Privacy Policy

Terp respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use, and safeguard your information across our web and mobile platforms.

Last Updated: January 22, 2026

1. Information We Collect

Web & Mobile Data Acquisition

1.1 Information You Provide Directly

We collect personal information that you voluntarily provide to us when you interact with our platform:

  • Account Information: Name, email address, phone number, password, profile picture, and account preferences.
  • Billing Information: Payment method details, billing address, and transaction history. Note that sensitive card data is handled directly by our certified payment processors.
  • Communication Data: Messages, feedback, support requests, and any correspondence with our team.
  • Profile Information: Bio, location, company details, and other professional attributes you choose to share.
  • Project Content: Documents, files, and data you upload or generate through Terp Services.

1.2 Information Collected Automatically

When you use our Services, we automatically capture technical footprint data:

  • Device Information: Device type, OS version, unique identifiers (IDFA/AAID), and mobile network data.
  • Usage Analytics: Features accessed, clickstream patterns, navigation paths, and duration of sessions.
  • Precise Location: General location (via IP); precise GPS coordinates only with your explicit mobile OS permission.
  • System Logs: IP addresses, browser agents, referring URLs, and error diagnostics.

1.3 Third-Party Data

We receive supplementary data from authorized third-party partners:

  • SSO Providers: Authentication data from Google, Apple, or Microsoft.
  • Service Partners: Risk assessment data from payment processors and analytics insights.

2. How We Collect Information

Methods of Collection

  • Direct Interaction: Through forms, settings, and support portals.
  • Automated Sensors: Via cookies, beacons, and local browser storage.
  • Native OS APIs: Requests to camera, calendar, or contacts on mobile devices.
  • Integrated Platforms: Data fetched through Webhooks and API integrations.

3. Why We Collect Data

Purpose of Processing

Service Delivery

Powering account maintenance, transaction processing, and core ERP functionality.

Communications

Critical system alerts, transactional notifications, and support responses.

Product Evolution

Analyzing usage to identify bottlenecks and develop new features.

Security & Compliance

Fraud detection, preventing unauthorized access, and meeting legal obligations.

4. Data Security

Your Protection is Priority

We employ "defense-in-depth" strategies to protect your information:

AES-256 At-Rest Encryption
TLS 1.3 In-Transit Encryption
Role-Based Access (RBAC)
Mandated Multi-Factor Auth
SOC2 Compliant Data Centers
Annual Penetration Testing

5. Data Sharing & Third Parties

Disclosure Ecosystem

We do not sell your data. Sharing only occurs with vetted partners:

Category Entity Example Purpose
Cloud Infra AWS, Google Cloud Hosting & Storage
Payments Stripe, PayPal Financial Processing
Analytics Sentry, Plausible Diagnostic Health

6. Cookies & Tracking

Digital Footprint Control

We use essential cookies for system integrity and functional cookies for your preferences. You can manage these via our Preference Center or your browser settings.

  • Essential: Login & CSRF protection.
  • Functional: Language & UI state.
  • Performance: Aggregated usage logs.
  • Marketing: Campaign attribution.

7. Your Privacy Rights

Global Compliance (GDPR/CCPA)

GDPR (Europe)

Access, rectification, erasure, and portability. Right to object and withdraw consent.

CCPA (California)

Right to know collection, right to delete, and right to opt-out of data sharing.

To exercise these rights, submit a request via privacy@terp.test.

8. International Transfers

Cross-Border Data Flows

Data may be processed outside your jurisdiction. We rely on Standard Contractual Clauses (SCCs) and adequacy decisions to ensure equivalent protection Levels.

9. Data Retention

Storage Policy

We keep data for the duration of your active account plus 90 days. Transactional records are retained for 7 years to meet tax compliance. Backups are purged on a 60-day rolling cycle.

10. Children's Privacy

COPPA Compliance

Terp services are strictly for users aged 13+. If we discover information from minors, we will trigger immediate permanent deletion.

11. Policy Updates

Evolutions & Changes

Material changes will be broadcast via email and in-app notifications. Continued use after updates constitutes acceptance of the revised terms.

12. Contact & DSAR

Privacy Officer

For Data Subject Access Requests (DSAR) or privacy inquiries, contact our Legal Team:

Email: privacy@terp.test

Response Target: < 30 Days

Acknowledgment

By utilizing the Terp ecosystem, you acknowledge you have reviewed the privacy practices detailed above. We remain committed to transparency as we evolve our technology.