Privacy Policy
Last Updated: May 28, 2026
This Privacy Policy describes how Tandm Systems OÜ, carrying on business as Tandm (“Tandm”, “we”, “us” or “our”) handles personal information and data (“Personal Information”) collected from you through our website, https://www.tandm.io/ (the “Website”), our web application, app.tandm.systems (the “Web Application”), and our mobile application for iOS and Android, Tandm (the “Mobile App”) (the Website, Web Application and Mobile App, collectively for the purposes of this Privacy Policy, the “Tandm Software”), our social media channels, or directly from you by other means.
This Privacy Policy describes Tandm’s collection, use, and disclosure of the Personal Information of prospective or existing Tandm Software users, as well as administrative points of contact and end-users for prospective or existing Tandm Software customers (“you” for the purposes of this Privacy Policy).
In summary, we collect and use your Personal Information to set up and manage your Tandm account and enable us to provide Tandm’s products and services to you. We never sell your Personal Information, and we do not share it with others for any purposes unless it is necessary to provide you with services you requested through the Tandm Software. We do not use your Personal Information for third-party advertising, and the Mobile App does not use advertising identifiers or track you across other companies’ apps or websites.
This Privacy Policy covers the Personal Information described below that we collect from you directly through the Tandm Software.
1. WHAT PERSONAL INFORMATION WE COLLECT.
Information you provide to us.
Personal Information you may provide to us through the Tandm Software or otherwise to set up your account and enable our services includes:
Contact data, such as your first and last name, salutation, email address, mailing address, professional title and company name, organisation and workspace identifier, and phone number.
Communications data based on our exchanges with you, including when you contact us through the Tandm Software, social media, or otherwise.
Research data, such as your responses to surveys that we might ask you to complete for research purposes related to our business.
Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
Profile data, such as the username and password that you may set to establish an account on the Tandm Software.
Payment data needed to complete transactions, including payment card information or bank account number (payment data may be collected directly by our payment processor, Stripe, as described further below).
Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.
Third-party sources.
We may combine Personal Information we receive from you with Personal Information we obtain from other sources, such as:
Public sources, such as government agencies, public records, social media platforms, and other publicly available sources.
Data providers, such as information services and data licensors that provide demographic and other information that we use to provide the Tandm Software.
Marketing partners, such as joint marketing partners and event co-sponsors.
Automatic data collection.
To help us understand user activity on the Tandm Software, we may automatically log certain data about you, your computer or mobile device, and your interaction over time with us, such as:
Device data, such as your computer or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 5G), and general location information such as city, state or general geographic area.
Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
Communication interaction data, such as your interactions with our email, or other communications (e.g., whether you open and/or forward emails) – we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails.
Cookies and similar technologies.
Some of the automatic collection described above is facilitated by the following technologies:
Cookies, which are small text files that websites store on user devices and that allow web servers to record users’ web browsing activities and remember their submissions, preferences, and login status as they navigate a site.
Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.
Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
Information collected through the Web Application or Mobile App.
Authentication state, a session reference stored using the operating system’s secure keystore (Apple Keychain on iOS, Android Keystore on Android) and cookies stored by the in-app browser, so you do not have to re-enter your password each time. These values stay on your device except when sent to app.tandm.systems to authenticate a request.
Biometric authentication (optional), if you enable biometric sign-in, the operating system performs the check entirely on your device (Face ID or Touch ID on iOS; fingerprint or other biometric on Android) and returns only a yes/no result. Tandm never receives, stores, or accesses your biometric data.
Audio recordings. When you start a recording, audio is captured and stored on your device until it is online, then uploaded to Tandm’s servers as part of your workspace data; the local copy is removed after a successful upload. Tandm’s servers (not your device) then send the audio to a large-language-model provider (OpenAI as of the date of this Privacy Policy; we may change provider) for transcription, and send the transcript to that provider to generate a title and a one-paragraph summary. The audio, transcript, title, and summary are stored together in your workspace.
Diagnostic data, such as error messages and sync timings, collected through PostHog to identify crashes and performance issues. It is not linked to your identity unless you were signed in when it was generated.
Mobile App permissions.
