Privacy policy
What data Tixallo collects, how we use it, who can access it, and your rights — written in plain English. This is informational, not legal advice.
Last updated: 2 May 2026
This page summarises the practical version of our privacy practices. For specific legal questions or to exercise your rights as a data subject, contact us via the contact page.
Who we are
Tixallo is a customer support platform. When you sign up, you are the controller of the data your customers send into your workspace; Tixallo acts as a processor for that data.
What data we collect
Account data: name, work email, organisation name, plan, billing details (handled by our payments provider).
Workspace content: tickets, messages, attachments, customer records, knowledge base articles, automations and macros that you and your team create.
Usage telemetry: page views, feature usage, error reports and basic device/browser information so we can improve the product and debug issues.
Cookies: we use a small number of essential cookies for authentication and preferences. We don't run third-party advertising trackers in the product.
How we use it
To provide the service, send transactional emails (e.g. password resets, ticket notifications), bill you, send important product updates, and improve features. We don't sell your data and we don't use your customer support content to train third-party AI models.
Who can access your data
Your team members you invite, plus a small number of Tixallo staff who need access to operate, debug or support the service. Internal access is logged.
We share data with sub-processors strictly to deliver the service (cloud hosting, payments, transactional email). Our current sub-processor list and how we vet them is on the data processing page.
Where data is stored
Workspace data is stored on managed cloud infrastructure with encryption in transit (TLS) and at rest. We can describe our primary hosting region on request.
How long we keep it
For as long as your workspace is active. After you close a workspace we keep backups for a limited rolling window for disaster-recovery purposes, then delete. You can export or request deletion of customer records at any time.
Your rights
Depending on your jurisdiction (GDPR, UK GDPR, CCPA and similar) you have rights to access, correct, export or delete personal data we hold about you. Contact us via the contact page and we'll respond within a reasonable timeframe — usually within 30 days.
Changes to this policy
If we make material changes we'll update the "last updated" date at the top of this page and, where appropriate, notify workspace owners by email.
Questions about your data?
We'd rather answer in plain English than make you read paragraphs of jargon.