Legal

Privacy policy

Last updated: 26 April 2026

T&C Technologies LTD ("we", "us", "our") respects your privacy. This Privacy Policy explains how we collect, use, share, and protect personal information when you use the Momentumpro platform ("Service"). It complements our Terms of service.

We are committed to processing personal data in a way that respects user privacy and complies with applicable data protection laws including the EU General Data Protection Regulation (GDPR) and Israeli Privacy Protection Law 5741-1981.

1. Roles

For the personal data of employees of our Customers, our Customers (the organizations subscribing to Momentumpro) are the data controllers and we act as the data processor. The Customer determines what data is collected, how long it's retained, and the lawful basis for processing.

For personal data we collect directly from website visitors and account administrators (e.g. through our marketing site, contact form, or billing portal), we are the data controller.

2. Information we collect

From visitors and prospective customers

  • Contact information you submit via our contact or trial signup form (name, email, company, phone, message);
  • Technical data automatically collected from your browser (IP address, user agent, page-view timestamps);
  • Cookie data as described in our Cookie policy.

From Customers and their Users

  • Account credentials (email, hashed password, two-factor secrets where enabled);
  • Profile data the User chooses to add (name, phone, avatar, language preference);
  • Authentication metadata (login timestamps, IP, device type, browser);
  • Audit-log data (records of changes Users make to data within the Service);
  • Content uploaded by the Customer (employee records, documents, vendor data, etc. — entirely controlled by the Customer);
  • Billing data for paying Customers (company name, billing address, tax ID, last 4 of payment card via our payment processor — we never store full card numbers).

3. How we use information

  • Provide the Service: authenticate Users, store and serve Customer Content, deliver notifications, process payments;
  • Communicate: respond to support requests, send service updates, security alerts, billing notices, and (with consent) product newsletters;
  • Improve the Service: analyze usage trends in aggregate (no individual profiling), debug, prevent fraud and abuse;
  • Comply with legal obligations: tax records, court orders, regulatory requirements.

We do not sell personal data, share it with advertisers, or use Customer Content to train machine-learning models.

4. Legal bases for processing (GDPR)

  • Contract: processing necessary to deliver the Service to which you've subscribed;
  • Legitimate interest: securing the Service, preventing abuse, improving features (balanced against your rights);
  • Consent: marketing communications, optional cookies, where required by law;
  • Legal obligation: tax records, anti-fraud measures, responding to lawful requests.

5. Sharing & disclosure

We share personal data only with:

  • Sub-processors who help us operate the Service: hosting (Hetzner Online GmbH, Germany), email delivery (Postmark / Amazon SES), payment processing (Lemon Squeezy), error tracking (Sentry). All sub-processors are bound by data-processing agreements and equivalent confidentiality obligations.
  • Customers — we share authentication metadata and User activity within the Customer's own tenant. Cross-tenant data is never shared.
  • Legal authorities when required by law, court order, or to protect rights, property, or safety. We notify the affected Customer unless legally prohibited.
  • Successor entities in the event of a merger, acquisition, or asset sale — your data will be subject to a privacy policy at least as protective as this one.

A current list of sub-processors is available on request from privacy@momentumpro.pro.

6. International transfers

Our primary servers are located in Germany (EU). For sub-processors located outside the EU/EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other transfer mechanisms recognized under GDPR.

7. Data retention

  • Active subscription: we retain Customer Content for the duration of your subscription;
  • After cancellation: Customer Content is retained for 30 days (allowing recovery), then permanently deleted. Backups purged within 90 days;
  • Audit logs: retention varies by plan (90 days on Starter, 1 year on Professional, 7 years on Enterprise);
  • Billing records: retained for 7 years for tax and accounting compliance;
  • Support correspondence: 3 years.

8. Your rights

Under GDPR and Israeli law, you have the right to:

  • Access the personal data we hold about you;
  • Rectify inaccurate or incomplete data;
  • Erase your personal data ("right to be forgotten");
  • Restrict or object to certain processing;
  • Data portability — receive your data in a structured, commonly used format;
  • Withdraw consent at any time where processing is based on consent;
  • Lodge a complaint with your local supervisory authority (in Israel: PPA — Privacy Protection Authority).

For Customer Users: most of these rights are exercised through your Customer's HR or admin team, since they control your account. Use the in-app Privacy Centre to download your data or request deletion.

For account administrators and direct customers: contact privacy@momentumpro.pro and we'll respond within 30 days.

9. Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption of data in transit (TLS 1.2+) and at rest;
  • Per-tenant database isolation;
  • Hashed and salted password storage (bcrypt);
  • Role-based access controls and least-privilege principles;
  • Regular automated backups;
  • Activity logging and security monitoring;
  • Annual security reviews.

No system is perfectly secure. In the unlikely event of a breach affecting your personal data, we will notify you and the relevant supervisory authorities within 72 hours of becoming aware, as required by law.

10. Children's privacy

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we've inadvertently collected such data, please contact us and we'll delete it.

11. Cookies & tracking

See our separate Cookie policy.

12. Updates to this policy

We may update this Privacy Policy occasionally. Material changes will be communicated via email and an in-app notice at least 30 days before taking effect.

13. Contact

Privacy questions or requests: privacy@momentumpro.pro
Postal: T&C Technologies LTD · Hizma Street 7, Beit Hanina, Jerusalem, Israel

If anything in this document is unclear, email us at legal@momentumpro.pro and we'll explain.

Operated by T&C Technologies LTD · Hizma Street 7, Beit Hanina, Jerusalem, Israel · Company Reg. 516092582

Other policies

Terms of service Privacy policy Refund policy Cookie policy

Essential cookies only

We don't run analytics or advertising trackers. Just what's required to keep you signed in. Cookie policy.

Learn more