1. Who we are

Tenora is a rental dossier service operated from the Netherlands. We help tenants build and share their rental application dossier. In this policy, "we" refers to Tenora.

2. What personal data we collect

Account data: email address, hashed password, subscription status. Profile data: name, date of birth, address, phone number, work and income details, household composition, financial information, and a personal introduction text. Documents: identity documents, pay slips, employer statements, bank statements, tax returns, and other files you upload. Usage data: login timestamps, share link access counts.

3. Why we process your data

We process your data to provide the Tenora service: building your rental dossier, generating PDF packages, and sharing them with third parties at your request. We also process data for account management, payment processing, and sending transactional emails (verification, password reset).

4. Legal basis

Contract: processing is necessary to provide the service you signed up for. Consent: you explicitly consent to our privacy policy and terms during registration. Legitimate interest: security measures such as rate limiting and session management.

5. Where we store your data

Your data is stored on servers in the European Union (EU). Files are stored in AWS S3 (eu-central-1 region) with server-side encryption (AES-256). Database is hosted in the EU.

6. Third-party processors

Stripe: payment processing. Processes your email and payment details. Privacy policy: stripe.com/privacy. Postmark: transactional email delivery. Processes your email address. Privacy policy: postmarkapp.com/privacy. AWS S3: file storage. Stores your uploaded documents encrypted at rest. Privacy policy: aws.amazon.com/privacy.

7. Sharing your data

We never sell your data. Your dossier is only shared when you explicitly create a share link. Share links expire automatically after 7 days. Recipients can only view the data you included in your dossier package.

8. Data retention

We keep your data as long as your account is active. When you delete your account, all data (profile, documents, packages, share links, and application history) is permanently deleted from our database and file storage. We do not retain backups of deleted accounts.

9. Your rights

Under the GDPR you have the right to: Access: export all your data from Account Settings. Rectification: edit your profile at any time. Erasure: delete your account and all data from Account Settings. Portability: download your data as a ZIP archive. Object: contact us to object to specific processing. Restriction: contact us to request restricted processing. To exercise these rights, use the features in your account or email us.

10. Cookies

We use only essential cookies: Session cookie: keeps you logged in (expires after 7 days). Language cookie (i18n_locale): remembers your language preference. We do not use analytics, advertising, or tracking cookies.

11. Security

Passwords are hashed with bcrypt. Files are encrypted at rest (AES-256). All connections use HTTPS. API endpoints are rate-limited. Sessions expire after 7 days.

12. Changes to this policy

We may update this policy. If we make significant changes, we will notify you by email. The date at the top of this page shows when the policy was last updated.

13. Contact

For privacy-related questions or to exercise your rights, email us at privacy@tenora.nl.

Privacy Policy