Communication Policy

At TukuToi, we prioritize secure, efficient, and transparent communication with our clients. This policy details our communication channels, document delivery methods, and the responsibilities of all parties involved.

This document outlines TukuToi LLC’s policies regarding communication methods, secure document delivery, and client responsibilities.

Accepted Communication Channels

  • Email (Primary Channel): All official communication begins via email (either directly or using the Contact Form on our Website). This includes initial contact, client inquiries, invoices, contracts, and formal notices.
  • GitHub: For active projects, GitHub is used for issue tracking, code discussions, and task collaboration. Clients are expected to use the agreed-upon repositories for project-related interactions.
  • Slack / Mattermost: For real-time communication, we may use Slack or Mattermost. These platforms support quick clarifications, informal updates, or time-sensitive collaboration.
  • Exclusions: We do not engage in communication via phone calls, SMS, handwritten letters, or other non-digital or not-listed-above means. This ensures consistency, security, and a traceable history of all communications.

Secure Document Delivery

To maintain the integrity and confidentiality of our communications:

  • Digital Signatures: All official documents, such as contracts, invoices, and receipts, are digitally signed using GPG (GNU Privacy Guard). This ensures the authenticity and integrity of the documents. All emails from TukuToi LLC come with GPG Signature, and if the Client uses encryption, they will be encrypted as well.
  • Encryption: All sensitive documents are encrypted before transmission. Recipients will receive a .gpg file via email, which can be decrypted using standard GPG tools or through our secure Document Verification Portal.
  • Verification: Clients can verify the authenticity of received documents by checking the digital signature against our public GPG key, available on our website.

No Traditional Signatures

We do not engage in traditional pen-and-ink signatures. These belong to a bureaucratic past and offer no real verification in today’s digital landscape. Our commitment to integrity and authenticity is fulfilled using cryptographic digital signatures (GPG), which are verifiable, tamper-proof, and aligned with modern best practices.

Client Responsibilities

To facilitate seamless communication and document handling:

  • Email Monitoring: Clients should regularly monitor their email for communications from TukuToi and ensure that emails from our domain are not marked as spam.
  • GPG Tools: Clients are encouraged to install and maintain GPG tools to decrypt and verify documents. Guidance on setting up these tools is available on our Documentation Page. Clients are also welcome to use our secure Document Verification Portal.
  • Public Key: Clients should provide their public GPG key to TukuToi to enable encrypted communications if available.

Exceptions

While we strive to maintain consistency in our communication methods:

  • Unencrypted Communications: Certain general announcements or non-sensitive communications may be sent unencrypted for convenience.
  • Alternative Arrangements: In exceptional circumstances, alternative communication methods may be arranged upon mutual agreement.

Updates to This Policy

TukuToi reserves the right to update this Communication Policy as necessary. Clients will be notified of significant changes via email.

By engaging with TukuToi, clients acknowledge and agree to adhere to this Communication Policy, ensuring secure and efficient interactions.