TTC.DEV
Privacy Policy
Effective 2026-05-09 / Last updated 2026-05-09
This Privacy Policy describes how Taco Truck Creative LLC, doing business as TTC DEV ("we," "us," "our"), collects, uses, and protects information in connection with the TTC DEV platform and related services.
1. Who we are
TTC DEV is a development firm building custom platforms, integrations, and AI-powered tooling for partners. Our primary contact is nexstar@ttcdev.app.
2. Who this applies to
This policy applies to:
- Partners who engage TTC DEV to build, operate, or manage software, integrations, or marketing infrastructure on their behalf.
- Authorized representatives at partner organizations who interact with our platforms and tooling.
- Visitors to TTC DEV web properties.
3. Information we collect
To deliver our services, we collect and process the following:
- Authorization tokens from third-party platforms (Google, Meta, LinkedIn, TikTok, and similar) that partners expressly authorize through standard OAuth flows.
- Account configuration and performance data from those platforms, retrieved via official APIs on the partner's behalf.
- Conversion and engagement data from partner websites, CRMs, and call-tracking systems integrated with consent.
- Business contact information for partner representatives, including names, email addresses, phone numbers, and roles.
- Service-agreement records documenting the scope of authorization granted to TTC DEV.
- Standard server logs from web properties (IP, user agent, referrer, timestamps) for security and operational analytics.
4. How we use information
- To operate the platforms, integrations, and services partners have engaged us to deliver, scoped strictly to what they have authorized.
- To produce performance reports for partners.
- To communicate with partners about their engagements, performance, and the service.
- To maintain the security and reliability of the platforms we operate.
- To comply with our legal and regulatory obligations.
5. Authentication and credentials
We use OAuth 2.0 with offline access to obtain partner authorization for third-party platforms. We never request, store, or transmit partner passwords. Refresh tokens are encrypted at rest in a per-partner key vault using AWS KMS. Token reads are audit-logged. Partners may revoke our access at any time, and we honor revocation immediately.
6. Sharing
We do not sell partner data. We share data only with:
- The third-party platforms necessary to operate the service (Google, Meta, LinkedIn, etc.), and only as required to perform the authorized work.
- Service providers (cloud infrastructure, analytics, communications) under contractual confidentiality obligations.
- Legal authorities where required by law.
7. Storage and security
Data is stored in TTC DEV-controlled infrastructure in the United States. We apply industry-standard security measures including encryption at rest and in transit, scope-of-least-privilege access, audit logging of every action taken on partner accounts, and a sandbox-first discipline that prevents unverified writes to production. Access to partner data is restricted to authorized TTC DEV personnel and automated systems acting on their behalf.
8. Retention
- OAuth tokens: retained until revoked by the partner or until the engagement ends.
- Performance reports and account configuration data: retained for the duration of the engagement plus 24 months for historical reporting.
- Audit logs of API actions: retained for 7 years.
- Conversion data uploaded to third-party platforms: held in a transient buffer and cleared post-upload.
9. Partner rights
Each partner may, at any time:
- Request a list of every action we have taken on their accounts (we provide this from our audit log).
- Revoke our access to any of their connected platforms.
- Terminate their service agreement and request deletion of their data, subject to legal retention requirements.
- Request correction of any inaccurate information we hold about them.
- Contact us with privacy questions or concerns at nexstar@ttcdev.app.
10. Cookies and analytics
TTC DEV web properties use a minimal set of first-party cookies for authentication and session management. We use server-side analytics for traffic and security. We do not use third-party advertising cookies on our own properties. Partner websites may use cookies and tracking technologies in line with their own privacy policies.
11. Compliance with platform terms
We comply with the published API terms of every platform we integrate with, including Google API Services User Data Policy, Meta Platform Terms, LinkedIn API Terms of Use, and others. We comply with the Limited Use Requirements where applicable.
12. Children's privacy
TTC DEV is a business-to-business service. We do not knowingly collect data from children under 13.
13. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be communicated to active partners in advance. The "Last updated" date at the top of this page reflects the most recent revision.
14. Contact
For privacy questions, requests, or concerns, contact us at:
Taco Truck Creative LLC, dba TTC DEV
Attn: Privacy
Email: nexstar@ttcdev.app
Web: https://nexstar.ttcdev.app
© 2026 Taco Truck Creative LLC. All rights reserved.