Privacy Policy

1. Introduction

Tali Tech ("we", "us", or "our") operates the Tali platform (the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, use our services, register for events, or interact with us in any way.

Effective Date: March 10, 2026

By accessing or using the Platform, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the Platform.

2. Information We Collect

2.1 Account Information

When you create an account, we may collect:

  • Full name
  • Email address
  • Phone number / WhatsApp number
  • Password (stored using secure hashing)
  • Date of birth
  • Gender
  • Bio / personal description
  • Job title and company name
  • Profile picture
2.2 Social Login Data

If you sign in using Google, Facebook, or Apple, we receive your OAuth ID and associated profile information (such as your name, email address, and profile picture) from those providers.

2.3 Reservation & Ticketing Data

When you register for or manage events, we collect:

  • Guest names, email addresses, and phone numbers
  • Social media links and notes provided during registration
  • Ticket details, ticket types, and booking references
  • QR codes generated for event access
2.4 Payment Information

When you make a payment, we collect billing details, transaction IDs, and payment status. We do not store full credit or debit card numbers. Card data is processed directly by our third-party payment gateways (Paymob, Paytabs, Banque Misr). We only store card tokens and masked card references necessary to display your payment history and process refunds.

2.5 Membership Data

If you hold a membership, we store your membership tier, status, and relevant dates.

2.6 Communication Data

We collect email addresses and phone numbers used for sending transactional messages, including event confirmations, ticket delivery, and service updates via email, SMS, and WhatsApp.

2.7 Automatically Collected Data

When you access the Platform, we may automatically collect:

  • IP address
  • Browser type and user agent
  • Hostname
  • Session data
  • Referrer URLs
2.8 User-Generated Content

We collect content you voluntarily submit, including contact form messages, event descriptions, and uploaded files such as receipts and images.

3. How We Use Your Information

We use the information we collect to:

  • Provide and operate the Platform, including event creation, ticketing, and reservation management
  • Process payments and manage billing, refunds, and transaction records
  • Send communications such as booking confirmations, ticket QR codes, event reminders, and service updates via email, SMS, and WhatsApp
  • Authenticate your identity and maintain account security
  • Provide customer support and respond to inquiries
  • Analyze and improve our services, user experience, and Platform performance
  • Comply with legal obligations and enforce our terms of service

4. Cookies & Session Data

We use cookies and session data to operate the Platform:

  • Authentication Cookies: We set cookies (such as NRSVP_AUTH and NRSVP_SECRET) to keep you signed in. These cookies have a 30-day expiry.
  • Session Management: We use server-side sessions to maintain your state as you navigate the Platform.

We do not use third-party advertising or tracking cookies. We do not serve targeted ads on the Platform.

5. Third-Party Services

We integrate with the following third-party services to operate the Platform. Each service processes data according to its own privacy policy:

Payment Processors
  • Paymob — processes card payments and mobile wallet transactions
  • Paytabs — processes card payments
  • Banque Misr (Mastercard Gateway) — processes card payments
Email Service
  • Mandrill (by Mailchimp) — delivers transactional emails; tracks delivery status, opens, and clicks
SMS Providers
  • SMS Misr — delivers SMS messages
  • Connekio — delivers SMS messages
Messaging
  • WhatsApp Business API (via Meta) — delivers WhatsApp messages for event confirmations and ticket delivery
Authentication
  • Google Sign-In — social login
  • Facebook Login — social login
  • Apple Sign-In — social login
Bot Protection
  • Google reCAPTCHA — protects forms from automated abuse
Cloud Storage
  • AWS S3 — stores uploaded files such as images and documents
CDN & External Resources
  • Cloudflare — content delivery and security
  • jsDelivr — delivers front-end libraries
  • Google Fonts — delivers web fonts
Server-Side Libraries
  • Dompdf — generates PDF documents (server-side only, no external data sharing)
  • PHP QR Code — generates QR codes (server-side only, no external data sharing)

6. Data Sharing

We share your personal information only in the following circumstances:

  • Service Providers: We share data with the third-party providers listed above solely to operate and deliver our services.
  • Event Organizers: When you register for an event, your registration details (such as name, email, and phone number) may be shared with the event organizer to facilitate your attendance.
  • Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request.

We do not sell your personal data to third parties.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Password hashing using bcrypt
  • Tokenized payment data — full card numbers are never stored on our servers
  • HTTPS encryption for all data in transit
  • Access controls and authentication requirements for administrative functions
  • Session management with secure cookie handling

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

8. Data Retention

  • Account Data: Retained for as long as your account remains active. You may request deletion at any time.
  • Transaction Records: Retained as required for legal, financial, and compliance purposes.
  • Activity Logs: Retained for auditing and security monitoring purposes.

If you wish to request the deletion of your personal data, please contact us using the details provided below.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate or incomplete data.
  • Deletion: Request that we delete your personal data.
  • Objection: Object to the processing of your personal data for certain purposes.
  • Data Portability: Request a copy of your data in a structured, commonly used format.
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at hello@itstali.com.

10. Children's Privacy

The Platform is not directed at children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by posting a notice on the Platform or by sending you an email. We encourage you to review this page periodically for the latest information on our privacy practices.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: