Privacy Policy of Tegas LTD

Effective date: 01.09.2025

For the purpose of this Privacy Policy, the following terms shall have the meanings given below:

• “Personal Data” means any information relating to an identified or identifiable natural person (the “User”), such as name, email address, payment details, IP address, or device identifiers.
• “Services” means the online platform Tegas (https://tegas.ai) and related features (AI-based video generation, editing, voiceover, music, stock materials, etc.).
• “Website” means the official website of Tegas LTD at https://tegas.ai.
• “Processing” means any operation performed on Personal Data, whether automated or not, including collection, storage, use, disclosure, transfer, or deletion.
• “Cookies” means small text files placed on the User’s device that collect certain information for technical, functional, analytical, or marketing purposes.

Tegas LTD and its subsidiaries and affiliates (“we”, “our”, “us”) are committed to protecting and respecting your privacy.

For the purpose of the General Data Protection Regulation (GDPR) and other applicable data protection laws, Tegas LTD is the data controller.

This Privacy Policy sets out the basis on which we will process any Personal Data or usage information we collect from you, or that you provide to us, in connection with your use of our Website and Services.

If you do not agree with this Privacy Policy in general or any part of it, you should not access or use the Website and Services.

We process Personal Data on the following legal bases under GDPR:

• Contractual necessity – to perform our obligations, including account registration, payment processing, and delivery of Services.
• Consent – for sending newsletters, promotional communications, or setting analytical and marketing Cookies (separate consent is obtained via Cookie banner).
• Legitimate interests – to improve user experience, ensure security, prevent fraud, and analyze usage trends.
• Legal obligation – to comply with applicable tax, accounting, or regulatory requirements.

We may collect and process the following categories of data:

• Information you provide: name, email address, telephone, payment details.
• Account data: login method (Google, Apple ID, magic link), subscription plan, usage history.
• Transaction data: payment card details (processed by third-party providers), invoices, billing history.
• Communications: support requests, feedback, messages.
• Technical information: IP address, device details, operating system, browser type, and log data.
• Cookies and tracking data: collected via Cookies and analytics tools (see Section 5).

We use Cookies to:

• Authenticate Users and maintain sessions.
• Remember preferences and personalize Services.
• Analyze usage and improve performance.
• Deliver marketing and advertising content.

Types of Cookies used:

• Functional Cookies (essential for the operation of Services).
• Analytical Cookies (e.g., Google Analytics).
• Marketing Cookies (e.g., Meta Pixel).

We request your explicit consent for analytical and marketing Cookies via a Cookie Consent Banner. You may manage your preferences through your browser settings or the banner options.

For more details, please see our separate Cookie Policy.

Your Personal Data may be transferred to and processed in countries outside your place of residence, including the US and other non-EEA jurisdictions.

We use the latest EU Standard Contractual Clauses (2021 version) and, where required, conduct Transfer Impact Assessments (TIA) to ensure that your data is protected at a level equivalent to EU standards.

We retain Personal Data only as long as necessary for the purposes described:

• Account data: until deletion by the User + a reasonable backup period (up to 12 months) for dispute resolution.
• Payment and billing data: up to 7 years to comply with accounting and tax laws.
• Marketing data: until the User withdraws consent.
• Technical logs: up to 12 months, unless longer retention is required for security purposes.

Under GDPR, CPRA, and other applicable laws, you have the following rights:

• Access – to know whether we process your data and obtain a copy.
• Correction – to rectify inaccurate or incomplete data.
• Erasure – to request deletion (“right to be forgotten”).
• Restriction – to limit processing in specific circumstances.
• Data portability – to receive your data in a structured, machine-readable format.
• Objection – to object to processing, including for marketing purposes.
• No automated decision-making – the right not to be subject to automated decisions or profiling without human involvement.
• Response timeframe – we will respond to your request within 30 days.

For California residents (CCPA/CPRA):

• Right to know what categories of Personal Data are collected and how they are used.
• Right to request correction of inaccurate information.
• Right to limit the use of sensitive Personal Data.
• Right to opt out of data sharing for marketing purposes (we do not sell data).

You can exercise your rights by contacting us at hello@tegas.ai. We may verify your identity before processing the request.

We use technical and organizational measures consistent with industry standards, including encryption, access control, and monitoring, to protect your Personal Data against unauthorized access, loss, or alteration.

However, no method of transmission over the Internet is completely secure. We cannot guarantee absolute protection, but we take reasonable steps to minimize risks.

Our Services are not directed to individuals under 16 years of age in the European Economic Area (EEA) and under 13 years of age elsewhere.

We do not knowingly collect data from children. If we become aware that we have collected Personal Data from a child, we will delete it immediately.

We may update this Privacy Policy from time to time.

In case of material changes, we will notify Users by e-mail or via their Account, in addition to updating the “Last Updated” date.

If you are dissatisfied with our data processing, please contact us at hello@tegas.ai.

You also have the right to lodge a complaint with:

• Your local Data Protection Authority in the EU/EEA, or
• Your local authority in your country of residence.

Tegas LTD

Company Reg. No.: HE 479241

Registered address: 4630, Christou Samara, 7, Erimi, Limassol, Cyprus

Email: hello@tegas.ai