The Mobile App requests system permissions only when a feature needs them, and you can revoke any of them at any time in your operating system settings. Features that rely on a revoked permission stop working until you re-grant it. The Mobile App may request:
Face ID / Touch ID / fingerprint, for optional one-tap biometric sign-in; the check runs on-device and Tandm never receives biometric data;
Camera, only if you use a feature in the web application that opens the camera, for example to attach a photo or scan a code;
Microphone, when you start an audio recording in the Mobile App;
Photo library, only if you choose to attach an image from your library;
Notifications, to deliver push notifications;
Vibration, to let delivered notifications vibrate the device;
In-app message display, to show in-app messages within the Mobile App; it is not used to draw over other apps; and/or
Network access, to communicate with our servers and processors.
2. HOW WE USE YOUR PERSONAL INFORMATION.
We may use your Personal Information for the following purposes (or in other ways that we ask you for at the time we collect it):
Tandm Software delivery and operations.
We may use your Personal Information to:
sign you in, keep your session active, and load your workspace;
deliver push notifications you have opted into, including notifications you tap that open a specific screen;
synchronise, transcribe, and summarise recordings, and store the audio, transcript, title, and summary in your workspace;
support optional biometric sign-in where you have enabled it;
provide, operate, and improve the Tandm Software and our business;
communicate with you about the Tandm Software, including by sending announcements, updates, security alerts, and support and administrative messages;
understand your needs and interests, and personalize your experience with the Tandm Software and our communications; and
provide support for the Tandm Software, and respond to your requests, questions and feedback.
Research and development.
We may use your Personal Information for research and development purposes, including to analyze and improve the Tandm Software and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from Personal Information we collect. We convert Personal Information into anonymous or de-identified data by removing information that makes the data personally identifiable to you. We may use this anonymous or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Tandm Software and promote our business.
Marketing.
We may use your Personal Information to send you direct marketing communications. You may opt-out of our marketing communications by contacting us as described in Section 11 or by following the unsubscribe instructions in any marketing email we send you.
Compliance and protection.
We may use your Personal Information to:
comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
protect our or your rights, privacy, or safety (including by making and defending legal claims);
audit our processes for compliance with legal and contractual requirements or our policies;
enforce the terms and conditions that govern the Tandm Software generally, or that we have otherwise agreed with you; and/or
prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
With your consent.
In some cases, we may specifically ask for your consent to collect, use or share your Personal Information, such as when required by law.
3. HOW WE SHARE YOUR PERSONAL INFORMATION.
We may share your Personal Information to the extent necessary with the following parties (as well as otherwise described in this Privacy Policy or at the time of collection):
Service providers. Third parties that provide services on our behalf or help us operate the Tandm Software or our business (such as hosting, information technology, customer support, email delivery, customer research, marketing, and website analytics).
Payment processors. Any payment card information you use to make a purchase on the Tandm Software is collected and processed directly by our payment processor, Stripe, which may use your payment data in accordance with its privacy policy, https://stripe.com/en-ca/privacy.
Third parties designated by you. We may share your personal data with third parties where you have instructed us or provided your consent to do so. We will share Personal Information that is needed for these other companies to provide the services that you have requested.
Business and marketing partners. Third parties with whom we co-sponsor events, with whom we jointly offer products or services, or whose products or services may be of interest to you.
Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they provide to us.
Legal authorities. Law enforcement and governmental authorities as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transferees. Buyers and other relevant investors or participants in business transactions (including negotiations of, or due diligence for, such transactions) involving a corporate sale, merger, consolidation, acquisition, reorganization, or other disposition of all or any part of Tandm.
We also use the following service providers to operate the Mobile App. Tandm is the controller of the information described in the Mobile App provisions of this Privacy Policy, and each provider below acts as our processor and may use the information only to provide its service to us:
OneSignal. Push notification delivery via APNs and FCM. We share your push token, OneSignal subscription identifier, device model and OS version, App version, and (after sign-in) your Tandm user identifier. Its privacy policy is at https://onesignal.com/privacy.
PostHog. Product analytics and diagnostics for the Mobile App, processed on PostHog’s EU infrastructure. We share an anonymous identifier, your Tandm user identifier after sign-in, Mobile App and build version, platform and OS version, and the events described in Section 1. Its privacy policy is at https://posthog.com/privacy.
