# Tale: The Sovereign AI Platform
Source: https://tale.dev/

Tale: The Sovereign AI Platform

Self-hosted AI platform for data-sensitive organisations — local AI models, agents, and automations on your own infrastructure.

# Pricing
Source: https://tale.dev/pricing

Pricing

One price for your entire team — no per-seat fees, no hidden costs.

# Hardware pricing
Source: https://tale.dev/hardware-pricing

Hardware pricing

High-performance AI hardware — Quality, Hybrid, and Speed configurations.

# Contact
Source: https://tale.dev/contact

Contact

Get in touch with the Tale team.

# Request a demo
Source: https://tale.dev/request-demo

Request a demo

Talk with a domain expert about your use case for sovereign AI.

# Privacy policy
Source: https://tale.dev/legal/privacy-policy

**Last updated:** 01.04.2026

## 1. Introduction

Ruler GmbH ("we", "us", "our") operates the website [https://tale.dev](https://tale.dev) and the Tale platform. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or interact with us.

This Privacy Policy complies with the Swiss Federal Act on Data Protection (FADP/nDSG) and, where applicable, the European Union General Data Protection Regulation (GDPR).

## 2. Data Controller

The data controller responsible for the processing of your personal data is:

**Ruler GmbH**
Seestrasse 4
3700 Spiez
Switzerland

Company registration: CHE-186.532.610

For any questions or requests regarding data protection, please contact us through our [contact form](https://tale.dev/contact).

## 3. Data We Collect

### 3.1 Contact and Demo Request Forms

When you submit our contact form or request a demo, we collect the following personal data:

- Name
- Email address
- Company name (optional on contact form, required on demo request form)
- Phone number (optional, demo request form only)
- Area of interest (demo request form only)
- Message content or additional comments

### 3.2 Automatically Collected Data

Our website is hosted on Framer, which uses a privacy-friendly analytics system. This system does not use cookies and does not collect personal data. IP addresses are hashed with a daily rotating secret and cannot be traced back to individual visitors. No persistent identifiers are generated.

We do not use any additional analytics tools, tracking pixels, advertising scripts, or third-party cookies on our website.

### 3.3 Server Logs

When you visit our website, our hosting provider (Framer) may temporarily process technical data such as your IP address, browser type, and access timestamps for the purpose of delivering the website and maintaining security. This data is processed as part of standard web hosting operations and is not used by us for any other purpose.

## 4. Purpose and Legal Basis for Processing

We process your personal data for the following purposes:

| Purpose                                        | Data involved                                 | Legal basis (FADP)  | Legal basis (GDPR)                           |
| ---------------------------------------------- | --------------------------------------------- | ------------------- | -------------------------------------------- |
| Responding to your inquiry                     | Name, email, company, message                 | Legitimate interest | Art. 6(1)(f) GDPR — Legitimate interest      |
| Scheduling and conducting a product demo       | Name, email, phone, company, area of interest | Legitimate interest | Art. 6(1)(b) GDPR — Pre-contractual measures |
| Maintaining and securing our website           | Technical data (IP address, browser)          | Legitimate interest | Art. 6(1)(f) GDPR — Legitimate interest      |
| Establishing a potential business relationship | Contact form data                             | Legitimate interest | Art. 6(1)(f) GDPR — Legitimate interest      |

Under the Swiss FADP, processing of personal data is generally permitted unless it violates the personality rights of the data subject. We process your data in good faith, proportionally, and only for the purposes stated above.

## 5. Data Sharing

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes.

Your personal data may be accessible to the following categories of service providers who process data on our behalf and under our instructions:

- **Hosting provider:** Framer B.V. (Amsterdam, Netherlands) — provides website hosting and delivery via a global content delivery network powered by Amazon Web Services (AWS). Framer is GDPR-compliant, SOC 2 Type II attested, and ISO 27001:2022 certified.
- **CRM provider:** We store contact form submissions in a customer relationship management system hosted in Switzerland.

These providers act as data processors and are bound by data processing agreements in accordance with Art. 9 FADP and Art. 28 GDPR.

