Privacy Policy

Tenon Privacy Policy

Tenon Software Inc. (“Tenon,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it. This Privacy Policy describes how we collect, use, process, store, and disclose information when you:

• Visit or use tenonhq.com
  
  
• Access or use Tenon applications running natively in your organization’s ServiceNow instance
  
  
• Interact with Tenon through email, text, or other electronic communications
  
  
• Access Tenon content or applications that reference this Privacy Policy
  
  

By using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Services.

1. Scope of This Policy

This Privacy Policy applies to information we collect:

• On the Tenon website
  
  
• Inside Tenon applications hosted within your ServiceNow instance
  
  
• In email, text, or other communications with Tenon
  
  
• When you interact with Tenon content on third-party platforms that reference this policy
  
  

This Privacy Policy does not apply to:

• Information collected offline
  
  
• Information collected by third-party websites, applications, or platforms
  
  
• Information processed by your organization as the data controller
  
  

2. Children Under 18

The Services are not intended for children under 18. We do not knowingly collect information from anyone under 18. If you believe we have collected information from a minor, contact us at privacy@tenonhq.com.

3. Tenon’s Role as Data Processor

Tenon operates as a native application within your ServiceNow instance. Under applicable data protection laws:

• You (the customer) act as the Data Controller
  
  
• Tenon acts as a Data Processor
  
  

As the Data Controller, you determine what data is collected, stored, and processed in your ServiceNow instance using Tenon. Tenon processes this data only on your documented instructions and only for the purposes of providing the Services.

Customers are responsible for ensuring a lawful basis for processing, including consent for marketing, SMS, and email communications.

4. Data Stored Within Your ServiceNow Instance

Tenon maintains your data security through ServiceNow’s infrastructure. All core Tenon application data:

• Remains within your ServiceNow instance in your selected data center region
  
  
• Is not transferred or stored outside your ServiceNow environment
  
  

The only exception is the minimal data shared with specific authorized subprocessors necessary to deliver SMS, email, content generation, and landing page hosting.

Tenon does not replicate, store, or host your customer data outside your ServiceNow environment beyond the limited processing described below.

5. Information We Collect

5.1 Information You Provide

This includes:

• Contact details (name, email, company, phone)
  
  
• Information submitted through website forms
  
  
• Records of correspondence
  
  
• Account registration details
  
  
• Transaction or billing information
  
  
• Search queries and activities on website Services
  
  

5.2 Information We Automatically Collect

On the website and within certain app interactions, we may collect:

• IP address
  
  
• Browser type and device metadata
  
  
• Usage metrics and logs
  
  
• Cookies and tracking identifiers
  
  
• Referral sources
  
  
• Interaction data for analytics and diagnostics
  
  

5.3 Information Within ServiceNow

Information you process in Tenon within your ServiceNow instance includes:

• Audience data
  
  
• Email and SMS content
  
  
• Segments, campaigns, journeys, and marketing objects
  
  

This information never leaves your ServiceNow instance, except for the limited processing performed by subprocessors as described below.

6. Data Shared With Authorized Subprocessors

To provide specific features, Tenon shares only the minimum required data with the following subprocessors.

6.1 Sinch (SMS Services)

Purpose: SMS delivery
Data Shared: Phone numbers, SMS message content, sender information
Compliance: GDPR, CCPA, ISO 27001
Processing Role: Sinch acts as an independent processor for telecommunications services
Retention: SMS delivery logs retained only as long as required for service fulfillment

6.2 Mailgun (Email Services)

Purpose: Email message delivery
Data Shared: Email addresses, sender details, email content
Compliance: GDPR, CCPA, SOC 2, ISO 27001, HIPAA
Processing Role: Data processor; does not sell customer data
Retention: Retains email delivery data only for deliverability, diagnostics, and compliance

