Privacy Policy

Privacy Policy

Version 2.0 · Effective 2026-05-18 · Last reviewed 2026-05-18 · Questions? privacy@tangle.io

Who we are

Tangle Software Inc. (“Tangle”, “we”, “us”) is a Delaware corporation. We make a self-customizing ERP/MRP platform for small and mid-sized manufacturers. This Privacy Policy describes how we collect, use, and protect personal information through our marketing website at tangle.io and related properties.

If you’re a Tangle customer, the personal information you and your team enter into the Tangle platform itself is governed by the master subscription agreement and data processing addendum we’ve signed with you, not by this policy. This policy covers the public marketing site only.

Questions about anything below? Email privacy@tangle.io. The mailbox is monitored by Tangle’s CEO and COO.

What we collect

Information you give us directly. When you submit a form on tangle.io — to book a demo, ask a question, sign up for updates, or contact us — we collect what you put in the form. That’s typically your name, work email, company name, phone number, job title, and anything you choose to share in a free-text field.

Information we collect automatically. When you visit tangle.io, our analytics and customer-relationship tools record standard web data: your IP address, browser type and version, device type, operating system, the pages you visit, the order in which you visit them, how long you stay, and the page or campaign that referred you. Some of this is linked to a cookie that lets us recognize repeat visits. Full list of the tools and cookies involved is in our Cookie Policy and Sub-processors page.

Information from third parties. When you book a demo, we may enrich your contact record with publicly available information about your company (size, industry, location) from B2B data providers. This helps us prepare for the call and route the conversation to the right person on our team.

We do not collect payment or financial information through the marketing site. Tangle subscription billing happens inside the Tangle platform, governed by your customer agreement.

How we use it and our legal basis

We use the information above to:

• Respond to you. Reply to your demo request, answer your question, fulfill an information request.
• Run our sales process. Have follow-up conversations, share product information, schedule calls.
• Improve the site. Understand which pages are useful, where visitors get stuck, what’s working in our content.
• Keep the site working. Detect and prevent abuse, debug technical issues, comply with legal obligations.

Our legal basis for processing under the EU/UK GDPR is:

• Legitimate interests — for analytics, site improvement, and sales follow-up where you’ve shown interest by submitting a form.
• Contract — when we’re processing a demo request or onboarding, the processing is necessary to take steps at your request before entering into a customer agreement.
• Consent — for non-essential cookies and marketing emails, where you’ve opted in.
• Legal obligation — where we need to retain records to comply with US tax, financial, or other applicable law.

We do not sell personal information. We do not share it with advertising networks for cross-site behavioral advertising.

Who we share it with

We share personal information only with:

• Service providers (“sub-processors”) who help us run the site and the business — analytics tools, our CRM, hosting providers, live chat, transactional email. Full list, including what each one processes and where, is on our Sub-processors page. We update that list when it changes.
• Our employees and contractors who need access to do their jobs, under confidentiality obligations.
• Acquirers or successors if Tangle is acquired or merges with another company. We’ll notify you in that case and your information will continue to be protected by a policy at least as protective as this one.
• Authorities when we’re required to comply with a lawful subpoena, court order, or other legal process.

We do not share your information with any other third party for their own marketing or commercial purposes.

Where your information is stored

Personal information we collect through tangle.io is stored and processed in the United States by Tangle and our US-based sub-processors. We are a Delaware corporation; our hosting, CRM, and analytics tools are US companies running on US-based infrastructure.

If you are a resident of the European Economic Area, United Kingdom, or another jurisdiction with data-transfer rules, your information will be transferred to and processed in the US. Where required, we rely on the European Commission’s Standard Contractual Clauses (or the UK equivalent) with our sub-processors. You can request a copy of the relevant transfer agreement by emailing privacy@tangle.io.

How long we keep it

We keep personal information only as long as we have a legitimate reason to, and as long as is necessary to fulfill our statutory and legal obligations. When the purpose ends and there’s no legal requirement to keep the record, we delete or anonymize it.

You can ask us to delete your information sooner — see “Your rights” below.

Your rights

You have rights over your personal information. The specifics depend on where you live.

Everyone can ask us to:

• Tell you what personal information we hold about you.
• Correct anything that’s wrong.
• Delete what we hold (subject to records we’re legally required to keep).
• Stop sending you marketing emails — use the unsubscribe link in any email, or email us.

If you’re a resident of the European Economic Area or United Kingdom, you additionally have rights under the GDPR to:

• Restrict or object to processing.
• Receive a portable copy of your information.
• Withdraw consent at any time where processing is based on consent.
• Lodge a complaint with your local data protection authority. We’re not established in the EU, so there’s no single supervisory authority for us — please contact the DPA where you reside.

If you’re a California resident, you have rights under the California Consumer Privacy Act (CCPA), as amended by the CPRA, to:

• Know what categories of personal information we collect about you and how we use them (this policy describes them).
• Request a copy of what we hold about you.
• Request deletion of your personal information.
• Opt out of “sale” or “sharing” of your personal information. We do not sell your information, and we do not share it for cross-context behavioral advertising as defined by the CPRA. You can confirm or change this preference by emailing privacy@tangle.io.
• Be free from discrimination for exercising any of these rights.

To exercise any right above, email privacy@tangle.io. We’ll respond within the time period the applicable law requires — typically 30 days under the GDPR and 45 days under the CCPA.

How we keep your information safe

We use commercially reasonable technical and organizational measures to protect your information: encryption in transit (TLS), access controls on our internal tools, principle of least privilege for who sees what, and audit logs. No system is 100% secure; we don’t promise perfect security, but we work hard at it. If we learn of a breach that affects you, we’ll notify you and the relevant authorities as required by applicable law.

Children

Tangle’s services are for businesses, not children. We don’t knowingly collect personal information from anyone under 13 years old. If you believe a child has submitted information to us, email privacy@tangle.io and we will delete it.

Changes to this policy

We may update this policy from time to time. The version and effective date at the top will change, and material changes will be highlighted on this page for at least 30 days. If a change is significant (for example, a new category of processing, or a new sub-processor that meaningfully changes the data flow), we’ll notify form-submitters who have given us their email.

Contact

Tangle Software Inc. A Delaware corporation Email: privacy@tangle.io

For platform / customer-data questions, contact your customer success owner directly.