← Back to Tennixa

Privacy Policy

Last updated: 2026

1. What We Collect

When you create an account we collect:

  • Account data: name, email address, organisation name
  • Authentication data: bcrypt-hashed password (never stored in plain text)
  • Usage data: daily query counts per API key, timestamps
  • Billing data: Stripe customer ID and subscription ID (we never store card numbers)

2. How We Use Your Data

  • To provide and improve the Tennixa API service
  • To enforce rate limits and plan quotas
  • To send transactional emails (verification, password reset, billing)
  • To detect and prevent abuse

We do not sell your personal data to third parties. We do not use your submitted questions for advertising.

3. API Keys

Your API key is generated on email verification and displayed once. Tennixa stores only a SHA-256 hash of your key — we cannot retrieve the raw value. Treat your API key like a password and never share it publicly.

4. Data Retention

Account data is retained while your account is active. Daily usage counters are retained for 90 days. If you delete your account, your personal data is erased within 30 days, except where retention is required by law (e.g., billing records).

5. Third-Party Services

  • Stripe — payment processing (subject to Stripe's Privacy Policy)
  • Resend — transactional email delivery
  • OpenAI — AI response generation (queries are processed under OpenAI's API terms)
  • Wikidata / DBpedia — open knowledge graph sources (no personal data sent)

6. Cookies & Local Storage

Tennixa uses browser localStorage to store your authentication token and active API key prefix on your device. No third-party tracking cookies are used.

7. Your Rights (GDPR / CCPA)

Depending on your jurisdiction you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your account and data
  • Object to or restrict processing
  • Data portability

To exercise any of these rights, email [email protected]

8. Security

We use bcrypt for passwords, SHA-256 for API key storage, TLS for all data in transit, and JWT tokens with server-side revocation on logout. We perform regular security audits.

9. Contact

Privacy questions? [email protected]

Terms of ServiceHome
T

Tennixa Engine

8-Layer Sovereign Intelligence

API key required

Create a free account to access the 8-layer intelligence engine.

Sign up freeLog in