6.3 Amazon Web Services (Hosting)

Purpose: Hosting landing pages, images, and MMS assets
Data Shared: Landing page content, images, metadata
Compliance: GDPR, CCPA, SOC 2, ISO 27001, ISO 27017, ISO 27018, FedRAMP
Data Location: Stored in the customer’s selected AWS Region
Data Control: Customer maintains full control, including encryption and access configuration
Retention: AWS does not retain customer content after deletion by customer

6.4 Beefree (Content Editor API)

Purpose: Generating HTML for email and landing page templates
Data Shared: Template content required for rendering; end-user IP addresses for infrastructure security
Compliance: GDPR
Hosting: AWS Ireland
Processing Role: Data processor
Retention: Only temporary processing data used to generate HTML output

7. How We Use Information

We use information to:

• Operate and present the Services
  
  
• Provide product features, support, and maintenance
  
  
• Deliver email, SMS, and content based on customer instructions
  
  
• Improve and optimize performance
  
  
• Personalize website content and marketing
  
  
• Communicate product updates or notices
  
  
• Ensure security and detect fraud
  
  
• Fulfill legal or contractual obligations
  
  

We may also use aggregated or de-identified data for analytics.

8. Cookies, Analytics, and Tracking

Includes:

• Cookies and tracking preferences
  
  
• Google Analytics
  
  
• Social advertising pixels
  
  
• Visitor activity matching
  
  
• Links to opt-out resources
  
  

(All content from your original policy is preserved.)

9. Disclosure of Information

We may disclose information:

• To affiliates and subsidiaries
  
  
• To service providers under contractual confidentiality
  
  
• To a buyer or successor during a merger or acquisition
  
  
• To third parties you authorize, including marketing partners
  
  
• To comply with laws or government requests
  
  
• To protect rights, safety, and fraud prevention
  
  

We do not sell personal information.

Aggregated or anonymized data may be shared without restriction.

10. Customer Responsibilities for Consent

You are responsible for:

• Collecting and maintaining proper consent
  
  
• Maintaining lawful basis for processing under GDPR, CCPA, or local law
  
  
• Ensuring opt-in compliance for email and SMS messaging
  
  

Tenon processes data only on your instructions.

11. Data Protection Standards

Tenon and its subprocessors implement:

• Encryption in transit and at rest
  
  
• Access controls and authentication
  
  
• Standard Contractual Clauses for international transfers
  
  
• Logging and monitoring
  
  
• Regular compliance reviews and security audits
  
  

Incident Notification
Tenon will notify you without undue delay and within 72 hours of confirming any incident that results in unauthorized access to customer data.

12. Your Privacy Rights

You may have rights under GDPR, CCPA, and similar laws:

• Right of access
  
  
• Right of rectification
  
  
• Right to erasure
  
  
• Right to data portability
  
  
• Right to object to processing
  
  
• Right to restrict processing
  
  
• Right to withdraw consent
  
  

Requests must be directed to:

privacy@tenonhq.com or your organization’s Tenon administrator.
Tenon will coordinate with the Data Controller to fulfill requests.

13. California Privacy Rights (CCPA and CPRA)

The entire original California section is preserved and incorporated, including:

• Categories of personal information collected
  
  
• Categories of sources
  
  
• Business purposes
  
  
• Disclosure practices
  
  
• Rights of access, deletion, data portability
  
  
• Response timelines
  
  
• Non-discrimination principles
  
  
• Verification procedures
  
  

Tenon does not sell personal information.

14. Security and Retention

Tenon keeps personal information only as long as required to:

• Deliver the Services
  
  
• Comply with legal, security, and regulatory obligations
  
  

Data in your ServiceNow instance follows your organization’s retention policy.

15. Changes to This Policy

We will post updates to this Privacy Policy on this page. Material changes may be communicated by email or in-app notice. Continuing to use the Services after changes constitutes acceptance.

16. Contact Information

For privacy questions or to exercise rights:
privacy@tenonhq.com

For product support or data subject request coordination:support@tenonhq.com