Privacy Policy

Last updated: April 15, 2026

This Privacy Policy explains how Tikevo ("we", "us", "our") collects, uses, shares, and protects personal information when you visit tikevo.com (the "Site"). We take your privacy seriously and aim to comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, the ePrivacy Directive, the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and applicable Ontario laws.

1. Data Controller

The controller of your personal information is:

• Tikevo
• Address: Toronto, Canada
• Email: privacy@tikevo.com

If you are in the EEA or UK, you may contact us at the email above for any GDPR/UK-GDPR-related request. We have not appointed an EU/UK representative because our processing does not meet the Article 27 threshold; if this changes we will update this policy.

2. Categories of Personal Information We Collect

We collect the following categories of personal information:

• Analytics identifiers and usage data — pseudonymous cookie/device identifiers (e.g., GA4 client ID), pages viewed, time on page, scroll depth, referring URL, session timestamps.
• Network and device data — IP address (truncated where possible), user-agent string, browser type and version, operating system, device type, approximate location derived from IP, language preference.
• Advertising data — cookies and identifiers set by Google AdSense and its ad partners to measure, frequency-cap, and (where you consent) personalize ads.
• Affiliate click data — short-lived click identifiers appended when you follow an affiliate link to Amazon, used to attribute commissions.
• Contact data you provide voluntarily — email address and any message content if you email us or submit a contact form.

We do not intentionally collect "sensitive personal information" under the CPRA, and we do not collect special categories of personal data under GDPR Article 9.

3. Sources of Personal Information

• Directly from you — when you contact us or submit a form.
• Automatically from your device — via cookies, pixels, local storage, and server logs when you browse the Site.
• From our advertising and analytics partners — Google (GA4 and AdSense), Amazon (Associates click tracking), Cloudflare (edge/CDN request data), and Google Funding Choices (consent signals).

4. Purposes of Processing

• Operate, secure, and maintain the Site and its infrastructure.
• Measure audience, content performance, and aggregate traffic patterns.
• Serve contextual and (with consent) personalized advertising.
• Attribute affiliate-link click-throughs and purchases for commission accounting.
• Respond to inquiries you send us.
• Detect, prevent, and investigate fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our terms.

5. Legal Bases (GDPR / UK GDPR)

• Consent (Art. 6(1)(a)) — for analytics cookies, advertising cookies, and any personalized-ad processing. You may withdraw consent at any time via Manage Cookie Preferences.
• Legitimate interests (Art. 6(1)(f)) — for Site security, fraud prevention, aggregated traffic diagnostics, and affiliate click attribution. Our legitimate interests are keeping the Site available and monetizing editorial content that is otherwise free. You can object at any time (see Section 9).
• Performance of a contract / pre-contractual steps (Art. 6(1)(b)) — where you contact us about a specific matter and we need to reply.
• Legal obligation (Art. 6(1)(c)) — where retention or disclosure is required by law.

6. Third-Party Processors and Recipients

We share limited personal information with the following processors and partners. Each operates under its own privacy policy:

• Google Analytics 4 (Google LLC / Google Ireland Ltd.) — property ID G-W1JDZJL0NG. policies.google.com/privacy
• Google AdSense (Google LLC / Google Ireland Ltd.) — publisher ID ca-pub-9840704317144368. policies.google.com/technologies/ads
• Google Funding Choices (Consent Management Platform). support.google.com/fundingchoices
• Amazon Associates Program — affiliate tag bau0c1-20. Amazon Privacy Notice
• Cloudflare, Inc. — static hosting, CDN, and edge security. cloudflare.com/privacypolicy

We may also disclose information where required by law, court order, or governmental request, or to protect the rights, property, or safety of Tikevo, our users, or others.

7. International Data Transfers

Our processors are primarily located in the United States. When we transfer personal information from the EEA, UK, or Switzerland to the US or other third countries, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, and — where our US processors self-certify — the EU-US Data Privacy Framework, the UK Extension, and the Swiss-US Data Privacy Framework. Google LLC and Cloudflare, Inc. are certified under the Data Privacy Framework. Copies of relevant transfer mechanisms are available on request.