## 6. International Data Transfers

Your personal data is primarily stored and processed in Switzerland. However, as our website is hosted by Framer B.V. in the Netherlands, some data (such as server requests) is processed within the European Union and through a globally distributed content delivery network.

The Netherlands and all EU/EEA member states are recognized by the Swiss Federal Council as providing an adequate level of data protection under Art. 16 FADP. The European Commission has likewise recognized Switzerland as providing adequate protection under the GDPR.

No personal data is transferred to countries without an adequate level of data protection.

## 7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

- **Contact form submissions:** If no business relationship is established, your data will be deleted within 12 months after your last interaction with us.
- **Demo request submissions:** If no business relationship is established, your data will be deleted within 12 months after your last interaction with us.
- **Ongoing business relationships:** If a business relationship is established, your data will be retained for the duration of the relationship and for the period required by applicable statutory retention obligations (typically 10 years under Swiss commercial law).
- **Server logs:** Technical data processed by our hosting provider is handled according to Framer's data retention practices and is not stored by us.

## 8. Your Rights

Under the Swiss FADP and, where applicable, the GDPR, you have the following rights:

- **Right of access:** You may request information about whether and what personal data we process about you.
- **Right to rectification:** You may request that inaccurate personal data be corrected.
- **Right to deletion:** You may request the deletion of your personal data, subject to any legal retention obligations.
- **Right to data portability:** You may request that your personal data be provided to you or to a third party in a commonly used, machine-readable format.
- **Right to object:** You may object to the processing of your personal data at any time.
- **Right to withdraw consent:** Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise any of these rights, please contact us through our [contact form](https://tale.dev/contact). We will respond to your request within 30 days.

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland or, if applicable, with a supervisory authority in your EU/EEA member state.

## 9. Cookies

Our website does not use cookies for analytics or tracking purposes. Framer's built-in analytics system is entirely cookie-free and does not generate persistent identifiers.

If we introduce any cookies or third-party services in the future that require consent, we will update this Privacy Policy and implement an appropriate consent mechanism.

## 10. Data Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or destruction. These measures include encryption of data in transit (TLS/SSL), access controls, and the use of certified hosting infrastructure (SOC 2 Type II, ISO 27001:2022).

## 11. Children's Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child under 16, we will take steps to delete it promptly.

## 12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. The updated version will be published on this page with a revised "Last updated" date. We encourage you to review this page periodically.

## 13. Contact

If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact us:

**Ruler GmbH**
Seestrasse 4
3700 Spiez
Switzerland

# Terms of service
Source: https://tale.dev/legal/terms-of-service

**Last updated:** 01.04.2026

## 1. Introduction

These Terms of Service ("Terms") govern your access to and use of the website [https://tale.dev](https://tale.dev) ("Website") operated by Ruler GmbH ("we", "us", "our"). By accessing or using our Website, you agree to be bound by these Terms. If you do not agree with any part of these Terms, please do not use our Website.

These Terms apply to the use of the Website only. The use of Tale products and services is governed separately by our [Service Agreement](https://talecorp-my.sharepoint.com/:b:/g/personal/ym_tale_dev/IQDMsO0J9N-4RJtStv-1_IurAV_aXuHPQB5hfWnda5wSluA?e=cfXpDs) and [Hardware Agreement](https://talecorp-my.sharepoint.com/:b:/g/personal/ym_tale_dev/IQDoJBWnXoqqQLlapn6eOPEcAUkySXRa3AUSrKFwYMl0VCU?e=JWmiZc), as applicable.

## 2. Operator

**Ruler GmbH**
Seestrasse 4
3700 Spiez
Switzerland

Company registration: CHE-186.532.610

## 3. Use of the Website

### 3.1 Permitted Use

You may use this Website for lawful purposes and in accordance with these Terms. The Website is intended to provide information about Tale, our products and services, and to facilitate communication with us.