Large-language-model provider (OpenAI as of the date of this Privacy Policy). Transcription of recordings and generation of a title and summary, performed from Tandm’s servers (not from your device). We share the audio file and the transcript; under the configuration we use, the provider does not use this content to train its models. Its privacy policy is at https://openai.com/policies/privacy-policy.
Amazon Web Services (AWS). Encrypted storage of uploaded audio files in Amazon S3 within Tandm's AWS account, accessed only through short-lived signed links issued by Tandm. The provider receives the audio file and storage metadata (size, type, timestamps), but not your transcript, title, summary, or Tandm user identifier. Its privacy notice is at https://aws.amazon.com/privacy/.
Apple and Google. App distribution (App Store, Google Play), push transport (APNs, FCM), and on-device features (Face ID and Keychain on iOS; fingerprint and Keystore on Android). These platforms receive only what the platform requires; biometrics are handled entirely on-device. See https://www.apple.com/legal/privacy/ and https://policies.google.com/privacy.
4. YOUR CHOICES AND RIGHTS.
Subject to applicable privacy laws and certain limitations, you may have the following rights regarding the Personal Information we hold about you:
Right to be informed. The right to be informed about how your Personal Information is collected, used, disclosed, and retained. We aim to satisfy this right through this Privacy Policy.
Right of access. The right to confirm whether we hold Personal Information about you, to access that information, and to receive details about the categories of information collected, the sources, the purposes of collection, the categories of third parties to whom it has been disclosed, and the retention period or criteria used to determine it.
Right to rectification. The right to request that we correct or update any Personal Information we hold about you that is inaccurate, incomplete, ambiguous, or out of date.
Right to erasure / deletion / destruction. The right to request that we delete or destroy the Personal Information we hold about you, subject to limited exceptions (for example, where we are required to retain information to comply with a legal obligation or to establish, exercise, or defend legal claims).
Right to withdraw consent. Where we rely on your consent to process your Personal Information, the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
Right to restrict processing. The right to request that we temporarily or permanently stop processing all or part of your Personal Information under certain circumstances.
Right to object. The right to object to our processing of your Personal Information in certain circumstances. You have an absolute right to object to processing for direct marketing purposes.
Right to data portability. The right to receive the Personal Information you have provided to us in a structured, commonly used, and technology-neutral format, and to have it transmitted to another organization where technically feasible.
Right to de-indexation (cessation of dissemination). The right to request that we cease disseminating your Personal Information, or to de-index any hyperlink attached to your name that provides access to your Personal Information by a technological means, where such dissemination contravenes the law or a court order, or where certain conditions relating to harm and public interest are met.
Rights regarding automated decision-making. The right not to be subject to a decision based exclusively on the automated processing of your Personal Information that produces legal or similarly significant effects concerning you and to request information about such decisions, including the Personal Information used, the reasons and principal factors that led to the decision, and to request that the decision be reviewed by a human and to express your point of view.
Right to non-discrimination. We will not discriminate against you for exercising any of your rights under this Privacy Policy, including by denying you services, charging different prices, or providing a different level or quality of service.
Account deletion (Mobile App). Please note the Mobile App does not include an in-app delete-account button because end users do not create their own accounts; if your administrator removes your account while you are signed in, the App signs you out on the next session refresh. Tandm accounts are provisioned and managed by your organisation’s IT administrator, so account deletion is administrator controlled. You can either ask your administrator to delete your account from the Tandm admin console, or email legal@tandm.io from the email address on file; we will verify the request with your organisation’s administrator and then action verified deletions within 30 days. When your account is deleted, your profile, recordings (audio, transcript, title, and summary), and other workspace content are removed from our systems; your push subscription and identifiable analytics events are unlinked from your user identifier; and aggregated data that no longer identifies you may remain.
To exercise any of these rights, contact us at legal@tandm.io. We may need to verify your identity before responding, and may request information sufficient to confirm you are the individual to whom the Personal Information relates. We will respond within the timeframes required by applicable law (generally within 30 days, which may be extended where permitted).
If you believe we have not handled your Personal Information in accordance with applicable law, you have the right to lodge a complaint with the competent data protection or privacy authority in your jurisdiction.
