Privacy Policy

This Privacy Policy explains how Timatsu LLC ("Timatsu," "we," "us," or "our") collects, uses, shares, and protects information when you visit timatsu.com (the "Website"). Timatsu LLC is a design and engineering studio organized in the State of North Carolina, United States. We have written this policy in plain language because we would rather be clear than clever.

Please read Section 1 first. It explains an important distinction: this Website is separate from the applications Timatsu builds and from the independent ventures it highlights, and each of those has its own terms and privacy practices. The rest of this policy then describes how the Website itself handles information. Capitalized terms not defined here have the meaning given in our Terms of Service.

What This Policy Covers, and What It Does Not

Timatsu LLC is one company. As part of its work it designs and builds software applications, and its founder is involved in several independent ventures. This Website showcases that work. Because those things are easy to blur together, we want to draw the lines clearly and plainly. This is not a disclaimer written from fear; it is simply how the pieces actually fit.

This policy covers the Website

This policy applies to information collected through timatsu.com itself, for example when you browse the site or send a message through the contact form. That is the scope of this document.

Applications that Timatsu designs and builds are separate

Some of the work featured on this Website is software, including applications such as Timatsu OS, Vault, Venture, Vanguard, Benibel, and Mosko that Timatsu designs or builds for itself or for others. Those applications are distinct products. When you download, install, sign in to, or use one of those applications, your use is governed by that application's own terms of service and privacy policy, not by this one. The data you enter into an application is handled inside that application under its own notice and, in many cases, by a different operator or controller. Browsing this Website does not send your application data to us, and this policy does not describe how any particular application handles your information. For that, refer to the notice presented within or alongside the application itself.

The ventures highlighted here are separate

This Website highlights ventures connected to Timatsu's founder, including Horizen, Montlor, Benibel, Mosko, and Todloski. These ventures are independent and, where applicable, are separate legal entities with their own operations, ownership, websites, products, customers, staff, and privacy practices. They are featured on this Website to showcase the work and interests of Timatsu's founder, nothing more.

Featuring a venture here does not make it part of Timatsu LLC, does not create a partnership, joint venture, or agency relationship between Timatsu LLC and that venture, and does not make Timatsu LLC responsible for that venture's products, services, content, or data practices. If you visit a venture's own website, buy its products, or contact it directly, that interaction is governed by that venture's own terms and privacy policy, and any information you provide in that context is collected by that venture and not by Timatsu LLC through this Website.

Everywhere below, when we describe what "we" collect, we mean what Timatsu LLC collects through this Website, and nothing more.

Information We Collect

This Website is primarily an informational and portfolio site with a contact form. We aim to collect as little as possible. The categories below describe what the Website may collect.

Information you provide

When you use the contact form or otherwise email us, we collect the information you choose to send, which typically includes your name, your email address, and the contents of your message. If you provide additional details, such as your company or the nature of a project, we collect those as well. We use this information to read and respond to you.

AI assistant and inquiries

The Website may offer an assistant that converses with you and helps route your inquiry. When you use the assistant or a contact form, we collect the messages and details you send. To power the assistant and to summarize your inquiry, your messages are processed by a third-party AI provider (currently OpenRouter, which routes to underlying model providers) acting on our behalf, solely to operate the assistant. We retain these conversations and a short summary so we can respond, and so we can monitor, troubleshoot, secure, and improve the assistant; they are not used to advertise to you or to build advertising profiles about you. The assistant is for general help and is not a secure channel, so please do not enter passwords, payment details, or government identifiers, and contact us directly for anything sensitive.

Information collected automatically

When you visit the Website, our hosting and network providers automatically receive standard technical information that your browser and device send in order to load a web page. This may include your IP address, browser type and version, device and operating system information, the pages and resources you request, referring URLs, and the date and time of your visit. This information is used to operate, secure, and improve the Website, and to prevent abuse such as spam or automated attacks on the contact form.

Cookies and similar technologies

The Website uses a small number of cookies and similar local-storage technologies. These include strictly necessary items that help the site load and function and that support security and abuse prevention, along with preference items that remember choices such as your theme or your response to the cookie notice. The Website is not built around advertising, and we do not use cookies to build advertising profiles about you or to track you across other companies' websites. You can control or clear cookies through your browser settings; some conveniences may not work as well if you do.

What we do not collect

The Website does not knowingly collect payment card numbers, government identifiers, precise geolocation, biometric data, or special categories of sensitive data. We do not collect information from the separate ventures described in Section 1.

Categories of Personal Information (for reference)

For the benefit of readers in jurisdictions that ask businesses to map their collection to standard categories (such as California), the personal information the Website may collect falls into these categories: identifiers (such as name, email address, and IP address); internet or other electronic network activity (such as pages requested and basic device and browser information); and the contents of communications you choose to send us. We collect these from you directly and from the technical metadata your browser transmits. We do not collect the other statutory categories, such as financial account data, biometric information, precise geolocation, or protected classification characteristics.

How We Use Information

We use the information described above to: operate, maintain, and secure the Website; respond to your messages and inquiries; understand, in aggregate, how the Website is used so we can improve it; detect, prevent, and address spam, fraud, abuse, and technical problems; and comply with our legal obligations and enforce our Terms of Service. If you contact us about a potential engagement, we use your information to discuss and, if we move forward, to carry out that work under a separate agreement.

