on every page before any such activity begins.
• Right to limit use of sensitive personal information. The text you submit may incidentally include sensitive personal information about you or third parties (health, sexuality, religion, etc.). We use it only for the purpose for which you submitted it (producing your analysis) and never for inferring characteristics for advertising or targeting.
• Right to non-discrimination. Exercising any of the above rights will not result in denial of service, different pricing, or degraded quality. Our pricing is uniform per tier worldwide.
• Authorised agent. You may designate an agent to exercise these rights on your behalf. We may require proof of authorisation and verification of your identity.

To exercise California rights, contact support@voiddo.com with the subject line [CCPA REQUEST]. Statutory response deanalitikne is 45 days; we target 24 hours.

13. Children — 18+ only

tells is for users 18 years of age and older only. We do not knowingly collect personal information from anyone under 18. The Terms of Service §2 makes 18+ a registration prerequisite, and the registration form requires explicit confirmation. If we learn that we have collected personal information from a person under 18, we will delete that information and the associated account. If you believe a person under 18 has provided us personal information, contact support@voiddo.com immediately.

This policy is stricter than COPPA (under 13) and stricter than GDPR's 16-year-old consent floor; we treat 18+ as an absolute floor across every jurisdiction tells operates in.

14. Lawful basis for processing — GDPR Art. 6

Where GDPR applies, the lawful bases on which vøiddo processes personal data are:

• Performance of a contract (Art. 6(1)(b)) — processing your account email, password hash, plan, usage counters, and analysis inputs/outputs is necessary to provide the service you signed up for.
• Legitimate interests (Art. 6(1)(f)) — operational security (signup-IP fraud-flag check, lockout counters, rate-limit metadata), service-improvement aggregates that contain no content, structured-error-log forwarding to Sentry. The balancing test in each case favours processing because the data is minimal, technical, and not used for any user-affecting decision.
• Consent (Art. 6(1)(a)) — Patterns mode opt-in, optional analytics, marketing emails (where opted in). Consent can be withdrawn at any time in Settings → Privacy; withdrawal does not affect the lawfulness of processing before withdrawal.
• Legal obligation (Art. 6(1)(c)) — retention of billing audit entries for tax-law minimum periods.

tells does not rely on Art. 6(1)(d) (vital interests) or Art. 6(1)(e) (public task).

15. Sensitive categories of personal data — GDPR Art. 9

The text you submit may incidentally include special-category data — health information, sexuality, religious belief, political opinion, ethnic origin. We do not solicit it; we do not infer it; we do not use it for any purpose other than producing the analysis you requested. To the extent your submission of such data is itself the relevant Art. 9 processing, our lawful basis is your explicit consent (Art. 9(2)(a)), provided at registration via the compound consent block and renewed every time you submit a new piece of text. You may withdraw at any time by deleting your account.

16. Right to lodge a complaint

If you believe vøiddo's processing of your personal data infringes GDPR, you have the right to lodge a complaint with a supervisory authority. The supervisory authority of your habitual residence, place of work, or place of the alleged infringement is competent. A list of EEA supervisory authorities is published at edpb.europa.eu. We would, of course, prefer to fix any concern directly first — support@voiddo.com.

17. Automated decision-making — none in scope of GDPR Art. 22

tells does not use your personal data to make decisions producing legal effects on you or significantly affecting you. The analysis output is itself an artefact you read; we never automatically decide on your behalf to grant / refuse credit, employment, insurance, or any similar outcome. The Voice coach generates suggested wordings; the choice to send any wording is always yours. The crisis-keyword scan triggers display of localised hotline information; it does not contact emergency services on your behalf and does not classify you in a permanent way.

18. Cookies and similar technologies — see §10

(Renumbered for clarity; the substance is in §10 above.)

19. Changes to this policy

Material changes will be notified via email to all active accounts at least 30 days before they take effect. The "Effective date" at the top of this page is the source of truth for the current version. Non-material changes (typo fixes, clarifications, sub-processor list updates without addition of any content-receiving vendor) may be applied without notice; the version-string at the top of this page reflects every change.

20. Contact and rights requests

Questions, concerns, or rights requests: support@voiddo.com. Use the subject prefixes [PRIVACY], [CCPA REQUEST], [GDPR REQUEST], or [PRIVACY TAKEDOWN] as appropriate so the message is routed correctly. We commit to acknowledging receipt within 5 working days and to substantive response within 30 days (45 days for CCPA).