Skip to main content
Tendara

Legal

Privacy Policy

Last updated: April 1, 2026

Tendara Health, Inc. is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights as a user of our platform.

Information We Collect

We collect information in three ways: directly from you, automatically as you use our platform, and from authorized third-party integrations.

Information you provide directly

  • Account registration: Name, email address, facility name, job title, and phone number when you sign up or invite team members.
  • Resident data (PHI): Protected Health Information entered by authorized facility staff, including resident demographics, care plans, medications, and clinical notes.
  • Payment information: Billing details are processed by Stripe, Inc. We receive only a tokenized payment method reference; we never store full card numbers, CVVs, or bank account numbers on our systems.
  • Communications: Messages you send to our support team, survey responses, and feature requests.

Information collected automatically

  • Usage data: pages visited, features used, session duration, clicks, and navigation paths within the platform.
  • Device and network information: IP addresses, browser type and version, operating system, device identifiers, and referring URLs.
  • Log data: API requests, error logs, and performance diagnostics generated by your use of the platform.

Information from third parties

  • SSO providers: If your facility uses Google Workspace or Microsoft Entra for single sign-on, we receive your name, email, and group memberships from that provider upon authentication.
  • EHR integrations: When your facility authorizes an EHR integration, we may receive clinical data according to the scope of that authorization.

How We Use Your Information

We use the information we collect for the following purposes:

  • Providing and improving the platform: Delivering features, processing transactions, maintaining uptime, and developing new functionality.
  • Transactional communications: Sending account confirmations, password resets, billing receipts, and security alerts essential to your use of the service.
  • Service announcements and product updates: Informing you of new features, scheduled maintenance, and policy changes. You may opt out of non-essential communications at any time.
  • Fraud detection and security monitoring: Analyzing usage patterns to detect unauthorized access, abuse, and security threats.
  • Legal compliance: Meeting our obligations under HIPAA, HITECH, CCPA, and other applicable regulations.
  • Aggregated analytics: We use de-identified, aggregated usage data to understand how the platform is used and to prioritize product improvements. This data cannot be traced back to any individual or facility.

HIPAA and Protected Health Information

Tendara Health, Inc. is a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA). We process Protected Health Information (PHI) solely on behalf of healthcare facilities (Covered Entities) that use our platform.

  • Business Associate Agreements: We execute BAAs with all facility customers prior to any PHI being entered into the platform. Our BAA is available upon request at jimish2104gajjar@gmail.com.
  • Encryption: All PHI is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Keys are managed using AWS Key Management Service (KMS) with annual key rotation.
  • No sale or marketing use of PHI: We do not sell, rent, share, or use PHI for advertising or marketing purposes under any circumstances.
  • Access controls: Access to PHI is limited to authorized facility staff based on their assigned role. All PHI access events are recorded in tamper-evident audit logs.
  • Minimum necessary standard: Our systems are designed to provide access to the minimum PHI necessary for each user role to perform their job function.

Data Sharing and Disclosure

We do not sell personal data to third parties. We share data only in the following limited circumstances:

Sub-processors and service providers

We engage the following sub-processors, each operating under a data processing agreement that restricts their use of data to providing services to us:

  • Amazon Web Services (AWS) — Cloud infrastructure and data hosting (us-east-1 and us-west-2 regions)
  • Stripe, Inc. — Payment processing and subscription billing
  • SendGrid (Twilio) — Transactional and notification email delivery
  • Twilio — SMS notifications (where enabled by your facility)
  • Datadog — Application performance monitoring and infrastructure observability (no PHI is transmitted to Datadog)

Legal requirements

We may disclose data when required by applicable law, valid legal process (such as a court order or subpoena), or to protect the rights, property, or safety of Tendara, our customers, or the public. We will notify affected customers to the extent permitted by law before complying.

Business transfers

In the event of a merger, acquisition, or sale of all or substantially all of our assets, customer data may be transferred to the acquiring entity. We will provide reasonable notice before any transfer and the acquiring entity will be bound by the commitments in this Privacy Policy.

