Skip to main content
tendly
Answering nowStart free

Privacy Policy

Last updated: May 17, 2026

Draft for counsel review.This document is a template starter; it is NOT a binding contract until reviewed and approved by Tendly's legal counsel.

1. Who we are

Tendly is a software platform for home service businesses. This policy describes how we collect, use, and share personal data when you use the Service.

2. What we collect

  • Account data: name, email, phone, business name, billing details.
  • Customer data: the leads, customers, and conversations you load into Tendly to provide the Service.
  • Usage data: page views, feature usage, IP address, browser fingerprint, performance metrics — for analytics and security.
  • Voice + SMS transcripts: AI-handled calls and SMS conversations are transcribed and stored for the duration of your subscription, then deleted on the schedule below.

3. How we use it

  • To deliver and operate the Service you signed up for.
  • To improve our AI agents and infrastructure.
  • To bill you and prevent payment fraud.
  • To respond to support requests and security events.
  • To send you product updates you can unsubscribe from.

4. Third-party processors

Tendly relies on these processors to operate. Each is bound by a Data Processing Agreement and is selected for their security posture:

  • Vercel — application hosting + edge network
  • Supabase — database + authentication
  • Cloudflare — voice bridge + DNS
  • Twilio — voice + SMS delivery
  • Stripe — payments + Connect Express partner payouts
  • Deepgram — voice transcription + AI agent orchestration
  • Anthropic / Google — language models powering the AI
  • Resend — transactional email
  • Sentry — error monitoring

5. Sharing

Tendly does not sell personal data. We share it only with the processors above to deliver the Service, or when required by law.

6. Your rights

  • Access + portability: export your data via /admin/settings or by writing to privacy@usetendly.com.
  • Deletion: request deletion at any time. We honor the request within 30 days; some records may be retained longer for billing, fraud, or legal compliance.
  • Correction: request corrections to inaccurate data.
  • Do Not Sell (CCPA): we do not sell personal data; this right is honored automatically.
  • EU/UK rights (GDPR): standard contractual clauses apply for any EU/UK data transferred to the US.

7. Retention

We keep your data for the duration of your subscription plus 30 days. Voice call recordings and transcripts are kept for 12 months unless you request earlier deletion.

8. Cookies

We use first-party cookies for authentication and session management, and a localStorage entry for partner-attribution capture (60-day TTL). We do not use cross-site tracking cookies.

9. Security

Twilio auth tokens are encrypted with AES-256-GCM at rest. All Tendly traffic is HSTS-preloaded HTTPS. We log security events to Sentry and rotate secrets quarterly.

10. Contact

Privacy questions: privacy@usetendly.com