Tandem

Privacy Policy

Effective May 1, 2026

Overview

Tandem (“we”, “us”, “our”) operates tandemplan.xyz. This policy explains what personal data we collect, how we use it, and the choices you have. We process data minimally — we only collect what's necessary to provide the service.

Data we collect

Account data

When you sign up, we collect your email address and, if you use Google OAuth, your name and profile picture from Google. We use this to authenticate you and personalise your experience.

Plan data

All content you create in Tandem — plans, outcomes, tasks, milestones, stakeholders, notes — is stored in our database and associated with your account. This data is yours.

Usage data

We collect anonymised product analytics via PostHog (page views, feature usage) to improve the product. We do not sell this data and it is not linked to identifiable individuals.

AI interaction data

When you use Claude-powered features (plan generation, QBR draft, nudge composer), your input is sent to Anthropic's API. We log token counts and costs for rate limiting. We do not retain your prompts beyond what Anthropic's standard API terms cover.

Error logs

We use Sentry to capture application errors. Error reports may include partial page URLs and browser information but are stripped of personal content where possible.

How we use your data

  • To provide and improve the Tandem service
  • To authenticate your account and maintain your session
  • To send transactional emails (OTP codes, plan-sharing notifications) via Resend
  • To enforce rate limits and prevent abuse
  • To diagnose errors and improve reliability

We do not use your data for advertising. We do not sell your data to third parties.

Data storage and security

Your data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure in the US. We use row-level security policies so that each user can only access their own data. Connections are encrypted in transit via TLS. Service credentials are stored as environment variables and never committed to source control.

Data retention

We retain your data for as long as your account is active. If you delete your account, your plan data is deleted within 30 days. Anonymised usage analytics are retained indefinitely.

Support messages submitted via the contact form are stored in our database and used only to respond to your inquiry. They are retained for 12 months from submission and then deleted, unless there is an ongoing issue that requires the history. Support messages are never shared with third parties beyond Resend (our email delivery provider).

Your rights

You have the right to access, correct, export, or delete your personal data. To exercise any of these rights, email privacy@tandemplan.xyz. We will respond within 30 days.

If you are in the EEA or UK, you have additional rights under GDPR/UK GDPR, including the right to lodge a complaint with your supervisory authority.

Cookies

We use a single session cookie for authentication (Supabase auth token). We do not use tracking or advertising cookies. The analytics we collect via PostHog use a first-party cookie scoped to tandemplan.xyz.

Third-party services

  • Supabase — database and authentication (supabase.com/privacy)
  • Anthropic — AI processing for Claude-powered features (anthropic.com/privacy)
  • Resend — transactional email delivery (resend.com/privacy)
  • PostHog — product analytics (posthog.com/privacy)
  • Sentry — error monitoring (sentry.io/privacy)
  • Vercel — hosting and CDN (vercel.com/legal/privacy-policy)
  • HubSpot (optional) — if you connect your HubSpot account, we store an encrypted OAuth token to make API calls on your behalf. We access only what you authorise.

Changes to this policy

We may update this policy as the product evolves. We will notify you by email or in-app notice when we make material changes. Continued use of Tandem after changes take effect constitutes acceptance.

Contact

Questions about this policy: privacy@tandemplan.xyz