Last updated July 2, 2026
Tendabot runs AI chat agents for businesses. We store the data needed to run your workspace — your account, your bots’ knowledge, and the conversations your visitors have with your bots. We don’t sell data, we don’t use your knowledge base or conversations to train our own models, and you can delete a bot (and everything under it) at any time.
Account data — name, email, password (stored as a bcrypt hash, never plaintext), and workspace membership.
Bot data — instructions and knowledge you add (pasted text or uploaded documents), model settings, and widget branding.
Conversation data — messages between your visitors and your bots, along with details visitors choose to share (name, email, phone) through pre-chat forms or during a chat, and ratings they leave after a conversation.
Billing data — an auditable ledger of AI usage (tokens, model, cost). Card details never touch our servers; payments are processed by Stripe.
To answer a visitor, we send the relevant conversation context and retrieved knowledge to the AI model provider you selected for that bot (for example Anthropic, OpenAI, or Google). Providers process this data to generate the reply under their own API terms. If you bring your own API key, requests go to your provider account directly.
Data is stored on servers operated for us by Hetzner (EU). Transactional email, when enabled, is delivered by Resend. Payments are handled by Stripe. These are our sub-processors.
We use strictly necessary cookies only: your sign-in session, your active workspace, and — if you arrived through an affiliate link — a 30-day referral cookie. No third-party advertising or tracking cookies.
You can export or delete your data: deleting a bot permanently removes its conversations, contacts, messages, and knowledge; deleting your account removes your workspace. For access, correction, or deletion requests — including requests from your visitors concerning conversations with your bots — email us and we’ll act within 30 days.
We keep data for as long as your workspace is active. Provider API keys and channel credentials are stored encrypted (AES-256-GCM). Access to production systems is limited and logged.
Questions or requests: [email protected]. If we change this policy materially, we’ll note it here with a new date.