Data Retention

We retain data for as long as necessary to provide the service and meet our legal obligations. Specific retention periods are as follows:

  • Account and organizational data: Retained for the duration of your active contract plus 3 years following termination, to support billing disputes and legal claims.
  • Protected Health Information (PHI): Retained according to your facility's configured retention policy. HIPAA requires a minimum of 6 years from the date of creation or last effective date.
  • Audit logs: Retained for a period determined by your subscription plan, ranging from 30 days (Starter) to 7 years (Enterprise). Audit log retention can be configured by your facility administrator.
  • Backup snapshots: Encrypted database backups are retained on a 30-day rolling window.
  • Deletion requests: You may request deletion of non-PHI personal data at any time by emailing jimish2104gajjar@gmail.com. PHI deletion is governed by your BAA and applicable HIPAA requirements.

Your Rights

Depending on your location, you may have the following rights with respect to your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate or incomplete personal data.
  • Deletion: Request erasure of your non-PHI personal data where we no longer have a legal basis to retain it.
  • Portability: Receive a copy of your personal data in a structured, machine-readable format.
  • Opt-out of marketing: Unsubscribe from non-essential communications using the unsubscribe link in any marketing email or by emailing jimish2104gajjar@gmail.com.
  • California residents (CCPA): In addition to the above, California residents have the right to know the categories of personal information we have collected and shared, and the right to opt out of any sale of personal information (we do not sell personal information). To submit a CCPA request, email jimish2104gajjar@gmail.com with the subject line "CCPA Request."

To exercise any of these rights, contact us at jimish2104gajjar@gmail.com. We will respond within 30 days. We may need to verify your identity before fulfilling your request.

Cookies and Tracking

We use a limited set of cookies and similar technologies to operate the platform and understand how it is used. We do not use advertising or cross-site tracking cookies. See our full Cookie Policy for a detailed breakdown.

  • Essential cookies: Session authentication tokens and CSRF protection. These are strictly necessary and cannot be disabled without breaking core functionality.
  • Analytics cookies: We use Google Analytics with IP anonymization enabled to understand aggregate usage patterns. You may opt out via your browser settings or the Google Analytics opt-out extension.
  • Preference cookies: We store UI preferences such as theme (light/dark) and sidebar state in cookies and localStorage.

Security

We implement industry-leading security controls to protect your data. Our security program includes:

  • SOC 2 Type II certification: Independently audited annually against the AICPA Trust Services Criteria for security, availability, and confidentiality.
  • Penetration testing: Annual third-party penetration tests and continuous automated vulnerability scanning.
  • Employee security: Background checks for all employees, mandatory annual security awareness training, and role-based access to production systems.
  • Access controls: Multi-factor authentication required for all internal systems, zero-trust network architecture, and just-in-time privileged access for production environments.
  • 24/7 monitoring: Our incident response team monitors security alerts around the clock using automated SIEM tooling.
  • Breach notification: In the event of a confirmed PHI breach, affected customers will be notified within 72 hours of discovery, as required by HIPAA and the HITECH Act.

Our current security posture documentation, including our SOC 2 report, is available to customers and prospective customers under NDA. Contact jimish2104gajjar@gmail.com to request access.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

  • General privacy inquiries: jimish2104gajjar@gmail.com
  • Data Protection Officer: jimish2104gajjar@gmail.com
  • Mailing address: Tendara Health, Inc., 535 Mission St, Suite 1400, San Francisco, CA 94105
  • EU/UK residents: Tendara EU B.V., Herengracht 420, 1017 BZ Amsterdam, Netherlands. We have appointed a UK representative pursuant to Article 27 UK GDPR; contact jimish2104gajjar@gmail.com for details.

We will respond to all privacy inquiries within 30 calendar days. For urgent security concerns, email jimish2104gajjar@gmail.com.