PI & Other Tales

Data Protection Statement

Data Protection Statement

Effective date: August 23, 2025
Last updated: August 23, 2025

This Data Protection Statement explains how PI & Other Tales, Inc. (“PI & Other Tales”, “we”, “us”, or “our”) collects, uses, discloses, and safeguards personal information when you interact with our websites, apps, products, and services (collectively, the “Services”). It also describes your privacy rights and how to exercise them.

Who we are
PI & Other Tales, Inc.
8 The Green Ste. A, Dover, DE 19901, United States
Email: hello@othertales.co
Phone: +1 (302) 405-8005

This Statement should be read alongside our Cookie Policy, Privacy Policy, and any product-specific privacy notices. If you are a customer using our Services to process personal information about your end users, we act as a processor/service provider for that data; your organization is the controller/business and remains responsible for providing appropriate notices to end users and establishing a lawful basis. For website visitors, leads, and account holders, we act as a controller/business.

1) Scope & roles

  • This Statement applies to personal information processed by PI & Other Tales in connection with the Services.
  • We may process personal information both as:
    (a) Controller/Business — for our own purposes (e.g., operating websites, accounts, support, billing, marketing).
    (b) Processor/Service Provider — on behalf of our customers under a Data Processing Addendum (DPA). When we act as a processor, we follow our customers’ documented instructions.

2) Categories of personal information we collect

Depending on how you use the Services, we may collect:

  • Identification & contact: name, username, address, email, phone.
  • Account & profile: organization, role/title, authentication data, preferences.
  • Commercial & billing: purchase history, invoices, payment method tokens (processed by our payment processor), tax IDs.
  • Usage & technical: device identifiers, IP address, cookie IDs, log data, diagnostics, crash reports, performance metrics, referring URLs, pages viewed, session metadata.
  • Location: coarse location inferred from IP; GPS if you enable it.
  • Support & communications: messages, call recordings (where permitted/with notice), tickets, attachments, feedback, and survey responses.
  • Content you provide: files, text, images, or other data you upload or generate via the Services.
  • Marketing preferences: subscriptions, consent states, and opt-out choices.
  • Job applicant data (if you apply): CV/resume, work history, qualifications, references, interview notes.
  • Sensitive/special category data: We do not intentionally collect sensitive personal data (e.g., health, biometrics, precise geolocation, criminal history) unless explicitly necessary for a feature and permitted by law, or provided by you. If our customers choose to process such data in our Services, they are responsible for establishing a lawful basis and appropriate safeguards; we process it only under their instructions.

Sources: directly from you; your organization/administrator; automatically via the Services; third-party integrations you connect; service providers (e.g., payment, analytics); publicly available sources.

3) Purposes and legal bases

We use personal information for these purposes and, where required (e.g., UK/EEA), rely on the stated legal bases:

  • Provide the Services (create/manage accounts, authenticate users, operate features, provide customer support).
    Legal bases: contract performance; legitimate interests.
  • Security & integrity (monitoring, fraud prevention, incident detection, abuse, access control, and auditing).
    Legal bases: legitimate interests; legal obligations; vital interests in rare cases.
  • Billing & transactions (process payments, prevent fraud, manage subscriptions, collections).
    Legal bases: contract performance; legal obligations; legitimate interests.
  • Service improvement & analytics (measure usage, debug, research, develop new features).
    Legal bases: consent where required (e.g., non-essential cookies/SDKs); legitimate interests.
  • Communications (service notices, updates, surveys, marketing with your preferences).
    Legal bases: contract performance (service communications); consent and/or legitimate interests for marketing; your right to opt out applies.
  • Legal & compliance (record-keeping, responding to lawful requests, enforcing terms, protecting rights).
    Legal bases: legal obligations; legitimate interests; establishment, exercise, or defense of legal claims.

Cookies/SDKs: See our Cookie Policy for how we use cookies and similar technologies and how to manage your choices.

4) Sharing of personal information

We may share personal information with:

  • Service providers / processors who perform services for us (e.g., hosting, cloud storage, analytics, payment processing, communications, customer support, security, fraud prevention, professional advisors). These parties are bound by contractual obligations and only process data on our instructions.
  • Integrations & third-party features you choose to enable (e.g., when you connect a third-party account or install an integration, data may flow between PI & Other Tales and that provider per your settings and their privacy policy).
  • Business transfers (merger, acquisition, financing, sale of assets, or bankruptcy). We will take steps to ensure continued protection and provide notice where required.
  • Legal & safety: to comply with law, lawful requests, and to protect the rights, safety, and property of you, us, our users, or the public.

We do not sell personal information for monetary compensation. In some U.S. states, sharing for targeted advertising or certain analytics may be deemed a “sale” or “sharing”; your opt-out rights apply (see Section 8).

