Privacy Policy

Last updated: February 2026

1. Who we are

Tenora is a rental dossier management platform operated from the Netherlands. We provide services to both tenants and landlords. Tenants can build, manage, and share their rental application dossier. Landlords can receive, review, and manage tenant dossiers via a centralized dashboard. In this policy, "we" refers to Tenora and "you" refers to any user of the platform, whether you are a tenant or a landlord.

2. What personal data we collect

Account data (all users): email address, hashed password, account type (tenant or landlord), subscription status. Tenant profile data: name, date of birth, address, phone number, work and income details, household composition, financial information, and a personal introduction text. Tenant documents: identity documents, pay slips, employer statements, bank statements, tax returns, and other files you upload. Landlord profile data: company or agency name, landlord type (private landlord, property manager, or real estate agent), number of managed properties. Landlord activity: notes on applications, dossier status changes, project names and addresses, tags, and messages to tenants. Usage data (all users): login timestamps, share link access counts.

3. Why we process your data

For tenants: building your rental dossier, generating PDF packages, sharing your dossier with landlords via share links or reactions, auto-filling landlord forms, and tracking your applications. For landlords: receiving and managing tenant dossiers, tracking the status of applications, communicating with tenants via messages, organizing applications into projects, and importing tenant data. For all users: account management, payment processing, sending transactional emails (verification, password reset, invitations), and improving the service.

4. Legal basis

Contract: processing is necessary to provide the service you signed up for, whether as a tenant or landlord. Consent: you explicitly consent to our privacy policy and terms during registration. Tenants additionally provide explicit consent when sharing their dossier with a specific landlord. Legitimate interest: security measures such as rate limiting and session management.

5. Where we store your data

Your data is stored on servers in the European Union (EU). Files are stored in AWS S3 (eu-central-1 region) with server-side encryption (AES-256). Database is hosted in the EU.

6. Third-party processors

Stripe: payment processing for tenant and landlord subscriptions. Processes your email and payment details. Privacy policy: stripe.com/privacy. Postmark: transactional email delivery. Processes email addresses of tenants and landlords for verification, password reset, and invitations. Privacy policy: postmarkapp.com/privacy. AWS S3: file storage. Stores uploaded tenant documents encrypted at rest. Privacy policy: aws.amazon.com/privacy.

7. Sharing your data

We never sell your data. Tenants: your dossier is only shared when you explicitly create a share link or reaction. When creating a reaction, you explicitly choose which profile fields and documents to share. Share links expire automatically after 30 days. The landlord must verify their email before accessing your data. You can revoke access at any time. Landlords: your company name may be visible to tenants who send a reaction to you. Private notes and internal status changes are never shared with tenants. Messages are only visible to the participants in the conversation.

8. Data retention

We keep your data as long as your account is active. Tenants: when you delete your account, all data (profile, documents, packages, share links, reactions, and message history) is permanently deleted from our database and file storage. Landlords: when you delete your account, all data (profile, notes, projects, tags, and message history) is permanently deleted. Completed dossiers are automatically removed after 30 days on the free plan. We do not retain backups of deleted accounts.

9. Your rights

Under the GDPR you have the right to: Access: export all your data from Account Settings. Rectification: edit your profile at any time. Erasure: delete your account and all data from Account Settings. Portability: download your data as a ZIP archive. Object: contact us to object to specific processing. Restriction: contact us to request restricted processing. These rights apply to both tenants and landlords. To exercise these rights, use the features in your account or email us.

10. Cookies

We use only essential cookies: Session cookie: keeps you logged in (expires after 7 days). Language cookie (i18n_locale): remembers your language preference. We do not use analytics, advertising, or tracking cookies.

11. Security

Passwords are hashed with bcrypt. Files are encrypted at rest (AES-256). All connections use HTTPS. API endpoints are rate-limited. Sessions expire after 7 days. Landlords must verify their email address before they can access shared tenant dossiers.

12. Changes to this policy

We may update this policy. If we make significant changes, we will notify you by email. The date at the top of this page shows when the policy was last updated.

13. Contact

For privacy-related questions or to exercise your rights, email us at privacy@tenora.nl.