TigerFlow AI

Privacy Policy

Last Updated: December 28, 2025

1. Introduction

Welcome to TigerFlow AI ("we," "our," or "us"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.tigerflowai.com or use our services.

Contact Information:

We comply with the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws. If you have any questions about this policy, please contact us using the details above.

2. Information We Collect

We collect personal data that you provide directly, such as:

  • Name, email address, phone number, and payment information when you purchase our services or request a demo.

  • Business details, such as brokerage name, team size, and operational preferences, to customize our AI automation tools.

We also collect data automatically:

  • Device information (e.g., IP address, browser type, operating system).

  • Usage data (e.g., pages visited, time spent on site) via cookies and similar technologies (see Section 6 for Cookie Policy).

  • AI interaction data, such as lead information or queries processed through our 24/7 AI voice and text handling system.

If you integrate our services with third-party platforms (e.g., CRMs, calendars, or payment gateways), we may collect data from those sources with your consent.

3. How We Use Your Information

We use your personal data to:

  • Provide and improve our AI-powered services, including 24/7 lead response, automated booking, and client management for real estate brokerages.

  • Process one-time payments for our team packages (ranging from £14,997 to £64,997 plus VAT, depending on team size—see www.tigerflowai.com for current rates).

  • Communicate with you about your account, system updates, or support requests.

  • Analyse usage to enhance AI algorithms and service performance.

  • Comply with legal obligations, such as UK tax requirements (see Section 8 for retention periods).

We process data based on legal grounds under UK GDPR, including your consent, contract performance, or legitimate interests (e.g., improving services).

4. AI Processing Disclosures

Our services use artificial intelligence to automate tasks like 24/7 lead response, appointment scheduling, and client interactions. AI models may process your inputs (e.g., lead data or client queries) to generate outputs. We ensure AI processing is transparent and secure:

  • Data fed into AI is anonymized where possible.

  • We do not use your data to train external AI models without explicit consent.

  • Outputs are reviewed for accuracy, but AI may occasionally produce errors—users are responsible for verifying results and maintaining oversight of AI-generated communications.

5. Sharing and Disclosure of Information

We may share your data with:

  • Service providers (e.g., payment processors like Stripe, hosting services, AI infrastructure providers) under strict data processing agreements.

  • Legal authorities if required by law (e.g., for tax audits, investigations, or court orders).

  • In the event of a business merger, acquisition, or sale of assets.

We do not sell your personal data to third parties.

6. Cookie Policy

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: For site functionality (e.g., session management).

  • Analytics Cookies: To track usage (e.g., Google Analytics—data is anonymized).

  • Marketing Cookies: For personalized ads (with your consent).

You can manage cookies via your browser settings. For more details, visit our cookie banner on the site. Rejecting cookies may limit site features.

7. Data Security Measures

We implement robust security to protect your data:

  • Encryption (SSL/TLS for data in transit, AES-256 for data at rest).

  • Access controls, multi-factor authentication, and regular security audits.

  • Firewalls, intrusion detection systems, and DDoS protection.

  • Employee training on data protection and confidentiality.

Despite these measures, no system is 100% secure. We will notify you and relevant authorities of any data breaches as required by UK GDPR within 72 hours of discovery.

8. Data Retention

We retain personal data for as long as necessary:

  • Account data: While your account is active, plus 7 years after termination for UK tax compliance (HMRC requirements).

  • Usage logs and analytics: Up to 2 years for service improvement.

  • AI training data: Anonymized and retained indefinitely for model improvement (with your consent).

  • After deletion requests, we anonymize or securely delete data where legally permissible.

9. Your Rights Under UK GDPR

You have the following rights regarding your data:

  • Access: Request a copy of your personal data.

  • Rectification: Correct inaccurate or incomplete data.

  • Erasure (Right to be Forgotten): Request deletion in certain circumstances.

  • Restriction: Limit how we process your data.

  • Portability: Receive your data in a machine-readable format.

  • Objection: Opt out of processing for marketing or legitimate interests.

  • Withdraw Consent: At any time, where processing is based on consent.

To exercise these rights, email us at [email protected]. We will respond within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

10. International Data Transfers

If we transfer data outside the UK (e.g., to EU or US-based service providers), we use UK GDPR-approved mechanisms such as Standard Contractual Clauses (SCCs) or adequacy decisions to ensure your data remains protected.

11. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.