Tendly

Privacy Policy

Effective date: February 2026

Tendly is a private care coordination app for use between a care recipient and their designated family members and caregivers. This policy describes what data the Tendly iOS app and Tendly Connect iOS app collect and how it is used.

1. Data We Collect

The following data is collected solely to provide the app's care coordination features:

  • Name and display name — used to personalise greetings and identify contacts.
  • Phone numbers — used to send and receive SMS messages via Twilio. Stored encrypted.
  • Message content — messages sent and received through the app. Stored encrypted.
  • Profile photos — photos you choose to upload as a profile picture or contact photo. Stored on the Tendly server.
  • Push notification token — a device identifier issued by Apple and Expo, used only to deliver push notifications to your device when a new message arrives. Stored on the server and refreshed automatically.
  • Location (optional) — approximate GPS coordinates captured when you choose to set a location boundary in Settings. Used only for automatic location detection within the app. Never transmitted to third parties.
  • Device contacts (optional) — accessed only when you choose to link a contact in Settings. Phone numbers from your contacts are read once and stored locally. We do not upload your full contacts list.
  • Calendar feed URL (optional) — if the Calendar module is enabled, a caregiver provides an ICS calendar URL (e.g. from Google Calendar). The server fetches and temporarily caches upcoming events in memory for up to 5 minutes. Events are never written to the database. The calendar URL itself is stored in your account configuration.
  • FaceTime contact ID (optional) — a caregiver may enter an email address or phone number to enable FaceTime calling from the Tendly Connect app. This is stored on the server associated with the relevant contact record.

2. How It's Stored

Message content and phone numbers are encrypted at rest using AES-256-GCM encryption in a PostgreSQL database. Encryption keys are never stored alongside data. Profile photos are stored as files on the server. Push tokens and location data are stored unencrypted but are never exposed publicly.

3. Who Can Access Your Data

Only the care recipient and their designated caregivers and family members — the people you explicitly invite — can access messages and contact information within their account. We do not sell, share, or disclose personal data to any third parties, with the exception of the service providers listed below.

4. Third-Party Services

  • Twilio — used to send and receive SMS messages. Message content passes through Twilio's infrastructure. See Twilio's Privacy Policy.
  • Expo (Expo Push Service) — used to relay push notifications to Apple's APNs infrastructure. Only the push token and notification title/body are transmitted. See Expo's Privacy Policy.
  • Railway — the server infrastructure provider hosting the Tendly backend. Data is stored in Railway's managed PostgreSQL service.

5. SMS Notifications

What messages you'll receive

Tendly sends SMS text message notifications to let you know when someone has sent you a new message through the app. Message frequency varies based on how often messages are sent to you, typically 1–10 messages per week.

Cost

Tendly does not charge for SMS messages. Standard message and data rates from your wireless carrier may apply.

How to opt in

You opt in to receive SMS notifications by entering your phone number in the Tendly Connect app during signup or in your profile settings.

How to opt out

You can opt out of SMS notifications at any time by:

  • Replying STOP to any Tendly text message
  • Removing your phone number from your profile in the app
  • Contacting us at support@tendly.life

How to get help

Reply HELP to any Tendly text message, or contact us at support@tendly.life.

Privacy

Your phone number is used only to deliver Tendly notifications. We never sell or share your phone number with third parties for marketing purposes. Phone numbers are encrypted at rest.

6. Data Retention

Data is retained for the duration of the care relationship. To request deletion of your data, contact us at the address below and we will remove it within 30 days.

7. Children's Privacy

Tendly is not directed at children under 13 and we do not knowingly collect personal information from children under 13.

8. Contact

Questions or deletion requests: support@tendly.life

Privacy  ·  Terms
© 2026 Tendly