Back to home
Effective June 11, 2026

Privacy Policy

Toolqit, Inc. · San Francisco, California

This Privacy Policy explains how Toolqit, Inc. (“Toolqit,” “we,” or “us”) collects, uses, and shares personal information when you use our AI-native service-desk platform (the “Service”), visit our website, or otherwise interact with us. It forms part of our Terms of Service.

1. Scope and Roles

When our customers, managed service providers and similar organizations, use the Service, they decide what data they submit and why. For that data, the customer is the controller and Toolqit acts as a processor (or service provider) on the customer’s behalf, governed by our Terms and any data processing agreement. This Policy describes our own practices, including the information we collect when you visit our website, create an account, or communicate with us.

2. Information We Collect

  • Account information: name, work email, organization, role, and credentials you provide when you register or are invited.
  • Phone numbers: a mobile number you provide if you enable SMS-based two-factor authentication or text notifications, used solely to deliver those messages.
  • Customer Data: tickets, messages, attachments, contact details, and other content that you or your end users submit to the Service. We process this data solely to provide the Service, as described in our Terms.
  • Usage and device data: log data, IP address, browser and device type, pages viewed, and actions taken, collected automatically when you use the Service or our website.
  • Cookies and similar technologies:used to keep you signed in, remember preferences, and understand how the Service is used.
  • Communications: information you share when you contact support, request a demo, or respond to a survey.

3. How We Use Information

We use personal information to:

  • provide, maintain, secure, and improve the Service;
  • authenticate users, prevent fraud, and enforce our Terms;
  • respond to support requests and communicate with you about the Service, including service and security notices;
  • analyze usage in aggregate to understand and improve performance; and
  • comply with legal obligations and protect our rights.

4. AI Processing

The Service uses AI models to draft replies, classify tickets, and run automations. We do not sell Customer Data, and we do not use Customer Data to train third-party AI models. Where AI providers process content to deliver a response, they act as our subprocessors under contractual terms that prohibit using that content to train their own models.

5. How We Share Information

We do not sell personal information. We share it only:

  • with subprocessors and service providers who help us operate the Service, under written confidentiality and data-protection terms;
  • with your organization and the users it authorizes within the Service;
  • with the integrations and PSA, RMM, or email systems you choose to connect;
  • when required by law, legal process, or to protect the rights, safety, and security of Toolqit, our customers, or others; and
  • in connection with a merger, acquisition, or sale of assets, subject to this Policy.

Our current subprocessor list is published on our Trust Center.

Text messaging originator opt-in data, consent, and mobile phone numbers will not be shared with or sold to third parties or affiliates for marketing or promotional purposes. Mobile numbers are shared only with our SMS delivery provider, acting on our behalf, solely to deliver the messages you have requested.

6. SMS Messaging

If you enable SMS-based two-factor authentication or text notifications, we send transactional security messages, such as one-time passcodes and account notifications, to the mobile number you provide. You opt in inside the application by entering and verifying your mobile number; this is the only way to enroll, and no marketing messages are sent. Message frequency varies based on your account activity. Message and data rates may apply. Reply STOP to opt out at any time, or HELP for help. As stated above, mobile phone numbers and SMS consent are never shared with or sold to third parties or affiliates for marketing purposes.

7. Security

We have engaged a third-party provider to help us build a set of controls aligned with the HIPAA Security and Privacy Rules and SOC 2 (Security, Availability, Confidentiality). Our commitments include encryption of data at rest (AES-256) and in transit (TLS 1.2+), role-based access on a least-privilege basis with SSO and MFA, vulnerability scanning and annual external penetration testing, centralized logging and monitoring, and a documented incident and breach response program. Where Toolqit handles Protected Health Information on a customer’s behalf, we intend to act as a Business Associate under a separately executed Business Associate Agreement.

8. Data Retention

We retain personal information for as long as needed to provide the Service and for legitimate business or legal purposes. Customer Data is retained for the duration of the subscription; following termination, we make Customer Data available for export for thirty days before deletion. Logs are retained for at least thirteen months.

9. International Transfers

We are based in the United States and may process and store information there and in other countries where we or our subprocessors operate. Where required, we rely on appropriate safeguards, such as Standard Contractual Clauses, for cross-border transfers.

10. Your Rights and Choices

Depending on where you live, you may have the right to access, correct, delete, or port your personal information, or to object to or restrict certain processing. Because much of the data we process belongs to our customers, requests about Customer Data are routed to the relevant customer; we assist them in responding. To exercise a right or ask a question, contact us using the details below. We will not discriminate against you for exercising these rights.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will provide reasonable advance notice of material changes. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.

12. Contact

Questions about this Privacy Policy or our handling of personal information may be directed to founders@toolqit.ai. For urgent matters, please mark the subject line URGENT; we will respond within one business hour on business days and within four hours otherwise.

Toolqit, Inc. · Effective June 11, 2026. The current version of this Policy is available at toolqit.ai/privacy.