TicketMind

Privacy Policy

Last updated: February 23, 2026

1. Introduction

TicketMind ("we," "our," or "us") is committed to protecting your information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you and your organization use the TicketMind agentic AI support automation platform ("Service").

We never use your data to train AI models or share it with LLM providers for training purposes. Your tickets, customer data, and connected databases are used exclusively to generate responses for your organization. Your data stays yours.

2. Information We Collect

Account and Contact Information

When you register for or manage your account, we collect:

  • Name and work email address
  • Company name and job title
  • Authentication credentials (via your identity provider)
  • Billing contact information and payment method details (handled by our third-party payment processor, Stripe)
  • Team member information for users you invite to your organization

Service Usage Data

We automatically collect information about how you use the Service:

  • Log data (IP address, browser type, operating system, pages visited, timestamps)
  • Feature usage patterns (which integrations are active, frequency of use)
  • Performance and error data to diagnose and fix technical issues
  • Ticket processing counts and usage relative to plan quotas

Customer Support and Business Data

To provide the core AI functionality, we process data from your connected systems, which may include:

  • Support ticket content, including customer messages, internal notes, and resolution history from connected ticketing systems (e.g., Zendesk, Jira Service Management, Salesforce Service Cloud, ServiceNow)
  • Documentation and knowledge base files you upload or connect to the Service (up to your plan limit)
  • Database query results from connected data sources (e.g., PostgreSQL, MySQL, MongoDB, Snowflake, Databricks, ClickHouse, Oracle, BigQuery) used to provide operational context
  • Content from connected knowledge management systems (e.g., Confluence) used to inform AI responses
  • API responses from connected REST APIs used to provide context for ticket resolution

This data is collectively referred to as "Your Data." You retain full ownership of Your Data. We process it only as necessary to provide the Service to you.

Integration Credentials

To connect to your third-party systems, we securely store API tokens and credentials you provide. Credentials are encrypted at rest using AES-256 encryption and stored in isolated, per-organization environments. We use read-only access scopes wherever technically possible.

3. How We Use Your Information

We use collected information to:

  • Provide the Service — generate AI-assisted ticket responses and internal notes for your team
  • Power analytics and reporting dashboards within your account
  • Index and retrieve knowledge base content relevant to open tickets
  • Process billing and manage your subscription
  • Send transactional communications (account notices, usage alerts, invoices)
  • Respond to support requests and account inquiries
  • Detect, investigate, and prevent fraud, abuse, or security incidents
  • Operate, maintain, and improve the technical reliability of the Service

What we do not do with your data: We do not sell your data. We do not use Your Data to train AI or machine learning models. We do not share Your Data with AI model providers for training purposes. We do not use your customer's personal data for our own marketing.

4. Data Isolation and Security Architecture

Each customer organization operates in a dedicated, isolated environment. Your data, integration credentials, AI agents, and knowledge bases are stored separately from other customers and are not accessible across organizations. This includes:

  • Dedicated per-organization secret storage for integration credentials
  • Isolated AI agent instances and knowledge bases per organization
  • Per-organization access controls and authentication enforcement

Security measures we apply across the Service include:

  • Encryption of all data in transit (TLS) and at rest (AES-256)
  • Read-only access to connected third-party systems where technically possible
  • Full audit logging of all AI actions and data access events
  • Strict access controls limiting who can access customer data internally

Enterprise customers may additionally deploy the Service within a private VPC or on-premise environment for complete data isolation. SOC 2 Type II and ISO 27001 compliance details are available upon request for Enterprise customers.

5. Data Sharing and Disclosure

We do not sell or rent your personal information or Your Data. We may share information only in the following limited circumstances:

  • Infrastructure and Service Providers: With vetted third-party vendors who provide hosting, payment processing, authentication, email delivery, and similar services strictly on our behalf, subject to confidentiality obligations. Key providers include Stripe (payments) and Auth0 (authentication).
  • AI Model Providers: AI-generated responses are produced using large language models from third-party providers (currently Anthropic Claude). Ticket content and context are sent to the model API to generate a response. This data is transmitted under a data processing agreement and is not used to train models. We do not permit model providers to use your data for any purpose other than generating the immediate response.
  • Legal Requirements: When we are required by law, subpoena, court order, or government regulation, or when we believe disclosure is necessary to protect the rights, property, or safety of TicketMind, our customers, or others.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of all or substantially all of our assets. We will provide notice before Your Data is transferred and becomes subject to a different privacy policy.
  • With Your Consent: In any other circumstances with your explicit consent.

6. Data Retention

We retain Your Data for as long as your account is active and as necessary to provide the Service. Upon account cancellation or termination:

  • You may request a data export within 30 days of cancellation by contacting support@ticketmind.ai
  • After the 30-day export window, your data will be deleted or irreversibly anonymized from our systems
  • We may retain certain aggregated, non-identifiable usage statistics for business analytics purposes
  • We retain financial records and billing information as required by applicable law (typically 7 years)

Accounts that are inactive for more than 180 days (no active subscription and no logins) may be deleted after advance notification to the email address on file.

7. Your Rights

Depending on your location, you may have rights under applicable data protection laws, including the GDPR (EEA/UK) and CCPA (California). These rights may include:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete personal data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Restriction: Request that we restrict processing of your personal data in certain circumstances
  • Portability: Receive your personal data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Opt-out of sale: We do not sell personal data; no opt-out is required

To exercise these rights, contact us at support@ticketmind.ai. We will respond within 30 days (or the timeframe required by applicable law). We may need to verify your identity before processing requests.

8. International Data Transfers

Our infrastructure is primarily located in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States or other countries. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses (SCCs) where required by applicable law. Enterprise customers may request region-specific deployment options.

9. Cookies and Tracking

We use cookies and similar tracking technologies to operate the Service and understand usage. The types of cookies we use:

  • Essential cookies: Required for authentication, security, and basic Service functionality. These cannot be disabled.
  • Analytics cookies: Help us understand how users interact with the Service so we can improve it. You may opt out via your browser settings or by contacting us.

We do not use advertising or cross-site tracking cookies.

10. Children's Privacy

The Service is designed for business use and is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected information from a child, we will delete it promptly.

11. Google API Services User Data Policy

TicketMind's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and/or by posting a prominent notice in the Service at least 30 days before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, want to exercise your data rights, or have a privacy concern, please contact us:

Email: support@ticketmind.ai