5) International data transfers

We are based in the United States and may transfer, store, and process personal information in the U.S. and other countries where we or our service providers operate. Where required, we use appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses and additional measures. For transfers from the UK/EEA, we assess the destination’s legal environment and apply supplementary safeguards as needed.

EU/UK GDPR Representative (Article 27): David James Lennon, Adventures of the Persistently Impaired (and Other Tales) Limited, 85 Great Portland Street, London W1W 7LT, United Kingdom. Email: david@othertales.co · Tel: +44 207 870 2490.

6) Data retention

We retain personal information for as long as necessary to fulfill the purposes described in this Statement, including to comply with legal, accounting, or reporting requirements, resolve disputes, and enforce agreements. Retention periods vary by data category and context (e.g., account data for the life of the account and a reasonable period thereafter; logs for security and auditing for a shorter period; transaction records for statutory periods). We will delete or anonymize data when it is no longer needed.

7) Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including access controls, encryption in transit and at rest where appropriate, secure software development practices, logging/monitoring, and employee training. No system is 100% secure; if we detect a breach affecting your data, we will notify you and regulators as required by law and our agreements.

8) Your privacy choices & rights

Your rights depend on where you live. You can make a request by emailing hello@othertales.co or calling +1 (302) 405-8005. We may need to verify your identity and, if you are an agent, your authority to act.

A. EEA/UK (GDPR)

You may have the right to access, rectify, erase, restrict processing, object, data portability, and to withdraw consent at any time (without affecting lawfulness of prior processing). You also have the right to lodge a complaint with your local data protection authority (e.g., the ICO in the UK).

B. U.S. state rights (e.g., CA, CO, CT, UT, VA and others)

Subject to applicable law and exceptions, you may have the right to know/access, delete, correct, data portability, and to opt out of: (i) targeted advertising; (ii) the sale or sharing of personal information; and (iii) certain profiling. If we use or disclose sensitive personal information, you may have the right to limit such use. You will not be discriminated against for exercising your rights. If we deny your request, you may appeal by replying to our response.

C. Marketing choices

You can opt out of marketing emails by using the unsubscribe link in the message. You can also adjust cookie-based advertising preferences through our Cookie Preferences and by honoring Global Privacy Control (GPC) signals where required.

9) Children’s privacy

Our Services are not directed to children, and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us so we can take appropriate action.

10) Automated decision-making

We do not engage in solely automated decision-making that produces legal or similarly significant effects about you without human review, unless permitted by law and with appropriate notice.

11) Product-specific processing (processor role)

When we process personal information on behalf of a customer:

  • We process it only under the customer’s documented instructions, including for transfers to a third country or international organization.
  • We implement security measures appropriate to the risk; assist the customer with data subject requests, security, and compliance obligations; and notify the customer of personal data breaches without undue delay.
  • We use sub-processors (e.g., cloud hosting, email delivery) under written agreements with obligations no less protective than those in our DPA. We maintain a current list of sub-processors upon request.
  • Upon termination of services, we delete or return personal information as instructed by the customer, unless retention is required by law.

For a copy of our Data Processing Addendum or sub-processor list, contact hello@othertales.co.

12) How to contact us and escalate concerns

Questions, requests, or complaints:

PI & Other Tales, Inc.
8 The Green Ste. A, Dover, DE 19901, United States
Email: hello@othertales.co
Phone: +1 (302) 405-8005

If you are in the UK/EEA, you have the right to complain to your local authority. In the UK: Information Commissioner’s Office (ICO), ico.org.uk. In the EEA: see the list of supervisory authorities provided by the European Data Protection Board.

13) Changes to this Statement

We may update this Statement to reflect changes in our practices, technologies, or laws. If changes are material, we will provide prominent notice (e.g., via the Services or email, where appropriate). The Last updated date above indicates when this Statement was most recently revised.

Appendix: Summary of legal bases (EEA/UK)

  • Contract: creating/managing your account; providing features you request; billing and customer support.
  • Legitimate interests: securing our Services, preventing fraud, improving and personalizing features, B2B communications (balanced against your rights).
  • Consent: non-essential cookies/SDKs, certain marketing, and processing of special category data (if ever applicable).
  • Legal obligation: tax and accounting rules, responding to lawful requests, record-keeping.
  • Vital interests/public interest: rare cases (e.g., safety incidents) where necessary.

Note: This Statement is provided for general informational purposes and does not constitute legal advice. Your specific configuration (e.g., cookies/SDKs, integrations, data locations) may require additional disclosures or terms (e.g., state-specific notices). Please consult counsel to confirm compliance in all applicable jurisdictions.