### 3.2 Prohibited Conduct

You agree not to:

- Use the Website in any way that violates applicable local, national, or international laws or regulations.
- Attempt to gain unauthorized access to the Website, its servers, or any connected systems or networks.
- Interfere with or disrupt the integrity or performance of the Website or its underlying infrastructure.
- Use automated systems, bots, or scrapers to access the Website without our prior written consent, except for standard search engine indexing.
- Transmit any material that is unlawful, threatening, abusive, defamatory, or otherwise objectionable through our contact forms.
- Impersonate any person or entity, or misrepresent your affiliation with any person or entity.
- Attempt to reverse-engineer, decompile, or disassemble any part of the Website that is not covered by an open-source license.

## 4. Intellectual Property

### 4.1 Website Content

The content on this Website — including but not limited to text, graphics, logos, images, and the overall design — is the property of Ruler GmbH and is protected by Swiss and international copyright, trademark, and other intellectual property laws, unless otherwise stated.

### 4.2 Open-Source Software

Tale is MIT licensed and free to use, modify, and distribute under the terms of the MIT License. The open-source components of Tale are governed by their respective licenses. The MIT License applies solely to the Tale software and does not extend to the Website content, branding, or trademarks.

### 4.3 Trademarks

"Tale", the Tale logo, and "Ruler GmbH" are trademarks of Ruler GmbH. You may not use these trademarks without our prior written permission, except as reasonably necessary to refer to our products or company.

## 5. Contact Forms and Submissions

When you submit information through our contact or demo request forms, you represent that the information you provide is accurate and that you have the authority to share it. We process all personal data submitted through these forms in accordance with our [Privacy Policy](/legal/privacy-policy).

Submitting a form does not create a contractual relationship between you and Ruler GmbH. A contractual relationship is only established upon execution of a separate agreement.

## 6. Third-Party Links and Resources

Our Website may contain links to third-party websites, services, or resources that are not owned or controlled by us, including but not limited to our documentation site, training courses, and service agreements. We have no control over, and assume no responsibility for, the content, privacy practices, or availability of any third-party websites or services.

The inclusion of a link does not imply endorsement. We encourage you to review the terms and privacy policies of any third-party sites you visit.

## 7. Disclaimer of Warranties

The Website is provided on an "as is" and "as available" basis without any warranties of any kind, whether express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, or non-infringement.

We do not warrant that the Website will be uninterrupted, error-free, or free of viruses or other harmful components. While we strive to ensure that the information on the Website is accurate and up to date, we make no guarantees regarding the completeness, accuracy, or reliability of any content.

Information provided on this Website is for general informational purposes only and does not constitute professional, legal, financial, or technical advice.

## 8. Limitation of Liability

To the maximum extent permitted by applicable law, Ruler GmbH, its directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, goodwill, or business opportunity, arising out of or in connection with your use of or inability to use the Website.

Our total aggregate liability for any claims arising from or relating to the use of the Website shall not exceed CHF 100.

This limitation of liability does not apply to damages caused by intent or gross negligence, or where such limitation is not permitted under applicable law.

## 9. Indemnification

You agree to indemnify, defend, and hold harmless Ruler GmbH and its directors, employees, and agents from and against any claims, liabilities, damages, losses, or expenses (including reasonable legal fees) arising out of or in connection with your breach of these Terms or your use of the Website in violation of applicable law.

## 10. Modifications to the Terms

We reserve the right to modify these Terms at any time. The updated version will be posted on this page with a revised "Last updated" date. Your continued use of the Website after such changes constitutes your acceptance of the revised Terms. We encourage you to review these Terms periodically.

## 11. Severability

If any provision of these Terms is found to be invalid or unenforceable by a court of competent jurisdiction, the remaining provisions shall continue in full force and effect. The invalid or unenforceable provision shall be replaced by a valid and enforceable provision that most closely reflects the original intent.

## 12. Waiver

The failure of Ruler GmbH to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision. Any waiver must be in writing and signed by Ruler GmbH to be effective.

