Privacy Policy

Effective: February 24, 2026

1. Data Controller

Aleksandr Beshkenadze ("BSHK") is the data controller responsible for Tish and the processing of personal data described in this Privacy Policy. For any data protection inquiries, contact [email protected].

2. Scope

This Privacy Policy explains how Tish collects, uses, stores, and protects personal information when you use the application and any related services. By using Tish, you acknowledge that you have read and understood this policy. If you do not agree, you must not use the Software.

3. Legal Basis for Processing (GDPR)

We process personal data only when we have a valid legal basis under the General Data Protection Regulation (GDPR). The legal bases we rely on include:

  • Contract performance: Processing necessary to provide Tish and fulfill licensing obligations.
  • Legitimate interests: Processing necessary for application stability, security, and improvement, where such interests are not overridden by your fundamental rights.
  • Legal obligation: Processing necessary to comply with applicable laws, including tax and accounting requirements.
  • Consent: Where you have provided explicit consent for specific processing activities. You may withdraw consent at any time.

4. Data We Collect

Tish may collect the following categories of data:

  • License and activation data: License key, activation status, machine identifier (hashed), activation date, and license tier.
  • Diagnostic data: Crash reports, error logs, application version, operating system version, and hardware model. This data is anonymized and does not contain personally identifiable information.
  • Usage analytics: Feature usage frequency, session duration, and general interaction patterns. All analytics are aggregated and anonymized.
  • Transaction data: Payment information is processed exclusively by third-party payment processors (see Section 8). We do not store credit card numbers, bank account details, or other financial credentials.

5. Data We Do NOT Collect

Tish explicitly does not collect:

  • Content you process (audio files, text, documents, images);
  • File names, file paths, or directory structures;
  • Email addresses, unless you voluntarily contact support;
  • Location data, GPS coordinates, or IP-based geolocation;
  • Keyboard input, clipboard contents, or screen recordings;
  • Contacts, calendar, or other personal data from your device;
  • Browsing history or data from other applications.

6. Local Processing

Where applicable, Tish processes all user content locally on your device. Audio, text, and other content are never transmitted to external servers. The application is designed with a privacy-first architecture where cloud connectivity is used only for licensing, updates, and optional diagnostic reporting.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Diagnostic data: Retained for a maximum of twelve (12) months from collection, then permanently deleted.
  • License data: Retained for the duration of your license plus thirty (30) days, or as required by law.
  • Transaction records: Retained as required by applicable tax and accounting regulations (typically up to seven years).
  • Support correspondence: Retained for up to twenty-four (24) months after resolution.

You may request earlier deletion of your data at any time (see Section 10).

8. Third-Party Services

Tish may integrate with the following third-party services, each governed by their own privacy policies:

  • Payment processors (e.g., Paddle, LemonSqueezy): Process payments and manage subscriptions. We receive only transaction confirmations and license entitlements — never raw payment credentials.
  • Error tracking (e.g., GlitchTip): Receives anonymized crash reports and error diagnostics to improve application stability.
  • Update services: Check for application updates. Only the current application version and platform are transmitted.

We select third-party processors that maintain appropriate security standards and GDPR compliance. We do not sell, rent, or trade your personal data to any third party.

9. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, and regular security assessments. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or in a jurisdiction with equivalent data protection laws, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete personal data.
  • Right to erasure ("right to be forgotten"): Request deletion of your personal data, subject to legal retention requirements.
  • Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format.
  • Right to restrict processing: Request limitation of processing in certain circumstances.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact [email protected]. We will respond within thirty (30) days.

11. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA. Where such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission or adequacy decisions. Aleksandr Beshkenadze ("BSHK") is based in Finland (EU member state), and primary data processing occurs within the EEA.

12. Children's Privacy

Tish is not intended for use by children under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately and we will take steps to delete such information.

13. Supervisory Authority

If you believe that our processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with a supervisory authority. In Finland, the competent authority is the Office of the Data Protection Ombudsman (tietosuoja.fi).

14. Changes to This Policy

Aleksandr Beshkenadze ("BSHK") reserves the right to update this Privacy Policy at any time. The updated version will be posted at this URL with a revised effective date. We encourage you to review this policy periodically. Your continued use of Tish after changes are posted constitutes acceptance of the updated policy.