5. THIRD-PARTY SERVICES.
The Tandm Software may contain links to (and sometimes, integrations with) websites, mobile applications, and other online services operated by third parties. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, applications, or other online services operated by third parties, and – unless we specifically agree with you otherwise – we are not responsible for their actions if you choose to engage with them. We encourage you to read the privacy policies of the other websites, applications, and online services that you access and use.
6. RETENTION.
We keep Personal Information only as long as needed for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law. Specific periods for information collected through the Mobile App:
Account data is deleted within 30 days after your organisation removes your account, except where law requires longer retention.
Audio recordings, transcripts, titles, and summaries are stored as part of your workspace and are deleted when your account is deleted. The local copy of audio on your device is removed after a successful upload.
Identifiable product analytics events are retained for up to 24 months, then deleted or aggregated so that they no longer identify you.
Push notification subscriptions are removed when you sign out, uninstall the App, or revoke notification permission.
Diagnostic data is retained for up to 90 days.
7. SECURITY.
We employ industry standard technical, organizational, and physical safeguards and security measures to protect the Personal Information we collect from you. These safeguards and security measures relate to Tandm’s personnel, facilities, hardware and software, networks, access controls, monitoring and logging, vulnerability and breach detection, incident response, and encrypted data transfers and storage.
However, a certain degree of security risk remains inherent in all internet and information technologies, and we therefore can never fully guarantee the security of your Personal Information. As part of our security program, we have implemented security controls pertaining to our response, investigation, and remediation of data security incidents. In the case of a data security breach involving your Personal Information, we will notify you without undue delay after we become aware of such breach, as required by applicable law. If you wish, you can review more details on our security trust centre here: https://tandm.io/trust.
8. INTERNATIONAL PROCESSING.
We are headquartered in Canada and may use service providers that operate in other countries to process your Personal Information. Your Personal Information may be stored or transferred to other locations where privacy laws may not be as protective as those in your state, province, or country; however, we will ensure our storage or transfers comply with applicable laws around your Personal Information.
When we transfer Personal Information from the European Economic Area or the United Kingdom to other countries, we do so on the basis of adequacy decisions, Standard Contractual Clauses approved by the European Commission, or other lawful transfer mechanisms. When we transfer Personal Information from Canada to other countries, we ensure such transfers comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. We take steps to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it, including by implementing appropriate technical and organizational measures. If you are a business customer working with us, we will do our best to work with you to adhere to any of your statutory requirements related to Personal Information, including any such requirements imposed by your applicable governing bodies. If you are considered a “data subject” under the EU General Data Protection Regulation (GDPR), then we will handle your Personal Information in accordance with the GDPR; however, this Privacy Policy is intended for individuals acting in their capacity as a representative of a business customer of Tandm.
Information processed through the Mobile App may be stored in or transferred to the European Union (where PostHog’s EU infrastructure processes Mobile App analytics and diagnostics); the United States (where OneSignal, the large-language-model provider (OpenAI), and Apple and Google platform services primarily operate); and Canada, where audio recordings are stored with our object-storage provider and where the Tandm backend, database, and recording metadata are hosted. For certain single-tenant customers, the audio recordings, backend, database, and recording metadata for that customer's deployment may instead be hosted in a different region selected for that deployment. Where we transfer this information out of the EEA, the United Kingdom, or Switzerland, we rely on the safeguards described above, including Standard Contractual Clauses and the United Kingdom International Data Transfer Addendum, together with supplementary measures recommended by the European Data Protection Board.
9. CHILDREN.
The Tandm Software is not intended for use by anyone under the age of majority in the jurisdiction you are located in. If you believe we have collected Personal Information in a manner prohibited by law, please contact us. If we learn that we have collected Personal Information through the Tandm Software from a child without the consent of the child’s parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.
10. CHANGES TO THIS PRIVACY POLICY.
We reserve the right to modify this Privacy Policy at any time. If we make material changes to it, we will notify you by updating the date of this Privacy Policy and posting it on the Tandm Software or other appropriate means. Any changes to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Tandm Software after the effective date of any modified Privacy Policy indicates your acceptance of the modified policy.
11. CONTACT US.
To exercise your rights or choices or if you have questions about this Privacy Policy or our privacy practices involving your Personal Information, please contact us at legal@tandm.io.