## 13. Governing Law and Jurisdiction

These Terms are governed by and construed in accordance with the substantive laws of Switzerland, excluding its conflict of law provisions and excluding the United Nations Convention on Contracts for the International Sale of Goods (CISG).

Any disputes arising out of or in connection with these Terms shall be subject to the exclusive jurisdiction of the competent courts of the Canton of Bern, Switzerland, unless otherwise required by mandatory law.

## 14. Contact

If you have any questions about these Terms, please contact us:

**Ruler GmbH**
Seestrasse 4
3700 Spiez
Switzerland

# Data processing agreement
Source: https://tale.dev/legal/data-processing-agreement

**Last updated:** 01.04.2026

This Data Processing Agreement ("DPA") is an addendum to the Service Agreement ("Agreement") between Ruler GmbH ("Tale", "we", "us", "our") and the entity or person agreeing to the Agreement ("Customer", "you", "your"). This DPA applies to the extent that Tale processes Personal Data on behalf of the Customer in the course of providing the services under the Agreement.

By executing the Agreement, the Customer enters into this DPA on behalf of itself and, to the extent required under Applicable Data Protection Law, on behalf of its authorized users and affiliates. This DPA is effective as of the date of the Agreement.

## 1. Definitions

Capitalized terms not defined herein shall have the meanings set out in the Agreement.

**"Applicable Data Protection Law"** means the Swiss Federal Act on Data Protection (FADP/nDSG) and its ordinances, the EU General Data Protection Regulation (GDPR), and any other applicable data protection or privacy legislation, in each case as amended, repealed, or replaced from time to time.

**"Controller"** means the entity that determines the purposes and means of the processing of Personal Data. For the purposes of this DPA, the Customer is the Controller.

**"Data Breach"** means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data processed by Tale on behalf of the Customer.

**"Data Subject"** means the identified or identifiable natural person to whom the Personal Data relates.

**"Personal Data"** means any information relating to an identified or identifiable natural person that is processed by Tale on behalf of the Customer in connection with the services under the Agreement.

**"Processing"** means any operation or set of operations performed on Personal Data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, combination, restriction, erasure, or destruction.

**"Processor"** means the entity that processes Personal Data on behalf of the Controller. For the purposes of this DPA, Tale is the Processor.

**"Sub-processor"** means any third party engaged by Tale to process Personal Data on behalf of the Customer.

## 2. Scope and purpose of processing

### 2.1 Roles

The Customer is the Controller and Tale is the Processor with respect to the Personal Data processed under this DPA. Tale processes Personal Data solely for the purpose of providing and maintaining the services under the Agreement and in accordance with the Customer's documented instructions.

### 2.2 Details of processing

| Element                         | Description                                                                                                                                                                                                                   |
| ------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Purpose of processing**       | Provision of the Tale platform and related services as described in the Agreement, including AI-powered workflow automation, conversation management, and related operational features                                        |
| **Nature of processing**        | Storage, retrieval, organization, structuring, computation, transmission, and display of data as necessary to deliver the services                                                                                            |
| **Categories of data subjects** | Determined by the Customer, and may include the Customer's employees, end users, clients, contractors, business contacts, and any other individuals whose data the Customer submits to the services                           |
| **Categories of personal data** | Determined by the Customer, and may include names, email addresses, phone numbers, company information, message content, conversation data, workflow data, documents, and any other data the Customer submits to the services |
| **Duration of processing**      | For the duration of the Agreement, plus any period required for the return or deletion of Personal Data as described in Section 12                                                                                            |

### 2.3 Customer responsibilities

The Customer shall ensure that:

a) it has a valid legal basis under Applicable Data Protection Law for the processing of Personal Data and for instructing Tale to process Personal Data on its behalf;

b) it has provided all necessary notices to, and obtained all necessary consents or authorizations from, Data Subjects as required under Applicable Data Protection Law;

c) its instructions to Tale comply with Applicable Data Protection Law;

d) it is solely responsible for the accuracy, quality, and legality of the Personal Data submitted to the services.