8. Retention

• Google Analytics 4: user- and event-level data is retained for 14 months (the GA4 default we use), after which it is deleted from GA4.
• Cloudflare / server logs: up to 90 days for security, abuse detection, and diagnostics.
• Amazon affiliate click identifiers: approximately 24 hours on the Amazon side, per Amazon Associates program rules.
• AdSense cookies: as set out in Section 10 of our Cookie Policy; generally up to 13 months.
• Email correspondence: up to 24 months from last contact, unless a longer period is required by law.

9. Your Rights

9.1 GDPR and UK GDPR

If you are in the EEA, UK, or Switzerland, you have the right to:

• Access the personal information we hold about you.
• Request rectification of inaccurate or incomplete data.
• Request erasure ("right to be forgotten").
• Restrict processing in certain circumstances.
• Receive your data in a portable, machine-readable format.
• Object to processing based on legitimate interests, including profiling.
• Withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).
• Lodge a complaint with a supervisory authority — in the UK, the Information Commissioner's Office (ICO, ico.org.uk); in the EEA, your national Data Protection Authority (see the EDPB members list ).

9.2 CCPA / CPRA (California Residents)

If you are a California resident, you have the right to:

• Know the categories and specific pieces of personal information we collect, the sources, purposes, and third parties we share with.
• Delete personal information we have collected from you.
• Correct inaccurate personal information.
• Opt out of the "sale" or "sharing" of personal information — see Section 10.
• Limit the use and disclosure of sensitive personal information.
• Non-discrimination for exercising your rights — we will not deny service, charge different prices, or provide a different quality of service.
• Designate an authorized agent to make a request on your behalf. We will ask for written permission and verification.

To exercise these rights, email privacy@tikevo.com with the subject line "CCPA Request". We will verify your request using the email address you submit from, and respond within 45 days.

9.3 PIPEDA (Canada)

If you are in Canada, you have the right to:

• Access your personal information and request an account of its use and disclosure.
• Request correction of inaccurate personal information.
• Withdraw consent, subject to legal or contractual restrictions.
• File a complaint with the Office of the Privacy Commissioner of Canada (priv.gc.ca) or, for Ontario-specific matters, the Information and Privacy Commissioner of Ontario (ipc.on.ca).

10. Do Not Sell or Share My Personal Information

We do not sell personal information for money. However, the use of advertising cookies through Google AdSense and its partners may qualify as a "sale" or "sharing" of personal information under the CPRA, and as targeted advertising under other US state privacy laws.

You can opt out in any of the following ways:

• Click Manage Cookie Preferences and disable Advertising cookies.
• Enable the Global Privacy Control (GPC) signal in your browser. We honor GPC as a valid opt-out of sale/share, and publish our machine-readable GPC support at /.well-known/gpc.json.
• Email privacy@tikevo.com with the subject line "Do Not Sell or Share".

11. Children's Privacy

The Site is not directed to children. We do not knowingly collect personal information from children under 13 (per the US Children's Online Privacy Protection Act, COPPA) or under 16 (per GDPR Article 8 / "GDPR-K"). If you believe a child has provided us with personal information, contact privacy@tikevo.com and we will delete it.

12. Security

All traffic to and from the Site is encrypted via TLS. We use Cloudflare for DDoS mitigation, WAF protections, and edge security. We apply reasonable technical and organizational measures to protect personal information against loss, misuse, and unauthorized access. No method of transmission or storage is 100% secure.

13. Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of it, in accordance with GDPR Article 33. Where the breach is likely to result in a high risk to affected individuals, we will notify them directly without undue delay (GDPR Article 34). Canadian residents will be notified of any breach of security safeguards posing a real risk of significant harm, in accordance with PIPEDA.

14. Do Not Track

Some browsers send a "Do Not Track" (DNT) signal. Because there is no industry consensus on how DNT should be interpreted, the Site does not currently respond to DNT signals. We do, however, honor the Global Privacy Control (GPC) signal as an opt-out of sale/share (see Section 10).

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be announced on the Site and, where required, communicated to you before they take effect.

16. How to Exercise Your Rights / Contact

To exercise any right described in this policy, or to ask a privacy question, email privacy@tikevo.com. You may also write to us at the postal address in Section 1. We will respond within the timeframes required by applicable law (30 days under GDPR/PIPEDA; 45 days under CCPA/CPRA, extendable once).

See also our Cookie Policy and Affiliate Disclosure.