Tenby

Privacy Policy

Last updated: May 2026

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, phone number (optional), and role (landlord or tenant).

Property & Lease Data: Landlords provide property addresses, unit details, lease documents, and tenant information. This data is stored securely and used solely to provide our services.

Payment Information: Rent payments and deposits are processed through Stripe. We never store credit card numbers, bank account numbers, or other payment credentials on our servers. Stripe handles all payment data under PCI-DSS Level 1 compliance.

Tenant Screening Data: When landlords order background checks, applicant data (name, date of birth, address) is transmitted directly to our screening partner and handled under FCRA compliance. Full SSN is never stored in Tenby. Consumer report data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Consumer report PII (personal information, scores, recommendations) is automatically disposed of 25 months after the screening decision, in compliance with the Equal Credit Opportunity Act (ECOA, 12 CFR 1002.12) and Fair Housing Act statute of limitations (42 USC 3613). Decision metadata (application outcome, adverse action notice records) is retained for 5 years per the FCRA statute of limitations (15 USC 1681p) for legal defensibility — this metadata contains no consumer report data. We do not resell or furnish consumer report data to any third party beyond the landlord associated with the application.

Identity Verification: When identity verification is performed, applicants may be asked to scan a government-issued photo ID and take a selfie. This data is processed by Stripe Identity and is not stored on Tenby servers beyond the verification result (verified/not verified).

Application Fees: Applicants may be charged a non-refundable application fee to cover the cost of background screening. Fees are capped per state law (e.g., $50 in Virginia, $20 in New York, $0 in Massachusetts). Fee payments are processed through Stripe and are collected on behalf of the landlord.

Applicant Rights Under FCRA: Applicants who are denied based on information in a consumer report receive an adverse action notice that includes: the reason for denial, the consumer reporting agency's name and contact information, the right to obtain a free copy of the report within 60 days, and the right to dispute inaccurate information. Tenby provides a dispute intake process accessible from the adverse action notice. Disputes are investigated within 30 days as required by the FCRA.

Financial Account Data (via Stripe Financial Connections): When tenants, applicants, or landlords connect a bank account for verification or payment setup, we use Stripe Financial Connections to securely access financial data. Stripe handles the credential exchange directly — Tenby never sees or stores your bank login credentials. We receive only the specific data authorized by you (e.g., account ownership, balance verification before debits, and limited transaction history where authorized). Connections can be revoked at any time from your account settings or through your Stripe-issued verification dashboard.

Usage Data: We collect anonymous analytics (page views, feature usage, crash reports) through PostHog and Sentry to improve app stability and features. We do not sell or share this data with advertisers.

Photos & Documents: Maintenance request photos, inspection images, lease documents, and expense receipts are stored in encrypted cloud storage (Supabase Storage) and accessible only to authorized users.

2. How We Use Your Information

  • Provide and operate the Tenby platform
  • Process rent payments and security deposits via Stripe
  • Run AI-powered lease analysis and compliance checking (via Anthropic Claude API)
  • Send push notifications for rent reminders, maintenance updates, and lease alerts
  • Generate financial reports and tax documents (Schedule E)
  • Perform tenant background screening via our FCRA-compliant screening partner. Tenby organizes and presents screening data but does not make accept/deny decisions — the landlord always makes the final decision
  • Improve app performance and fix bugs

3. Information Sharing

We do not sell your personal information. We share data only with:

  • Stripe: Payment processing (PCI-DSS Level 1), bank account verification via Stripe Financial Connections, and identity verification via Stripe Identity. Stripe's privacy practices are at stripe.com/privacy
  • Screening Partner: Background screening (FCRA compliant)
  • Anthropic (Claude): AI lease analysis, maintenance triage, and document processing. Document text — which may include names and addresses present in lease documents — is sent to Anthropic's Claude API for analysis. Anthropic does not use API data to train models. We do not send SSNs, bank account numbers, or payment credentials to AI models.
  • Google (Gemini): Neighborhood data enrichment (walk scores, nearby schools, amenities) via Gemini API with Google Search grounding. Only property addresses are sent — no tenant PII.
  • Supabase: Database and file storage (SOC 2 Type II compliant)
  • Between landlord and tenant: As necessary to facilitate the landlord-tenant relationship (messages, lease terms, maintenance updates)

4. Data Security

We protect your data with:

  • Encrypted storage at rest (AES-256) and in transit (TLS 1.2 or higher)
  • Row Level Security on all database tables (landlords see only their data, tenants see only their unit)
  • Authentication tokens stored in device secure storage (iOS Keychain, Android Keystore)
  • Webhook signature verification for all payment and screening events
  • Rate limiting on all API endpoints
  • Immutable audit logs for compliance-critical actions

5. Your Rights

You have the right to:

  • Access: View all data we have about you in the app
  • Correct: Update your profile and property information at any time
  • Delete: Delete your account and all associated data from Settings > Delete Account
  • Export: Download your payment history and financial reports
  • Opt out: Disable push notifications, analytics, or credit reporting at any time

For California residents: we comply with the CCPA. For EU residents: we comply with GDPR. Contact us at privacy@tenbyapp.com for data requests.

6. Data Retention

We retain your data as long as your account is active. When you delete your account, all personal data is permanently removed within 30 days. Financial records required for tax compliance may be retained for up to 7 years as required by law.

Tenant Screening Data: Consumer report PII (personal information, scores, recommendations) is automatically scrubbed 25 months after the screening decision, satisfying the ECOA 25-month retention requirement (12 CFR 1002.12) and the Fair Housing Act 2-year private action window (42 USC 3613). Decision metadata (application outcome, adverse action notice records) is retained in audit logs for 5 years per the FCRA statute of limitations (15 USC 1681p) — this metadata contains no consumer report data. All disposal actions are logged in our immutable audit trail.

Financial Account Data: Bank account data obtained via Stripe Financial Connections is retained only for the purpose authorized (account verification, balance checks for ACH payments, and limited transaction history where applicable). Connections can be revoked at any time, after which no further data is retrieved.

7. Children's Privacy

Tenby is not intended for users under 18 years of age. We do not knowingly collect information from children.

8. Changes to This Policy

We may update this policy as our practices evolve. Significant changes will be communicated via in-app notification or email. Continued use of Tenby after changes constitutes acceptance.

9. Contact

Questions about privacy? Email privacy@tenbyapp.com.