## 3. Tale's obligations as Processor

Tale shall:

a) process Personal Data only on the basis of documented instructions from the Customer, including as set out in this DPA and the Agreement, unless required to do so by applicable law, in which case Tale shall inform the Customer of such legal requirement before processing (unless prohibited by law);

b) ensure that persons authorized to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

c) implement and maintain appropriate technical and organizational measures to protect Personal Data, as set out in Section 6;

d) not engage any Sub-processor without complying with the requirements set out in Section 5;

e) taking into account the nature of the processing, assist the Customer by appropriate technical and organizational measures in fulfilling the Customer's obligation to respond to Data Subject requests, as set out in Section 8;

f) assist the Customer in ensuring compliance with its obligations regarding data security, breach notification, data protection impact assessments, and prior consultations with supervisory authorities, taking into account the nature of the processing and the information available to Tale;

g) at the Customer's choice, delete or return all Personal Data after the end of the provision of services, as set out in Section 12;

h) make available to the Customer all information reasonably necessary to demonstrate compliance with the obligations set out in this DPA, and allow for and contribute to audits and inspections, as set out in Section 9.

## 4. Customer instructions

### 4.1 Documented instructions

The Customer instructs Tale to process Personal Data to the extent necessary to provide the services in accordance with the Agreement. Additional or alternative instructions must be agreed upon in writing.

### 4.2 Notification of conflicting instructions

If Tale becomes aware that an instruction from the Customer infringes Applicable Data Protection Law, Tale shall promptly notify the Customer and may suspend the relevant processing until the Customer provides a lawful instruction.

## 5. Sub-processors

### 5.1 General authorization

The Customer provides a general written authorization for Tale to engage Sub-processors for the processing of Personal Data. Tale shall maintain a current list of Sub-processors, which is available upon request.

### 5.2 Notification of changes

Tale shall notify the Customer at least 30 days before engaging a new Sub-processor or replacing an existing Sub-processor, by updating the Sub-processor list and, where the Customer has subscribed to such notifications, by email.

### 5.3 Right to object

The Customer may object to a new or replacement Sub-processor by notifying Tale in writing within 30 days of receiving notice. The objection must be based on reasonable data protection grounds. If the Customer objects, Tale shall use commercially reasonable efforts to offer an alternative solution that avoids the use of the objected-to Sub-processor. If no resolution can be reached within 30 days, either Party may terminate the affected services under the Agreement.

### 5.4 Sub-processor obligations

Where Tale engages a Sub-processor, Tale shall:

a) impose on the Sub-processor, by way of a written agreement, data protection obligations no less protective than those set out in this DPA;

b) remain fully liable to the Customer for the performance of the Sub-processor's obligations.

## 6. Technical and organizational measures

### 6.1 Security measures

Tale shall implement and maintain appropriate technical and organizational measures to protect Personal Data against unauthorized or unlawful processing and against accidental loss, destruction, damage, or disclosure. These measures include, as appropriate:

a) encryption of Personal Data in transit and at rest;

b) measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services;

c) measures to restore the availability of and access to Personal Data in a timely manner in the event of a physical or technical incident;

d) access controls ensuring that Personal Data is accessible only to authorized personnel on a need-to-know basis;

e) regular testing, assessment, and evaluation of the effectiveness of the technical and organizational measures;

f) physical security measures for data centers and infrastructure;

g) employee security awareness training.

### 6.2 Certifications

Tale maintains ISO 27001 and SOC 2 Type II certifications. Tale shall maintain such certifications (or equivalent standards) and provide evidence of current certification to the Customer upon reasonable request.

### 6.3 Updates

Tale may update its security measures from time to time, provided that the updated measures do not materially decrease the overall level of protection afforded to Personal Data.

## 7. Data breach notification

### 7.1 Notification to the Customer

Tale shall notify the Customer without undue delay, and in any event within 72 hours, after becoming aware of a Data Breach affecting Personal Data processed on behalf of the Customer.

