v.2026.2 • Effective June 2026
tendypos.com/legal/privacy • legal@tendypos.com
Tendy Inc. (“Tendy”, “we”, “us”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect Personal Information in connection with our website, our POS and eCommerce products (the “Products”), and our dealings with merchants and prospective merchants. It forms part of the Tendy Master Subscription Agreement (the “Agreement”) at tendypos.com/legal/msa-v2026-2 and uses defined terms from it where applicable.
This Policy describes how Tendy handles Personal Information for which it is responsible as an organization — for example, information about merchant representatives, website visitors, and prospective customers. Where Tendy processes Personal Information of a Merchant’s own customers on the Merchant’s behalf through the Products, the Merchant is responsible for that information and Tendy acts as a service provider under the Data Processing Agreement (DPA) at tendypos.com/legal/dpa-v2026-2. This Policy does not govern that processing.
Depending on how you interact with us, we may collect:
Account and contact information — name, business name, email address, telephone number, and role.
Billing and payment information — billing details and the payment-method information needed to administer Fees. Full card numbers are handled by our payment processors, not stored by Tendy.
Usage, device, and technical information — log data, IP address, device and browser details, and interactions with the Products and our website.
Support and communications — correspondence, support tickets, and related materials, which may include screenshots of the Products.
Cookies and analytics data — as described in Section 5.
to provide, operate, maintain, and support the Products and website;
to process payments and administer the Agreement and billing;
to communicate with you, including service and transactional messages and, where you have consented, marketing communications;
to monitor, secure, troubleshoot, and improve the Products; and
to comply with legal obligations and enforce our agreements.
Tendy collects, uses, and discloses Personal Information in accordance with applicable Canadian privacy law, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and Quebec’s Law 25. We rely on your consent — express or implied, as appropriate to the sensitivity and context — and, where permitted, on other bases such as performance of a contract or our legitimate business interests. You may withdraw consent as described in Section 10, subject to legal or contractual restrictions.
Our website and Products use cookies and similar technologies, and third-party analytics tools, to operate, measure, and improve them. This includes product-analytics and session-replay technology (Microsoft Clarity) that records interactions with the POS application and merchant Dashboard. We configure session-replay tooling to mask sensitive on-screen fields where reasonably practicable. You can control cookies through your browser settings; disabling some cookies may affect functionality.
We share Personal Information with service providers (Sub-processors) that perform functions on our behalf, such as cloud hosting, analytics, communications, and support. A current list is available at tendypos.com/legal/subprocessors. We require these providers to protect Personal Information under contract. We may also disclose Personal Information: (a) to comply with law, legal process, or a lawful request; (b) to protect the rights, safety, or property of Tendy or others; and (c) in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate protections. We do not sell Personal Information.
Some of our service providers process Personal Information outside Quebec and outside Canada, including in the United States. Where we transfer Personal Information internationally, we apply appropriate safeguards, including contractual measures such as Standard Contractual Clauses and, where applicable, reliance on the EU–U.S. Data Privacy Framework, as further described in Section 8 of the DPA. Personal Information may be subject to the laws of the jurisdictions in which it is processed.
We retain Personal Information for as long as necessary to fulfil the purposes described in this Policy, to provide the Products, and to comply with our legal, tax, and contractual obligations, after which we delete or de-identify it. Retention of Merchant Content following termination is addressed in Section 7.3 of the Agreement and in the DPA.
We maintain administrative, technical, and physical safeguards designed to protect Personal Information, including encryption in transit and at rest, access controls, and monitoring. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Subject to applicable law, you may: access the Personal Information we hold about you; request correction of inaccurate information; withdraw consent; request deletion; request a copy in a structured, commonly used technological format (portability); and, under Law 25, request that we cease disseminating information or de-index it in certain circumstances. To exercise these rights, contact us as set out in Section 11; we may need to verify your identity. You also have the right to complain to the Office of the Privacy Commissioner of Canada or the Commission d’accès à l’information du Québec.
Tendy has designated a person responsible for the protection of Personal Information. You may contact them, or ask any question about this Policy, at legal@tendypos.com or by mail to: Tendy Inc., Main Floor – 379 Adelaide St W, Toronto, ON M5V 1S5.
The Products and website are intended for businesses and are not directed to children. We do not knowingly collect Personal Information from children.
We may update this Policy from time to time. We will post the updated version at tendypos.com/legal/privacy and update the version and effective date above. Material changes will be communicated as required by law or the Agreement.