Privacy Policy

This Privacy Policy (the “Policy”) describes how Tenviq (“Tenviq”, “we”, “us”, “our”) collects, uses, shares, and protects personal information of visitors and customers of the Tenviq marketing site and the Tenviq starter (collectively, the “Product”).

This Policy does not apply to applications you build using the Product. When you deploy the Product and collect data from your own users, you are the controller of that data and solely responsible for your own privacy practices.

Tenviq is the data controller for personal information collected through its marketing site and purchase flow. For privacy inquiries, contact privacy@tenviq.com.

We only collect what we need to sell, deliver, and improve the Product.

• Account information. Name, email address, password hash, profile image, organization name, and authentication provider identifiers when you create an account.
• Purchase information. Billing name, billing email, country, postal code for tax purposes, subscription status, invoices, and a payment-method reference. Full payment card details are collected and stored by our payment processor and never touch our servers.
• Usage data. Pages visited, referrer, device type, browser, approximate location derived from IP address, timestamps, and in-product events we use to operate, secure, and improve the Product.
• Support communications. Emails, messages, and any attachments you send us, along with our responses.
• Cookies and similar technologies. Session cookies to keep you signed in, preference cookies, and optional analytics cookies. See Section 08.

We do not intentionally collect special categories of personal data (for example, health, political opinions, biometrics). Please do not send such data through support channels.

We use personal information to:

• Create and operate your account and deliver the Product;
• Process purchases, issue invoices, and administer subscriptions;
• Provide customer support, announcements, and Product-related updates;
• Protect the Product against fraud, abuse, and unauthorized access;
• Operate, maintain, diagnose, secure, and improve the Product;
• Send transactional emails such as receipts, security alerts, and service notices;
• Send marketing emails only where permitted by law and with the ability to unsubscribe at any time;
• Comply with legal obligations and enforce our Terms.

Where applicable privacy law (including the GDPR and the UK GDPR) requires a legal basis, we rely on:

• Contract. To create your account, process payments, and deliver the Product.
• Legitimate interests. To secure, operate, measure, and improve the Product, and to contact existing customers about closely related services.
• Consent. For optional analytics cookies, marketing communications to new prospects, and any other processing that requires it. You can withdraw consent at any time.
• Legal obligation. For tax, accounting, and compliance with lawful requests.

We do not sell or rent personal information. We share it only with vetted service providers who help us run the Product under contractual confidentiality and data-protection obligations. These providers act as processors on our behalf and include:

• Hosting and content delivery providers;
• Our payment processor for purchases and invoicing;
• Our transactional email provider;
• Our authentication, identity, and OAuth providers, limited to the methods you choose to use;
• Error-monitoring and product-analytics tools;
• Customer-support tooling;
• AI model providers, only when you actively use AI features.

We also share information when:

• Required by law, subpoena, court order, or valid governmental request;
• Needed to protect the rights, property, or safety of Tenviq, our customers, or others, including to prevent fraud;
• Part of a merger, acquisition, financing, or sale of assets, in which case we will require the recipient to honor this Policy.

We retain personal information only for as long as needed for the purposes described in this Policy.

• Account information is kept for the life of your account and for a reasonable period thereafter to handle reinstatement, fraud prevention, and legal obligations.
• Purchase records are retained for the period required by tax and accounting law in the relevant jurisdictions.
• Support communications are retained while they remain relevant to ongoing support, and are then archived or deleted.
• Usage logs are retained for security, fraud, and diagnostics for a limited period, typically not exceeding twenty-four months.

When retention expires, we delete or irreversibly anonymize the information.

We use a minimal set of cookies and equivalent technologies: strictly necessary cookies to keep you signed in and to maintain session state, preference cookies to remember your settings, and analytics cookies to understand aggregated usage.

Where required, analytics and non-essential cookies are set only with your consent. You can block or delete cookies in your browser settings at any time; strictly necessary cookies cannot be disabled without breaking the Product.

Tenviq and its service providers may process personal information in countries other than your country of residence, including the United States and Canada. Where required, we rely on recognized transfer mechanisms such as Standard Contractual Clauses or equivalent safeguards.

By using the Product, you understand that your information may be transferred to and processed in these countries.

Depending on where you live, you may have the right to access, correct, update, or delete your personal information; to object to or restrict certain processing; to receive a portable copy of your data; and to withdraw consent.

To exercise these rights, contact privacy@tenviq.com. We will respond within the timeframe required by applicable law. We may verify your identity before acting on a request and may decline requests that are unfounded, excessive, or that would compromise the rights of others.

You also have the right to lodge a complaint with your local data protection authority, though we hope you will contact us first.

We apply reasonable technical and organizational measures designed to protect personal information, including encryption in transit, access controls, hashed credentials, audit logging, and regular review of our infrastructure.

No method of electronic storage or transmission is perfectly secure. In the event of a personal data breach that is likely to result in a risk to your rights, we will notify affected users and the relevant authorities as required by law.

The Product is not intended for, and we do not knowingly collect personal information from, individuals under 16 years of age. If you believe a minor has provided us with personal information, contact privacy@tenviq.com and we will take appropriate steps to delete it.

The Product may link to third-party websites, services, and dependencies that are not operated by Tenviq. Their information practices are governed by their own policies, which we recommend you review. Tenviq is not responsible for the content, privacy practices, or security of third-party sites.

Some browsers transmit “Do Not Track” signals. Because there is no uniform industry standard for interpreting these signals, we do not respond to them at this time. We will update this Policy if and when a standard is adopted.

We may update this Policy from time to time. The updated Policy will be posted at this URL with a revised “Last updated” date and version number. Material changes will be communicated prominently in the Product or by email. Your continued use of the Product after the effective date means you accept the updated Policy.

For any question about this Policy, your personal information, or our privacy practices, contact privacy@tenviq.com.