### 7.2 Content of notification

The notification shall include, to the extent reasonably available at the time:

a) a description of the nature of the Data Breach, including where possible the categories and approximate number of Data Subjects and Personal Data records concerned;

b) the contact details of Tale's point of contact for further information;

c) a description of the likely consequences of the Data Breach;

d) a description of the measures taken or proposed to address the Data Breach, including measures to mitigate its possible adverse effects.

### 7.3 Cooperation

Tale shall cooperate with the Customer and take commercially reasonable steps to assist in the investigation, mitigation, and remediation of the Data Breach.

### 7.4 Notification limitations

Tale's obligation to notify the Customer of a Data Breach is not an acknowledgment of fault or liability. The Customer is solely responsible for determining whether a Data Breach triggers any notification obligations under Applicable Data Protection Law and for fulfilling those obligations.

## 8. Data subject rights

### 8.1 Assistance

Tale shall, taking into account the nature of the processing, assist the Customer by appropriate technical and organizational measures in responding to requests from Data Subjects exercising their rights under Applicable Data Protection Law, including the right of access, rectification, erasure, restriction of processing, data portability, and objection.

### 8.2 Forwarding requests

If Tale receives a request directly from a Data Subject regarding Personal Data processed on behalf of the Customer, Tale shall promptly forward the request to the Customer and shall not respond to the Data Subject directly, unless instructed to do so by the Customer or required by applicable law.

### 8.3 Costs

Where assistance with Data Subject requests requires significant effort beyond what is reasonably expected, Tale may charge the Customer a reasonable fee based on Tale's administrative costs.

## 9. Audits and inspections

### 9.1 Audit reports

Tale shall make available to the Customer, upon reasonable request and no more than once per year, copies of relevant third-party audit reports or certifications (such as SOC 2 Type II reports and ISO 27001 certificates) to demonstrate compliance with the obligations set out in this DPA.

### 9.2 Additional audits

If the Customer reasonably determines that the information provided under Section 9.1 is insufficient to verify compliance with this DPA, the Customer may request an additional audit. Such audits shall be:

a) conducted at the Customer's expense (unless the audit reveals a material breach by Tale);

b) subject to reasonable prior notice of at least 30 days;

c) conducted during normal business hours and in a manner that minimizes disruption to Tale's operations;

d) carried out by the Customer or an independent third-party auditor that is not a competitor of Tale and that is bound by appropriate confidentiality obligations;

e) limited in scope to the processing of the Customer's Personal Data.

### 9.3 Confidentiality

Any audit reports, findings, and information obtained through audits shall be treated as confidential information of Tale and shall be subject to the confidentiality provisions of the Agreement.

## 10. International data transfers

### 10.1 Processing locations

Tale processes Personal Data primarily in Switzerland. Where the Customer deploys Tale on its own infrastructure (on-premises or private cloud), the Customer determines the location of processing.

### 10.2 Transfers to adequate countries

Tale may process Personal Data in countries recognized by the Swiss Federal Council as providing an adequate level of data protection under Art. 16 FADP, or by the European Commission under Art. 45 GDPR.

### 10.3 Safeguards for other transfers

Tale shall not transfer Personal Data to countries without an adequate level of data protection unless appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or recognized by the Swiss Federal Data Protection and Information Commissioner (FDPIC), or other legally recognized transfer mechanisms.

### 10.4 Transparency

The current locations of data processing and any relevant transfer mechanisms are described in the Sub-processor list referenced in Section 5.1.

## 11. Confidentiality

Tale shall treat all Personal Data processed under this DPA as confidential information. This obligation shall survive the termination of this DPA and the Agreement. Tale shall ensure that all personnel who have access to Personal Data are subject to appropriate confidentiality obligations.

## 12. Data retention and deletion

### 12.1 During the Agreement

Tale shall retain Personal Data for the duration of the Agreement and in accordance with the Customer's documented instructions.

### 12.2 Upon termination

Upon termination or expiration of the Agreement, Tale shall, at the Customer's written request:

a) return all Personal Data to the Customer in a commonly used, machine-readable format; or

b) securely delete all Personal Data and provide written confirmation of deletion.

