TaloJoin waitlist

Privacy Policy

Last updated: April 30, 2026

This Privacy Policy describes how Talo ("we", "us") collects, uses, and shares information when you use the Service. By using Talo you agree to the practices described here.

1. Information we collect

Information you provide

  • Account data: name, email, password hash.
  • Billing data: handled by our payment processor (Gumroad). We receive limited information such as your country, last 4 digits of card, and subscription status.
  • Candidate data you save in the app: profile URLs, names, headlines, notes, generated messages, and tags. You provide this voluntarily.
  • Support requests and any content you send us.

Information collected automatically

  • Usage analytics: page views, feature usage, performance metrics. Collected via privacy-respecting tools (e.g., PostHog) with no third-party advertising trackers.
  • Logs: IP address, browser, timestamps, error reports (e.g., Sentry).

2. What we do not collect

We do not collect or store credentials or authentication cookies for any third-party platform. We do not scrape third-party platforms. We do not sell your personal data. We do not use your candidate data to train AI models.

3. How we use information

  • To provide and improve the Service.
  • To process payments and prevent fraud.
  • To send transactional emails (account, billing, support).
  • To send product updates if you opt in.
  • To comply with legal obligations.

4. AI processing

When you generate a message, the candidate context you input is sent to our AI model provider (Anthropic) for inference. Per Anthropic's commercial terms, your inputs are not used to train their models. Generated outputs are stored in your Talo account until you delete them.

5. Sharing your information

We share information only with:

  • Service providers who help us run Talo (hosting, database, email, analytics, AI inference). These providers are bound by confidentiality and data-protection obligations.
  • Payment processors to handle billing.
  • Authorities when required by law.

6. International transfers

Our infrastructure is hosted on providers based in the EU and the United States. Where data is transferred outside your jurisdiction, we rely on appropriate safeguards (e.g., Standard Contractual Clauses).

7. Data retention

We retain your account data while your account is active. You may request deletion at any time by emailing privacy@talo.app. We will delete personal data within 30 days, subject to legal retention requirements (e.g., financial records).

8. Your rights

Depending on your location, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, email privacy@talo.app.

California residents (CCPA) and EU/UK residents (GDPR) have additional rights described in those laws. We do not sell personal information.

9. Security

We use industry-standard measures to protect your data, including TLS in transit, encryption at rest, row-level security in our database, and least-privilege access controls. No system is fully secure; you use the Service at your own risk.

10. Children

The Service is not directed to anyone under 18, and we do not knowingly collect personal data from children.

11. Changes to this Policy

We may update this Policy. Material changes will be communicated by email or in-product notice.

12. Contact

For privacy questions, email privacy@talo.app.