Privacy Policy

Last Updated: July 6, 2025

1. Introduction and Data Controller

The data controller responsible for the processing of your personal data is:

Tendery UG (haftungsbeschränkt)
Kreuzbergstraße 42a
10965 Berlin
Germany

Email: privacy@tendery.ai

2. Information We Collect and Legal Basis

We collect and process personal data to provide and improve our services. The legal basis for our processing is primarily the performance of our contract with you (Art. 6(1)(b) GDPR) and our legitimate interests (Art. 6(1)(f) GDPR).

• Account Information: When you create an account, we collect your name, email address, and company information. This is necessary to create and manage your account and fulfill our contractual obligations.
• Payment Information: For paid subscriptions, we collect billing details. These are processed securely by our payment provider (Stripe) and are necessary for contract performance. We do not store your credit card details on our servers.
• Usage Data: We may collect data on how you interact with our platform, such as features used and actions performed. We process this data based on our legitimate interest to analyze and improve the performance and usability of our service. This data is aggregated and anonymized wherever possible.
• Communications: If you contact us via email or our support channels, we will collect your contact information and the content of your message to respond to your inquiry.

3. Cookies and Similar Technologies

We use cookies and similar technologies to operate our website, secure our services, and, with your consent, to analyze and improve our platform.

• Necessary Cookies: Essential for the site to function correctly, including authentication cookies from Clerk when you sign in.
• Analytics Cookies (with consent): Help us understand how visitors interact with our public pages via PostHog. These cookies are only placed if you accept them in our cookie banner.

4. Data Sharing and Third-Party Processors

We do not sell your personal data. We share your data only with trusted third-party service providers who are essential for us to operate and provide our services. We have signed Data Processing Agreements (DPAs) with them where required.

Our key data processors include:

• Infrastructure and Hosting: Google Cloud Platform, Amazon Web Services, DigitalOcean
• Authentication and User Management: Clerk
• AI Features: Model providers used to deliver product functionality. We configure providers not to use customer data for model training where supported.
• Payment Processing: Stripe
• Transactional Emails: Resend
• Analytics and Product Improvement: PostHog (with consent)
• Support Communications: Google Workspace

Some providers are based outside the European Economic Area (EEA). In such cases, we use appropriate safeguards such as the EU-U.S. Data Privacy Framework or EU Standard Contractual Clauses (SCCs).

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including the duration of your account and any period required by law.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

7. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of Access (Art. 15 GDPR)
• Right to Rectification (Art. 16 GDPR)
• Right to Erasure (Art. 17 GDPR)
• Right to Restriction of Processing (Art. 18 GDPR)
• Right to Data Portability (Art. 20 GDPR)
• Right to Object (Art. 21 GDPR)
• Right to Lodge a Complaint with a supervisory authority

To exercise these rights, contact us at privacy@tendery.ai.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and, where appropriate, through email notification.