If the Customer does not make a written request within 30 days of termination, Tale shall delete all Personal Data within 90 days of termination.

### 12.3 Legal retention

Where applicable law requires Tale to retain certain Personal Data beyond termination, Tale shall inform the Customer, limit further processing to the extent required by law, and continue to protect the data in accordance with this DPA.

## 13. Liability

Liability under this DPA shall be subject to the limitations and exclusions of liability set out in the Agreement, to the extent permitted by Applicable Data Protection Law. Nothing in this DPA or the Agreement shall limit or exclude either Party's liability for damages arising from a willful or grossly negligent breach of Applicable Data Protection Law.

## 14. Relationship with the Agreement

### 14.1 Precedence

In the event of any conflict between this DPA and the Agreement, the provisions of this DPA shall prevail with respect to the processing of Personal Data.

### 14.2 Incorporation

This DPA is incorporated into and forms part of the Agreement. All terms, conditions, and provisions of the Agreement that are not expressly modified by this DPA shall remain in full force and effect.

### 14.3 Severability

If any provision of this DPA is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.

## 15. Governing law and jurisdiction

This DPA shall be governed by and construed in accordance with the substantive laws of Switzerland, excluding its conflict of law provisions and the United Nations Convention on Contracts for the International Sale of Goods (CISG).

Any disputes arising out of or in connection with this DPA shall be subject to the exclusive jurisdiction of the competent courts of the Canton of Bern, Switzerland, unless otherwise required by mandatory law.

## 16. Amendments

Tale may update this DPA from time to time to reflect changes in its data processing practices or to comply with changes in Applicable Data Protection Law. Material changes will be communicated to the Customer in advance. The Customer's continued use of the services after such changes take effect constitutes acceptance of the updated DPA.

## 17. Contact

For any questions regarding this DPA or data processing activities, please contact us through our [contact form](https://tale.dev/contact).

**Ruler GmbH**
Seestrasse 4
3700 Spiez
Switzerland

# Personalization & Memory — Privacy notice
Source: https://tale.dev/legal/personalization

**Last updated:** 03.05.2026

## 1. The contract

Tale's personalization layer (Custom Instructions and Memories) is built around a single contract:

> **Within Tale, no other user — including your organization's admin — can read your custom instructions or memory content via any UI or API. Personalization is OFF by default; you must enable it explicitly in `/settings/personalization`.**

This page documents what that contract does and does not cover. Five caveats are inherent to running an AI service on a third-party model and cannot be eliminated by Tale's code alone.

## 2. Caveats inherent to the LLM stack

### 2.1 Memory content is sent to your configured LLM provider on every chat turn

When you send a chat message and personalization is active, your custom instructions and approved memories are included in the system prompt that goes to your organization's configured upstream LLM (OpenAI, Anthropic, Google, Azure, your self-hosted model, etc.). Memory content is then subject to that provider's data-retention and abuse-monitoring terms.

Most major hosted providers retain inputs and outputs for abuse monitoring for a bounded window (typically 7–30 days as of mid-2026) and offer Zero Data Retention or equivalent programs to qualifying enterprise customers. Durations and eligibility change frequently — refer to the contract your organization holds with the provider, and to each provider's published policy:

- Anthropic — [Privacy policy](https://www.anthropic.com/legal/privacy) · [Data retention FAQ](https://privacy.claude.com/en/articles/7996866-how-long-do-you-store-my-organization-s-data)
- OpenAI — [API data usage policies](https://openai.com/policies/api-data-usage-policies/)
- Google Vertex AI / Gemini — [Generative AI data governance](https://cloud.google.com/vertex-ai/generative-ai/docs/data-governance)
- Azure OpenAI / Microsoft Foundry — [Data, privacy & security](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/data-privacy) · [Abuse monitoring](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/abuse-monitoring)

For self-hosted models or custom OpenAI-compatible endpoints (Ollama, vLLM, internal gateways, etc.), no third-party retention applies — retention is governed entirely by the operator of that endpoint.

