Tenon
Tenon is a geo-clustered scheduling platform. There are two types of people whose data we handle: tradespeople who create accounts to manage their schedule, and customers who submit booking requests through a tradesperson's public booking page. This policy explains what we collect from each, how we use it, and what rights you have.
Questions? Contact [email protected].
What we collect from you
When you register we collect your name, email address, and password (stored as a one-way hash — we never see it in plain text). During profile setup we also collect your business name, phone number, base address and its geocoded coordinates, timezone, service radius, working hours, and a URL slug for your public booking page.
We also store the services you create (name, duration, price) and any blocked times or notes you add.
How we use your data
- To operate your account and authenticate you securely
- To run the availability engine and compute booking windows for your customers
- To send you email alerts when a new booking request arrives
- To display your services and availability on your booking page
- To maintain your schedule history and prevent double-bookings
Legal basis for processing (GDPR)
We process your data on the basis of contractual necessity — it is required to provide the service you signed up for. Where we send you email notifications about your account, we process your email address on the same basis.
Data retention
Your account data is retained for as long as your account exists. Booking records are kept indefinitely to preserve your schedule history. If you close your account or request deletion, we will remove your personal data within 30 days except where retention is required by law.
Your rights
Under GDPR and equivalent legislation you have the right to access, correct, export, restrict processing of, or request deletion of your personal data. To exercise any of these rights, contact [email protected].
You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data correctly.
You are here because you used a booking page powered by Tenon. You have not created a Tenon account — the tradesperson whose booking page you used has. This section explains what happens to the details you submitted.
What is collected when you book
When you submit a booking request we collect your name, email address, phone number, service address, and the geocoded coordinates of that address. We also record the service you selected and the arrival window you chose.
Who receives your data
Your booking details are shared with the tradesperson whose booking page you used. They are the primary recipient — they need your name, phone number, address, and requested time to carry out the job. Tenon acts as a data processor on their behalf.
Your address coordinates (not your name or contact details) are sent to Geoapify's routing API to calculate travel times between jobs. See the Third-Party Services section below.
Why we use your data
- To present your booking request to the tradesperson for review and confirmation
- To send you a confirmation email when the booking is confirmed
- To send you a cancellation link so you can cancel a confirmed booking yourself
- To send you a proposed alternative time if the tradesperson cannot take your original slot
Legal basis for processing (GDPR)
We process your data on the basis of legitimate interests and, where applicable, contractual necessity — specifically, to fulfil the booking request you submitted. We do not use your data for marketing.
Data retention
Your booking record is retained as part of the tradesperson's schedule history for as long as their account exists. If you would like your booking data removed, contact the tradesperson directly or email us at [email protected] and we will coordinate with the account holder.
Your rights
You have the right to access, correct, or request deletion of the personal data we hold about you from your booking. Contact us at [email protected] with the email address you used to book and we will respond within 30 days.
Third-party services
| Service | Purpose | Data sent |
|---|---|---|
| Geoapify | Address geocoding and driving-time calculations | Geographic coordinates only — no names or contact details |
| Email provider | Delivery of booking confirmations and notifications | Email addresses and booking details included in each message |
We do not sell data to third parties or share it for advertising purposes.
Security
All data in transit is encrypted via HTTPS. Passwords are stored as bcrypt hashes and are never logged. We apply database-level access controls and constraints to protect booking data. No system is perfectly secure; we follow current best practices and will notify affected users of any breach as required by law.
Changes to this policy
We may update this policy from time to time. The effective date at the top of this page will be updated accordingly. Tradesperson account holders will be notified of material changes by email.
Contact
For any privacy-related questions, data access requests, or deletion requests: