Twindevs

Home / Privacy Policy

Legal

Privacy Policy

Last updated: June 26, 2026 · Operated by Twindevs LLC.

This policy explains what information Twindevs collects, how we use it, and the choices you have. We build privacy-first, local-first software, and we keep this policy plain.

SMS consent is never sold or shared. We do not sell, rent, or share mobile opt-in information, SMS consent, or phone numbers collected for text messaging with third parties or affiliates for their own marketing or promotional purposes.

1. Who we are

Twindevs (“we,” “us”) provides a suite of software products — including TwinMail, TwinContacts, TwinVault, TwinHermes, and TwinSystem — and an account portal at dossier.diplov.ai. For privacy questions, contact dylan@twindevs.ai.

2. Information we collect

  • Account information — name, email address, and (if you provide it) your mobile phone number.
  • Consent records — your opt-in/opt-out decisions for each notification channel, with a timestamp, the source of the decision, and limited request context (IP address, user agent) kept as compliance evidence.
  • Content you submit — contact form submissions, proposals, and messages exchanged in the portal.
  • Operational and security logs — audit log entries for security- and consent-relevant events.
  • Product data — for local-first products, your core data (such as email, contacts, or vault entries) is processed on your device. Anything that leaves your device for an optional cloud feature is disclosed to you and requires your explicit consent.

3. How we use information

  • To operate your account and provide the products and the portal.
  • To send notifications you have opted into (see Messaging & SMS).
  • To verify identity and protect against fraud and abuse.
  • To meet legal, tax, and compliance obligations.

4. SMS / text messaging

If you opt in, we send transactional and account text messages (verification codes, account and billing notices, message/proposal alerts, and service or maintenance notices). SMS is off by default and requires explicit opt-in at signup or in your portal settings. You can opt out at any time by replying STOP or turning off SMS in your settings. Message & data rates may apply. The phone number and consent information used for SMS are used only to deliver these messages and are never shared for third-party marketing. Full details are on our Messaging page.

5. How we share information

We share information only with service providers (“sub-processors”) that help us run the service, under contract and only as needed:

Sub-processorPurpose
TwilioSMS message delivery and inbound STOP/HELP handling
Email delivery providerTransactional email notifications
Hosting / infrastructureApplication hosting, storage, and content delivery

We may disclose information if required by law, to enforce our terms, or to protect the rights, safety, and security of our users and our service. We do not sell personal information.

6. Data retention

We keep data only as long as needed for operations, security, and compliance. Default windows:

DataRetention
Signup requests30 days
Sessions30 days after expiry or revocation
Contact leads24 months
Proposals, threads, messages, attachments36 months after the related proposal closes
Consent records7 years
Audit logs7 years

Consent and audit records are kept longer because they are legal/compliance evidence. A legal hold always overrides scheduled deletion.

7. Your rights and choices

  • Access & export — you can request a copy of your data; export is supported.
  • Deletion — you can request deletion of your account data, subject to legal-hold and record-keeping obligations.
  • Notification choices — opt in or out of SMS and email at any time in your portal settings.
  • Regional rights — depending on where you live (e.g., GDPR/EEA, CCPA/California), you may have additional rights to access, correct, delete, or restrict processing, and to lodge a complaint with your supervisory authority.

To exercise any of these, email dylan@twindevs.ai. We verify identity and account ownership before acting on a request.

8. Security

We use industry-standard safeguards including encryption in transit, signed/authenticated internal endpoints, webhook signature validation for inbound messaging, append-only audit logging, and least-privilege access. No system is perfectly secure, but security is a core design goal across our products.

9. Cookies

This marketing site uses no advertising or third-party tracking cookies. It stores a single local preference (your light/dark theme choice) in your browser. The signed-in portal uses a session cookie that is strictly necessary to keep you logged in.

10. Children

Our products are not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their personal information.

11. Changes to this policy

We may update this policy from time to time. We will revise the “Last updated” date above and, for material changes, provide additional notice where appropriate.

12. Contact

Twindevs LLC · San Francisco, CA
Email: dylan@twindevs.ai