← Back to Sticky Nodes
Privacy Policy

Your Data, Our Duty

Last Updated: 8th December 2025

Sticky Nodes is a product owned and operated by Toomee Limited (“We,” “Our,” or “Us”). We are committed to protecting your privacy and the security of the data you create and share within our platform.

This policy explains how we collect, use, and protect your personal data when you use the Sticky Nodes web application (sticky-nodes.com).

Note: This policy applies specifically to sticky-nodes.com. For the privacy policy regarding our corporate site, please visit toomee.com.

1. Types of Data We Collect

We collect data based on whether you are a Workshop Creator (account holder) or a Workshop Participant.

A. For Workshop Creators (Account Holders):

  • Identity Data: Name and login credentials.
  • Contact Data: Email address.
  • Billing Data: Payment information required to process your license (processed via our third-party payment providers).
  • Workshop Content: The design, layout, text, and logic flow of the nodes you build, including inputs into AI-powered nodes.

B. For Workshop Participants:

  • Session Data: Answers, votes, text inputs, and interactions submitted during a live workshop session.
  • Participant Identity: Information requested by the Workshop Creator (e.g., Name, Organization, Location, Occupation).
    Note: These fields are defined by the Creator, not Toomee.

C. Technical Data (All Users):

  • Device & Usage: IP address, browser type, device type, and interaction logs collected via our infrastructure providers (Firebase and Google Cloud).

2. How We Collect Your Data

  • Direct Interaction: When you sign up for an account, purchase a license, design a workshop workflow, or participate in a live session.
  • Automated Technologies: As you interact with the web app, our hosting providers (Firebase Hosting and Google Cloud Run) automatically collect technical data to ensure service stability and security.
  • AI Interactions: When a Creator utilizes an AI node, the input text is collected to generate a response via our AI supplier.

3. How We Use Your Data

We process your data for the following purposes:

  • Service Delivery: To provide the interactive workshop editor, save your workshop designs, and run live sessions.
  • AI Features: To generate responses within AI-powered nodes. We use Google Gemini as our AI provider.

Important: Your data is never used to train the AI models owned by Toomee or our suppliers.

Note: Data sent to the AI provider may be retained temporarily by them solely for abuse screening and safety monitoring.

  • Operational Maintenance: Toomee Support Technicians may access workshop flows and database entries to troubleshoot errors, perform maintenance, or provide customer support.
  • Security: To detect and prevent abuse of our platform.

We do not sell your personal data. Technical data and usage logs are used strictly for operational processes.

4. Where We Store Your Data

We utilize industry-leading cloud infrastructure to ensure your data is secure.

  • Hosting & Compute: Our web application is hosted on Firebase Hosting and Google Cloud Run.
  • Workshop Storage: Workshop designs and permanent user content are stored in Google Cloud Storage Buckets. This data is encrypted by default.
  • Session Database: Live session data (voting, participant inputs) is stored in a Firestore Database.
  • AI Processing: Data processed by AI nodes is handled by Google Cloud (Vertex AI/Gemini).

We ensure that our third-party infrastructure providers adhere to strict security standards compatible with the UK GDPR.

5. Data Retention

We retain personal data only as long as necessary to fulfil the purposes we collected it for.

  • Workshop Creator Data: Your workshop designs, layouts, and node contents are stored indefinitely until you manually delete the workshop or your account.
  • Live Session Data: Data generated during a live workshop (participant votes, inputs, answers) is retained for 24 hours after the session concludes. After this period, it is automatically deleted from our servers.
  • AI Data: Data sent to our AI supplier is retained temporarily by the supplier for abuse monitoring and then deleted. It is not stored permanently by Toomee.
  • Billing & Account Info: Retained for the duration of your subscription plus any period required by UK tax and accounting laws.

6. Lawful Basis for Processing

Under the UK GDPR, we rely on the following bases:

  • Contract: To provide the services you paid for (hosting workshops and saving designs).
  • Legitimate Interests: To maintain the security of our infrastructure, troubleshoot technical issues, and prevent abuse of our AI features.
  • Consent: When you voluntarily join a workshop as a participant and submit information.

7. Your Rights

Under UK data protection law, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Erasure: Request that we delete your account or specific data (e.g., deleting a workshop).
  • Correction: Request that we correct incomplete or inaccurate data.

To exercise any of these rights, please email us at contact@toomee.com.

8. Third-Party Links & Creators

  • External Links: Sticky Nodes may contain links to external websites. We are not responsible for the privacy practices of those sites.
  • Workshop Content: Please note that Workshop Creators (the users building the workshops) control the questions asked within a session. If you are a Participant, please be aware that the Creator may ask for personal info (e.g., occupation, location). Toomee processes this data on behalf of the Creator but does not control what data is requested.

9. Contact & Complaints

Toomee Limited is registered with the Information Commissioner’s Office (ICO) in the UK. If you have concerns about how we handle your data, you have the right to complain to the ICO.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113
Website: ico.org.uk