We do not use your information to make automated decisions that produce legal or similarly significant effects about you.

How We Share Information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising or for other companies' marketing. We share information only in these limited situations:

• Service providers. We use a small set of vendors to run the Website. They process information on our behalf, only as needed to provide their service to us, and are expected to protect it. See Section 6.
• Legal and safety. We may disclose information if required by law, regulation, legal process, or a governmental request, or where we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Timatsu LLC, our visitors, or the public, or to investigate fraud or abuse.
• Business transfers. If Timatsu LLC is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction. We will take reasonable steps to ensure it remains subject to protections consistent with this policy, and we will note any change of control here.

We do not share information you send us with the separate applications or ventures described in Section 1 unless you have specifically asked us to connect you, in which case we only pass along what is needed to make the introduction.

Service Providers

The Website relies on a few third-party providers to function. The main ones, and the information they may process, are:

• Vercel for hosting and content delivery, which processes connection metadata such as IP addresses and request headers in order to serve the site. Vercel privacy policy.
• Supabase for secure storage of contact-form submissions and related operational data such as rate-limiting records. Supabase privacy policy.
• Resend for delivering the emails generated by the contact form, which receives the name, email address, and message needed to send and acknowledge your inquiry. Resend privacy policy.
• OpenRouter for powering the website assistant, which processes the messages you send to the assistant in order to generate replies and a short summary. OpenRouter privacy policy.

We may use additional providers for security, monitoring, or infrastructure, including DNS and network protection services such as Cloudflare. We choose providers based in part on their data-protection practices, and they are expected to use information only to provide their service to us.

Data Retention

We keep information only for as long as we need it. Messages you send through the contact form are retained for as long as reasonably necessary to respond to you, to maintain a record of our correspondence, and to carry out or document any engagement that results, after which they are deleted or archived. Technical logs are kept for a limited period for security and diagnostics. We may retain information longer where required to comply with a legal obligation, resolve a dispute, or enforce our agreements.

Data Security

We use reasonable technical and organizational measures designed to protect information against unauthorized access, alteration, disclosure, or destruction, including transport encryption and access controls at our providers. No website or method of transmission or storage is perfectly secure, so we cannot guarantee absolute security, but we work to keep what we collect safe and to collect little in the first place.

Your Rights and Choices

Depending on where you live, you may have some or all of the following rights regarding personal information we hold about you: to access or receive a copy of it; to correct it; to delete it; to opt out of its sale or sharing (we do not sell or share it for advertising); and to limit certain processing. You also have the right not to be treated differently for exercising these rights.

To make a request, email us at hello@timatsu.com. We will verify your request, usually by confirming you control the email address involved, and respond within the timeframe required by applicable law, generally within 30 to 45 days. You may use an authorized agent where the law allows, and we may ask for confirmation of their authority.

The Website honors the Global Privacy Control (GPC) and similar browser-based opt-out preference signals as a valid request to opt out of any sale or sharing of personal information. Because there is no common standard for "Do Not Track" browser signals, the Website does not respond to them separately.

United States State Privacy Rights

A growing number of U.S. states, including California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others, have comprehensive consumer privacy laws. If you are a resident of such a state, you may have the rights described in Section 9, including the right to know what personal information is collected and how it is used, the right to access, correct, and delete it, the right to opt out of any sale or sharing and of targeted advertising, and, in some states, the right to appeal a decision on your request. We do not sell personal information, and we do not process it for targeted advertising. To exercise your rights, or to appeal, contact hello@timatsu.com.

Residents of the EEA, the UK, and Switzerland (GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, Timatsu LLC is the controller of the limited personal data this Website processes. Our legal bases are: your consent (for non-essential cookies and for choosing to contact us); our legitimate interests in operating, securing, and improving the Website and in responding to inquiries, where those interests are not overridden by your rights; the performance of, or steps toward, a contract when you ask us about an engagement; and compliance with legal obligations.

You have the rights of access, rectification, erasure, restriction, objection, and portability, the right to withdraw consent at any time, and the right to lodge a complaint with your local supervisory authority. To exercise these rights, contact hello@timatsu.com.

International Data Transfers

Timatsu LLC is based in the United States, and our providers may process information in the United States and other countries. If you access the Website from outside the United States, you understand that information may be transferred to and processed in countries whose data-protection laws may differ from those where you live. Where required, we rely on appropriate safeguards, such as standard contractual clauses, for these transfers.

Children's Privacy

The Website is intended for adults and is not directed to children. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us information through this Website, contact us and we will delete it.

Third-Party Websites and Links

The Website links to other websites, including those of the applications and ventures described in Section 1 and the privacy policies of our providers. We do not control those sites, and this policy does not apply to them. When you follow a link, the destination's own privacy policy governs.

Changes to This Policy

We may update this Privacy Policy as the Website evolves. When we do, we will revise the "Last updated" date above, and for material changes we will provide more prominent notice on the Website. Your continued use of the Website after an update means you accept the revised policy.

Contact

Questions about this Privacy Policy, or about how the Website handles your information, can be sent to hello@timatsu.com. For questions about a specific application or venture, please use the contact details provided by that application or venture, since those are handled separately as described in Section 1.