Privacy Policy

This Privacy Policy explains how Desk5 ("we", "us", or "our") collects, uses, and protects your personal data when you use our service. We are committed to handling your data with transparency, care, and compliance with global data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and Japan's Act on the Protection of Personal Information (APPI).

1. Who We Are

Desk5 is currently operated by Teyon S.A., a Polish-based company. In the future, operation of the Service may be transferred to a U.S.-based entity. We will update this Privacy Policy accordingly.

2. Data We Collect

We may collect the following personal data:

• •

  Name

• •

  Email address

• •

  Organization name (if part of a team account)

• •

  IP address and device information

3. How We Use Your Data

We use your personal data to:

• •

  Provide and maintain the Desk5 service

• •

  Manage user accounts and subscriptions

• •

  Send important updates or service-related notices

• •

  Improve performance, availability, and security

• •

  Respond to support inquiries

We do not sell your personal data.

4. Legal Bases for Processing

We process your data under one or more of the following legal bases:

• •

  Performance of a contract (e.g. your account)

• •

  Your consent (where applicable)

• •

  Our legitimate interests (e.g. preventing abuse, improving services)

• •

  Compliance with legal obligations

5. Data Sharing and Transfers

We may share data with:

• •

  Infrastructure providers (e.g. hosting, database)

• •

  Legal authorities, if required by law

Data may be transferred outside the European Economic Area (EEA), including to the United States and Japan. We use legal safeguards such as:

• •

  Standard Contractual Clauses (SCCs)

• •

  The EU-U.S. Data Privacy Framework

• •

  Vendor contracts and audits

6. Data Retention

We retain your personal data for as long as necessary to provide the Desk5 service, fulfill legal obligations, and resolve disputes.

We may retain certain personal data after an account deletion request where required by law or necessary for legitimate business purposes, such as recordkeeping, dispute resolution, or fraud prevention. Such data is securely archived and access is restricted.

7. Your Rights

Depending on your location, you may have the right to:

• •

  Access your data

• •

  Correct inaccurate data

• •

  Delete your data

• •

  Withdraw consent (where processing is based on consent)

• •

  Object to processing or request restriction

• •

  Port your data to another provider

To exercise your rights, contact us at [email protected]

8. Security

We use appropriate technical and organizational measures to protect your data, including encryption, access controls, and regular security reviews.

9. Children

The Service is not intended for use by children under the age of 13 (or the minimum age required in your jurisdiction). We do not knowingly collect data from children without parental consent.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are significant, we will notify you via email or in-app messaging.

11. Contact Us

If you have any questions or concerns, please contact us at:

[email protected]