Privacy Policy
Last updated: March 2026
This policy describes how TISYM handles personal data when using the system and connecting it to AI assistants via the MCP (Model Context Protocol).
1. Data Controller
The data controller is the operator of your TISYM instance — typically the company or organisation that purchased the system. Contact details for the controller can be found in your instance settings.
2. What Data the System Processes
TISYM processes only data that you enter into the system yourself:
- User credentials (name, email, password stored as a hash)
- Data about customers, projects, tickets and invoices
- Work reports and ticket comments
- Access and activity logs
3. MCP Interface and AI Assistants
When you connect TISYM to an AI assistant (Claude, ChatGPT, etc.) via the MCP interface, the following applies:
- The AI assistant accesses data exclusively under your credentials — it can only see what you would see
- TISYM does not send any data to AI providers on its own — data flows only in response to explicit AI tool calls
- Every MCP tool call is recorded in the access log (what was queried, when, and with what result)
- TISYM does not store conversations with AI assistants — those remain with the AI provider
Important: TISYM acts as a data source — a database that the AI queries. The actual processing of your prompts and generation of responses is handled by the AI provider (Anthropic, OpenAI, etc.) under their own privacy policies.
4. Sharing Data with Third Parties
TISYM does not sell or share your data with third parties for marketing or advertising purposes. Data may be disclosed only in the following cases:
- Based on your explicit consent (connecting an AI assistant)
- For legal reasons (court order, statutory obligation)
- To the hosting processor for operating server infrastructure
5. Data Retention
Data is retained for the duration of your subscription and deleted upon request after termination. MCP access logs are automatically deleted after 90 days.
6. Security
- All data transfer uses HTTPS (TLS) exclusively
- The MCP interface requires authentication via OAuth 2.0
- Passwords are stored as one-way hashes (bcrypt)
- Access is logged and auditable
7. Your Rights
You have the right to access, correct, delete and port your data. Submit a request to the administrator of your instance or contact us at the email address below.
8. Contact
TISYM platform operator:
Email: info@tisym.com
Website: www.tisym.com
This policy may change from time to time. You will be notified of significant changes through the system.
