Legal

Privacy Policy

Last updated: 8 July 2026

This policy explains what personal data Tallyrun collects, why we process it, who we share it with, and the rights you have. Tallyrun (“we”, “us”) is an AI automation studio operated by Mihail Kenarov, based in Eindhoven, the Netherlands. For anything in this policy, contact mihail@tallyrun.ai.

Who we are and our role

For this website, our own communications, and our outreach, Tallyrun is the data controller. When we build and run an automation for a client, we act as a data processoron that client’s behalf, and their privacy notice and our data processing agreement with them govern that work.

What we collect

  • Information you give us. When you book a call, email us, or otherwise get in touch: your name, email address, the times you select, and anything you choose to write to us.
  • The interactive demo. If you use the live agent on this site, the messages you type are sent to an AI model provider to generate a response. Please do not enter real client, medical, or otherwise sensitive information into the demo — it is an illustration, not a production intake system.
  • Business contact data for outreach. We may collect business contact details (name, role, firm, business email, public firm information) from public sources in order to contact firms that fit who we serve.
  • Technical data. Our hosting and infrastructure providers automatically log standard technical information such as IP address, browser type, and pages requested, for security and reliability.

Why we process it, and our legal basis

  • To respond to you and to provide our services — on the basis of performing a contract or taking steps at your request (GDPR Art. 6(1)(b)).
  • To contact firms about services relevant to their business, and to run the demo — on the basis of our legitimate interests in growing the business, balanced against your rights (Art. 6(1)(f)).
  • To keep the site secure and operational — on the basis of our legitimate interests (Art. 6(1)(f)).
  • To comply with legal obligations where they apply (Art. 6(1)(c)).

Who we share data with

We do not sell personal data. We share it only with service providers (sub-processors) who help us run Tallyrun, under contracts that require them to protect it. These currently include:

  • Hosting and delivery of this site (Vercel).
  • AI model providers that process demo and automation content (Anthropic, and other model providers we may use).
  • Email and productivity (Google Workspace; Resend for transactional email).
  • Scheduling (Cal.com).
  • Automation and data storage (n8n hosted on Railway; Airtable).
  • Operational notifications (Telegram).

We may also disclose data if required by law, or to protect our rights, safety, or property.

International transfers

Some of these providers are based outside the European Economic Area, including in the United States. Where data is transferred outside the EEA, it is protected by appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an adequacy decision.

How long we keep it

We keep personal data only as long as needed for the purpose it was collected: enquiry and outreach data for as long as there is a legitimate business relationship or interest, opt-out records for as long as needed to honour them, and demo content for no longer than needed to run and improve the demo. We delete or anonymise data when it is no longer needed.

Your rights

Under the GDPR you have the right to access, correct, delete, or restrict processing of your personal data, to object to processing based on legitimate interests (including outreach), to data portability, and to withdraw consent where processing relies on it. To exercise any of these, email mihail@tallyrun.ai. You also have the right to lodge a complaint with your local supervisory authority — in the Netherlands, the Autoriteit Persoonsgegevens.

Security

We use reputable providers and reasonable technical and organisational measures to protect personal data. No method of transmission or storage is completely secure, but we work to protect your information and to address issues promptly.

Cookies

This site uses only what is necessary to function and, where used, privacy-friendly analytics. We do not use advertising or cross-site tracking cookies. If that changes, we will update this policy and, if required, ask for your consent.

Children

Tallyrun is a service for businesses and is not directed to children. We do not knowingly collect data from children.

Changes to this policy

We may update this policy from time to time. The date at the top shows when it last changed. Material changes will be reflected here.

Contact

Tallyrun — Mihail Kenarov, Vestdijk 7, Eindhoven, the Netherlands. mihail@tallyrun.ai