Once memory content is sent, **Tale cannot recall it**. If you delete a memory, future requests stop including it, but previously-sent copies on the provider side follow the provider's retention schedule.

### 2.2 Self-hosted deployments: the deployment operator can read raw rows

Tale supports self-hosted Convex. Whoever has database or Convex dashboard access at your deployment can read raw `userPreferences` and `userMemories` rows — Tale's role-based admin restriction ("admin can't read content") **does not extend to the database layer**. If you self-host, treat your Convex operators as having access to all personalization content. SOC 2 / ISO controls covering DB-level access are your responsibility.

### 2.3 Assistant replies may quote or paraphrase your memories

The model's reply, when generated using your memory, can repeat the memory verbatim or paraphrased. That reply is then stored in your thread under the **thread visibility rules**, not the memory visibility rules. Sharing a thread automatically disables personalization for subsequent turns by the owner, but past replies that were already generated under personalization remain in the shared thread; deleting a memory does not retroactively redact past replies.

### 2.4 Convex platform logs

Convex's own function-call logs may include mutation arguments. Memory-write mutation arguments can land in those logs. Tale redacts pre-LLM-call debug logs and avoids logging memory content from application code, but the platform's structural logs are outside Tale's redaction surface.

### 2.5 Provider abuse-monitoring review

Major LLM providers run automated abuse-detection over inputs they receive. Content flagged as suspect may be reviewed by the provider's abuse team. Zero-data-retention (ZDR) endpoints, where available, can opt out. Personalization-bearing requests are no different from any other request in this regard.

## 3. What Tale enforces

- **Off by default.** With no organization policy and no user opt-in, personalization is never sent to the model — both read and write paths short-circuit.
- **Three-signal gating.** Whether personalization applies to a given chat is the merge of three independent signals; if any of them blocks it, no custom instructions or memories are sent:
  - **Organization default** — admin-controlled. When on, members inherit on; when off or absent, members inherit off.
  - **Your preference** — your explicit on/off beats the organization default in either direction.
  - **Thread-level disable** — a per-thread hard off (e.g. shared threads).
- **No admin override.** Admin role does not bypass another user's row. Every public read and write surface requires an exact user-id match plus a live organization-membership check, so a removed-but-still-tokened user cannot read stale rows.
- **Auto-disable on share.** Sharing a thread automatically disables personalization for that thread; unsharing re-enables it.
- **Cascade hard-delete.** Removing a user from an organization, or deleting the organization, immediately hard-deletes all of that user's personalization content rows in scope (custom instructions, memories, preferences). Audit-log entries that record those events are retained without content — only the timestamp, action type, and the raw subject user id — for compliance reporting; admin-blind pseudonymisation will be applied when an admin-readable audit view ships. Account-level self-deletion is not yet a product feature; the matching cascade hook will land alongside the user-delete plugin.
- **Soft-delete window for approved memories.** User-initiated deletion of an approved memory triggers a 30-day soft-delete window before storage is reclaimed via opportunistic cleanup. A discarded proposal — one you reject from the chat inline card or the Pending tab — is hard-deleted at the moment of discard.

## 4. DPA addendum (draft)

Customers requiring a Data Processing Addendum addition for personalization content should request the **Personalization & Memory Processor Annex**, which covers:

- Categories of personal data: free-form user-authored instructions; LLM-mediated facts about the user; raw-subject audit metadata.
- Purposes: per-user personalization of chat responses only.
- Sub-processors: the LLM provider configured per organization (see "Memory content is sent…" above).
- Retention: indefinite while the user is a member of the organization and personalization remains enabled; 30 days after soft-delete; immediate on hard-delete.
- Cross-border transfers: governed by the LLM provider's residency and the customer's choice of provider region.
- Subject rights: erasure of content (Art. 17 via cascade on member-remove and org-delete). Audit-log metadata (no content) is retained for compliance and pseudonymized when admin-readable audit views are introduced. Operator-invokable export query (Art. 15/20) is available against the underlying tables; in-product self-service export is planned for v2.