Privacy Policy

Last updated: March 19, 2026

Tended is a service of Lueken Good Design LLC. Tended helps you follow through on "we should" commitments and helps church leadership care for their congregation. This policy explains how we handle your information.

Information We Collect

From all users:

• Email address and name (for your account)
• Commitments you log (who, what type, when)
• Contact names you add (people you want to connect with)
• Usage data (login times, features used)
• Timezone preference (to send notifications at appropriate times)
• Notification interaction data (whether you tapped a push notification, used to avoid sending duplicate reminders)

If you sign in with Google:

• Your Google account ID, name, email address, and profile photo URL
• Used solely for authentication — we do not access your contacts, Drive, or any other Google data

If you use the mobile app:

• Device token (a technical identifier assigned by Apple or Google to deliver push notifications to your device)
• Device platform (iOS or Android) and optional device name
• Tokens are stored on our server and deleted when you log out, uninstall the app, or delete your account

If you connect Google Calendar:

• OAuth tokens (to create calendar events on your behalf)
• We create events in your calendar but never read existing events

Tended's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

If you connect Microsoft Outlook Calendar:

• OAuth tokens (to create calendar events on your behalf)
• We create events in your Outlook calendar but never read existing events

If you're part of a church organization:

• Church affiliation
• Role (member, staff, leadership)
• If you opt-in: commitment counts visible to your church leadership

How We Use Your Information

Core functionality:

• Send reminder emails when commitments need scheduling
• Create calendar events when you schedule commitments
• Show your dashboard (commitments needing attention, upcoming events)
• Send push notifications for reminders, overdue commitments, and upcoming scheduled events (if you allow notifications)

Church features (with your consent):

• If you opt-in: Share commitment counts with church leadership
• Help leadership identify members who might need pastoral care
• Track staff pastoral engagement (if you're church staff)

Service improvements:

• Understand which features get used
• Fix bugs and improve performance
• Send occasional product updates (you can unsubscribe)

What We Never Do

• ❌ Sell your data to anyone
• ❌ Share your commitment details with anyone (only counts if you opt-in)
• ❌ Access your existing calendar events
• ❌ Send spam or marketing emails
• ❌ Use your data for advertising

Your Rights and Controls

You can always:

• View all your data in the app
• Disconnect Google Calendar or Outlook Calendar (Settings → Calendar → Disconnect). When you disconnect, your OAuth tokens are immediately deleted from our servers and revoked with the provider. Calendar event IDs are retained so we know which events were synced, but no further calendar access occurs.
• Disable push notifications per category (Settings → Notifications → Push preferences) or disable all notifications through your device's system settings
• Opt out of church data sharing (Settings → Privacy)
• Delete your account (Settings → Account → Delete Account)
• Export your data (email us at [email protected])

When you delete your account:

• All your commitments are permanently deleted
• All registered device tokens are deleted (push notifications stop immediately)
• Google Calendar and Outlook Calendar access is revoked and all OAuth tokens are deleted
• If you were sharing data with your church, that stops immediately
• We retain basic logs for 30 days for security purposes

Church Leadership Access

What leadership can see (only if you opt-in):

• Number of commitments you've made this month
• Number of commitments you've completed
• Whether you've received any commitments from others (to identify isolation)

What leadership cannot see:

• Who you're connecting with
• Details of your commitments
• Notes or location information
• Your personal calendar

For church staff:

• Your pastoral commitment counts are visible to church leadership by default
• This helps prevent burnout and ensures balanced pastoral care
• You can discuss concerns with your church admin

Data Security

• All data encrypted in transit (HTTPS)
• Database credentials encrypted at rest
• OAuth tokens encrypted in database
• Authentication tokens stored securely on your device (using platform-native secure storage)
• Hosted on Railway with SOC 2 compliance
• Regular security updates

Cookies & Analytics

We use cookies and similar technologies to understand how people use Tended and to improve the experience.

Analytics cookies (require your consent):

• PostHog — We use PostHog to track page views, feature usage, and session behavior. PostHog sets cookies and stores data in your browser's local storage to identify returning visitors. No analytics data is collected until you accept cookies via our consent banner. You can opt out at any time using the "Cookie Settings" link in the footer.

Cookie-free analytics (no consent required):

• Plausible Analytics — We use Plausible for privacy-friendly, aggregate traffic statistics. Plausible does not use cookies, does not collect personal data, and does not track you across sites. All data is aggregated with no way to identify individual visitors.

Essential cookies:

• Session cookie — Keeps you logged in while you use Tended. This is strictly necessary for the service to function and does not require consent.
• CSRF token — Protects against cross-site request forgery. Strictly necessary for security.

Your choices:

• When you first visit, analytics cookies are off by default until you accept
• You can change your choice at any time via the "Cookie Settings" link in the footer
• Declining analytics cookies does not affect your ability to use Tended

Third-Party Services

We use:

• Google Sign-In (authentication)
• Google Calendar API (only if you connect)
• Microsoft Outlook Calendar API (only if you connect)
• Firebase Cloud Messaging (push notifications to your mobile device)
• PostHog (analytics — see Cookies & Analytics above)
• Plausible Analytics (privacy-friendly traffic statistics)
• Resend (for sending emails)
• Railway (hosting)
• Twilio (SMS services)

Each has their own privacy policy. We don't share your data beyond what's necessary for these services to function.

SMS Messaging

If you opt in to SMS reminders, we collect your mobile phone number to send you text message notifications about your commitments.

What we send:

• Reminder messages when a commitment is due or overdue
• Follow-up prompts after a commitment reminder

How we use your number:

• Only to send commitment reminders you have opted into
• Never for marketing, promotions, or third-party purposes
• Never sold, shared, or disclosed to third parties, advertisers, or lead generators

Mobile Information Sharing Disclosure: Mobile information will not be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

To opt in: Enable SMS reminders in Settings and enter your mobile number.

To opt out: Reply STOP to any message at any time. You can also disable SMS in Settings → Notifications. After opting out, you will receive one confirmation message and no further SMS messages.

For help: Reply HELP to any message or email [email protected].

Message frequency varies based on your open commitments. Message and data rates may apply.

SMS delivery is provided through Twilio. Your phone number is transmitted to Twilio solely for message delivery and is governed by their privacy policy at twilio.com/legal/privacy.

Push Notifications

If you use the Tended mobile app, we may send push notifications to your device to help you stay on top of your commitments.

What we send:

• Reminders when a commitment needs scheduling details
• Alerts when a commitment is overdue
• Day-of reminders approximately 2 hours before a scheduled commitment

How device tokens work:

• When you allow notifications, your device provides a token (a technical identifier) that lets us deliver push messages to your specific device
• Tokens are stored on our server and associated with your account
• If a token becomes invalid (e.g., you uninstall the app), it is automatically removed
• Tokens are deleted when you log out or delete your account

Daily limit:

To avoid notification fatigue, push notifications are capped at 3 per day per user. This limit resets daily based on your configured timezone.

How to opt out:

• Disable individual push categories in Settings → Notifications (reminders, overdue alerts, day-of reminders)
• Disable all push notifications through your device's system settings for the Tended app

Push notification delivery is provided through Firebase Cloud Messaging (FCM), a service by Google. Your device token is transmitted to FCM solely for message delivery and is governed by Google's privacy policy at policies.google.com/privacy.

Changes to This Policy

We'll email you if we make significant changes. Continued use after changes means you accept them.

Children's Privacy

Tended is not intended for children under 13. We don't knowingly collect information from children.

Contact Us

Questions about privacy?

• Email: [email protected]