Tag TaxonomyBack to home

Privacy Policy

Last updated: February 1, 2025

1. Introduction

This Privacy Policy explains how Tag Taxonomy ("the Service"), available at tag-taxonomy.app, collects, uses, stores, and protects your personal information. The Service is operated by the developer of Tag Taxonomy ("we", "us", or "our").

By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect personal information through our authentication provider, Clerk. This may include:

  • Email address
  • Full name
  • Profile picture (if provided through an OAuth provider)
  • Authentication tokens and session data

2.2 Project and Taxonomy Data

When you use the Service, we collect and store the content you create, including:

  • Project names and descriptions
  • Taxonomy nodes (labels, descriptions, hierarchical relationships)
  • Version history and commits of your taxonomy structures

2.3 Chat Messages

When you interact with the AI agent, we collect and store your chat messages and the AI's responses. These messages are necessary to provide the conversational taxonomy-building experience, maintain chat history across sessions, and process your requests through the AI model.

2.4 Usage Data

We may automatically collect certain information when you access the Service, including:

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and features used
  • Date and time of access
  • Referring URLs

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Authenticate your identity, manage your account, store your projects and taxonomies, and enable AI-powered taxonomy building.
  • Process AI Requests: Send your chat messages and relevant project context to OpenAI's API to generate AI-assisted taxonomy suggestions and responses.
  • Improve the Service: Analyze usage patterns to improve features, fix bugs, and enhance the user experience.
  • Communicate with You: Send essential service-related communications such as account verification, security alerts, and policy updates.
  • Ensure Security: Detect and prevent fraud, abuse, and other harmful activities.

4. Third-Party Services

We use the following third-party services to operate the Service. Each of these services has its own privacy policy governing how they handle your data:

4.1 Clerk (Authentication)

We use Clerk to manage user authentication and account management. Clerk processes your email address, name, and authentication data. Clerk may set cookies in your browser to manage sessions. For more information, see Clerk's Privacy Policy.

4.2 Neon (Database)

We use Neon as our PostgreSQL database provider to store your account data, projects, taxonomy structures, and chat messages. Your data is stored securely on Neon's infrastructure. For more information, see Neon's Privacy Policy.

4.3 OpenAI (AI Processing)

We use OpenAI's API to power the AI agent that helps you build taxonomies. When you interact with the AI agent, your chat messages and relevant project context are sent to OpenAI for processing. Please note:

  • Chat messages you send to the AI agent are transmitted to OpenAI's servers for processing.
  • OpenAI may process this data in accordance with their own data usage policies.
  • We use the API (not ChatGPT consumer product), which means OpenAI does not use your data to train their models by default under their API data usage policy.

For more information, see OpenAI's Privacy Policy.

4.4 Vercel (Hosting)

The Service is hosted on Vercel. Vercel may collect and process standard web server logs including IP addresses, request timestamps, and user agent strings. For more information, see Vercel's Privacy Policy.

5. Data Retention

We retain your personal information and project data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data is retained until you delete your account.
  • Project and taxonomy data is retained until you delete the project or your account.
  • Chat messages are retained as part of your project data and are deleted when the project or account is deleted.
  • Usage data may be retained in aggregated, anonymized form for analytics purposes even after account deletion.

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it by law.

6. Data Security

We take reasonable measures to protect your personal information from unauthorized access, use, alteration, and disclosure. These measures include:

  • Encryption of data in transit using TLS/SSL.
  • Secure authentication through Clerk with support for multi-factor authentication.
  • Database access controls and encryption at rest through Neon.
  • Regular review of our data collection and storage practices.

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your data.

7. Your Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal data:

  • Access: You can request a copy of the personal data we hold about you.
  • Correction: You can request that we correct inaccurate or incomplete personal data.
  • Deletion: You can request that we delete your personal data. You can also delete your projects and account directly through the Service.
  • Export: You can request a machine-readable export of your taxonomy data and project information.
  • Restriction: You can request that we restrict processing of your personal data under certain circumstances.
  • Objection: You can object to our processing of your personal data under certain circumstances.
  • Data portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.

To exercise any of these rights, please contact us at support@tag-taxonomy.app. We will respond to your request within 30 days.

8. GDPR Compliance

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

8.1 Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract: Processing necessary to provide the Service you requested (account management, project storage, AI processing).
  • Legitimate interest: Processing necessary for our legitimate interests (analytics, security, service improvement), balanced against your rights and freedoms.
  • Consent: Where we rely on your consent for specific processing activities, you may withdraw consent at any time.

8.2 International Data Transfers

Your data may be transferred to and processed in countries outside the EEA, including the United States, where our third-party service providers (Clerk, OpenAI, Neon, Vercel) operate. We ensure that appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where applicable.

8.3 Supervisory Authority

If you are located in the EEA, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your privacy rights.

9. Children's Privacy

The Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe we may have collected information from a child under 16, please contact us at support@tag-taxonomy.app.

10. Cookies

We use cookies and similar technologies to operate the Service. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically to stay informed about how we protect your data.

12. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: