Back

Privacy Policy

How we collect, use, and protect your personal information

Your Privacy Matters: This Privacy Policy explains how Tendzie collects, uses, and protects your personal information in compliance with UK GDPR and data protection laws.

1. Information We Collect

1.1 Information You Provide

When you use Tendzie, we collect information you voluntarily provide:

  • Account Information: Name, email address, phone number, business name
  • Business Information: Services offered, pricing, availability, business address
  • Customer Data: Client names, contact details, appointment history (as data processor)
  • Communications: Messages you send us, support requests, feedback

1.2 Information We Collect Automatically

  • Usage Data: How you interact with our service, features used, time spent
  • Device Information: IP address, browser type, device type, operating system
  • Cookies: Session data, preferences, authentication tokens
  • Log Data: Access logs, error reports, performance metrics

2. Legal Basis for Processing

GDPR Compliance:

We process your personal data based on the following lawful bases:

Purpose Legal Basis
Account creation and management Contract performance
Service provision and support Contract performance
Marketing communications (with consent) Consent
Security and fraud prevention Legitimate interests
Legal compliance Legal obligation
Service improvement and analytics Legitimate interests

3. How We Use Your Information

We use your personal information to:

  • Provide and maintain the Tendzie service
  • Process your bookings and manage your calendar
  • Send service-related communications (confirmations, reminders, updates)
  • Provide customer support and respond to inquiries
  • Improve our service through analytics and usage patterns
  • Ensure security and prevent fraud or abuse
  • Comply with legal obligations and enforce our terms
  • Send marketing communications (only with your consent)

4. Information Sharing

4.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4.2 When We Share Information

We may share your information in these limited circumstances:

  • Service Providers: Trusted third parties who help us operate our service (hosting, email, payment processing)
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Consent: When you explicitly agree to share information
  • Safety: To protect rights, property, or safety of Tendzie, users, or public

5. Data Processing for Beauty Professionals

Important for Beauty Professionals:

When you use Tendzie to manage client bookings, you act as the data controller for your clients' personal information. We act as the data processor. You are responsible for:

  • Obtaining proper consent from your clients
  • Informing clients about data processing
  • Ensuring lawful basis for processing client data
  • Responding to client data rights requests

6. Your Rights Under UK GDPR

Your Data Protection Rights

As a UK resident, you have the following rights regarding your personal data:

Right of Access

Request a copy of your personal data

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your data

Right to Restrict Processing

Limit how we use your data

Right to Data Portability

Export your data in a structured format

Right to Object

Object to processing based on legitimate interests

To exercise any of these rights, contact us at privacy@nailease.co.uk. We will respond within one month.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption: Data encrypted in transit and at rest using industry standards
  • Access Controls: Limited access on a need-to-know basis
  • Regular Security Audits: Ongoing assessment of security measures
  • Secure Infrastructure: Hosting with reputable, compliant providers
  • Employee Training: Staff trained on data protection principles
  • Incident Response: Procedures for handling potential data breaches

8. Data Retention

We retain your personal data only as long as necessary:

  • Account Data: Until you delete your account, plus 30 days for recovery
  • Transaction Records: 7 years for tax and accounting purposes
  • Marketing Data: Until you withdraw consent or 3 years of inactivity
  • Legal Requirements: Longer retention may be required by law

9. International Data Transfers

Your data is primarily processed within the UK/EEA. If we transfer data outside these areas, we ensure:

  • Adequate safeguards are in place (Standard Contractual Clauses)
  • The receiving country has an adequacy decision from the UK
  • We obtain your explicit consent for the transfer

10. Cookies and Tracking

10.1 Cookies We Use

  • Essential Cookies: Required for service functionality (authentication, security)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand service usage (only with consent)

10.2 Cookie Management

You can control cookies through your browser settings. Note that disabling essential cookies may affect service functionality.

11. Children's Privacy

Tendzie is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us.

12. Marketing Communications

We only send marketing emails with your explicit consent. You can:

  • Unsubscribe using the link in any marketing email
  • Update your preferences in your account settings
  • Contact us to opt-out of all marketing communications

13. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

  • Notify you by email of material changes
  • Post the updated policy on our website
  • Provide at least 30 days notice before changes take effect
  • Seek additional consent if required by law

14. Contact Information

Data Protection Contacts

General Privacy Inquiries:
privacy@nailease.co.uk

Data Protection Officer:
dpo@nailease.co.uk

Postal Address:
[Your Business Address]
United Kingdom

Right to Complain:

If you're not satisfied with how we handle your data, you can lodge a complaint with the UK Information Commissioner's Office (ICO):

Website: ico.org.uk
Phone: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

15. Data Processing Agreement

If you're a business customer using Tendzie to process your clients' data, our Data Processing Agreement is available upon request and covers:

  • Our roles and responsibilities as data processor
  • Your obligations as data controller
  • Technical and organizational security measures
  • Procedures for data subject requests
  • Data breach notification processes

Last Updated: March 2, 2026

Version 1.0