Privacy Policy

Introduction

Welcome to Tend ("we," "our," or "us"). We operate the website located at tend.house and related mobile applications (collectively, the "Service"). The Service is operated by the operator of tend.house.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

Information We Collect

Information You Provide to Us

We collect information that you voluntarily provide when using our Service:

• Account Information: When you create an account, we collect your email address, name, and authentication credentials. If you sign in using a third-party service (such as Google), we receive basic profile information from that service.
• Profile Information: Your profile photo or avatar (if you choose to upload one).
• Household Data: Information you create and store in the Service, including tasks, expenses, shopping lists, calendar events, notes, documents, and contacts. This data is associated with your household and may be shared with other household members you invite.
• Contact Information: Email addresses and phone numbers of household members and contacts you add to your household.
• Communications: Emails you send to or through the Service, and any messages or feedback you provide to us.

Information Automatically Collected

When you use our Service, we automatically collect certain information:

• Usage Data: Information about how you use the Service, such as features accessed, actions taken, and time spent on pages.
• Device Information: Device type, operating system, browser type, IP address, and unique device identifiers (for mobile apps).
• Push Notification Tokens: If you enable push notifications, we collect device tokens from Firebase Cloud Messaging (FCM) and Apple Push Notification Service (APNs) to send you notifications.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to maintain your session and remember your preferences. See the "Cookies" section below for more details.
• Log Data: Server logs that include your IP address, browser type, pages visited, time and date of access, and other diagnostic data.

Information from Third-Party Services

• OAuth Providers: If you sign in with Google or another OAuth provider, we receive basic profile information (name, email, profile picture) as permitted by that service.

How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Maintain the Service: To create and manage your account, store your household data, and enable core features like task management, expense tracking, and shared calendars.
• Communication: To send you service-related emails (account verification, password resets, invitation links, notifications about household activity) and route emails you send through the Service.
• AI-Powered Features: To provide AI-assisted suggestions and automation (such as task suggestions, expense categorization, and smart responses), we send relevant data to our AI service provider, Anthropic. You can opt out of AI features in your account settings.
• Push Notifications: To send you push notifications about household activity (if you've enabled this feature).
• Improve the Service: To understand how users interact with the Service, identify bugs, and improve features and performance.
• Security and Fraud Prevention: To detect, prevent, and address technical issues, unauthorized access, and fraudulent activity.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

How We Share Your Information

We do not sell your personal information to third parties. We may share your information in the following circumstances:

With Other Household Members

The household data you create (tasks, expenses, events, notes, etc.) is shared with other members of your household that you have invited. This is core functionality of the Service.

With Service Providers

We share information with third-party service providers who help us operate the Service:

• Anthropic: We use Anthropic's Claude AI API to provide AI-powered features. When you use AI features, relevant data (such as task descriptions, expense details, or conversation context) is sent to Anthropic for processing. Anthropic's data practices are governed by their privacy policy. You can opt out of AI features in your account settings.
• Resend: We use Resend for email delivery (transactional emails, invitations, and email routing). Resend receives email addresses and message content necessary to deliver emails.
• Firebase (Google): We use Firebase Cloud Messaging for push notifications on mobile devices. Firebase receives device tokens and notification content.
• Neon (Database Hosting): We use Neon to host our PostgreSQL database. Your data is stored on Neon's infrastructure with encryption at rest and in transit.
• Vercel (Web Hosting): We use Vercel to host the web application. Vercel may collect standard web server logs (IP addresses, page requests) as part of providing hosting services.

These service providers are contractually obligated to use your information only as necessary to provide services to us and not for their own purposes.

For Legal Reasons

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders, search warrants)
• Requests from law enforcement or government agencies
• Protection of our rights, property, or safety, or that of our users or the public
• Enforcement of our Terms of Service or investigation of potential violations

Business Transfers

If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership or use of your personal information.

With Your Consent

We may share your information with third parties when we have your explicit consent to do so.

Data Retention

We retain your information for as long as your account is active or as needed to provide you the Service.

• Active Accounts: We retain your account information and household data indefinitely while your account remains active.
• Deleted Accounts: When you delete your account, we anonymize your personal information (email, name, profile picture) rather than permanently deleting it. This preserves the integrity of shared household data (tasks, expenses, events) that you created, which other household members may still rely on. Deleted user data is marked as "Deleted User" and cannot be used to identify you. Your device tokens and authentication credentials are permanently deleted immediately.
• Legal Obligations: We may retain certain information for longer periods if required by law or to resolve disputes, enforce our agreements, or prevent fraud and abuse.

Your Privacy Rights

All Users

• Access: You can access and review your personal information by logging into your account.
• Update: You can update your account information (name, email, profile picture) at any time in your account settings.
• Delete: You can delete your account at any time from your account settings. See the "Data Retention" section above for details on what happens when you delete your account.
• Opt-Out of AI Features: You can disable AI-powered features in your account settings to prevent your data from being sent to Anthropic.
• Opt-Out of Push Notifications: You can disable push notifications in your device settings or within the app.

California Residents (CCPA Rights)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share your information.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out of Sale: We do not sell your personal information in the traditional sense. However, our use of AI features (which involves sharing data with Anthropic) may be considered a "sale" under California law. You can opt out of AI features in your account settings.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
• Right to Data Portability: You have the right to receive a copy of your personal information in a portable format. (Note: Self-service data export is planned for a future update.)

To exercise these rights, please contact us through the Service or via our website at tend.house. We will verify your identity before processing your request and respond within 45 days.

European Users (GDPR Rights)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to Access: You can request a copy of your personal data.
• Right to Rectification: You can request correction of inaccurate data.
• Right to Erasure: You can request deletion of your personal data.
• Right to Restrict Processing: You can request that we limit how we use your data.
• Right to Data Portability: You can request your data in a machine-readable format.
• Right to Object: You can object to our processing of your personal data.
• Right to Withdraw Consent: Where we process data based on consent, you can withdraw that consent at any time.

To exercise these rights, please contact us through the Service or via our website at tend.house. You also have the right to lodge a complaint with your local data protection authority.

Data Security

We implement reasonable security measures to protect your information from unauthorized access, alteration, disclosure, or destruction:

• Encryption: Data is encrypted in transit using HTTPS/TLS and at rest in our database.
• Access Controls: Access to user data is restricted to authorized personnel and systems only.
• Authentication: We use industry-standard authentication mechanisms, including OAuth 2.0 and secure session management.
• Regular Security Reviews: We periodically review our security practices and update them as needed.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your account credentials.

Cookies and Tracking Technologies

We use cookies and similar technologies to maintain your session and improve your experience:

• Session Cookies: Essential cookies that keep you logged in and maintain your session. These are required for the Service to function.
• Preference Cookies: Cookies that remember your settings, such as which household you have selected and your theme preference (light/dark mode).

We do not use third-party advertising cookies or tracking pixels. Most web browsers allow you to control cookies through their settings, but disabling essential cookies will prevent you from using the Service.

Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us through the Service, and we will delete that information.

Users must be at least 13 years old to create an account and use the Service.

International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ from those in your jurisdiction.

By using the Service, you consent to the transfer of your information to the United States and other countries where our service providers operate. We take steps to ensure that your data is treated securely and in accordance with this Privacy Policy.

Third-Party Links

The Service may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page with an updated "Last Updated" date
• Sending you an email notification (if we have your email address)
• Displaying a prominent notice within the Service

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the Service after we post modifications constitutes your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us through the Service or visit our website:

• Website: https://tend.house

You can reach us by logging into your account and contacting us through the Service, or by visiting our website for additional contact options.