Effective Date: 9 November 2025
Scope: This policy applies to all users of Tentunit’s platform and describes how Tentunit shares personal data with third‑party service providers.
1. What is Third‑Party Data Sharing?
To operate our platform efficiently, Tentunit partners with trusted service providers (“processors”) who perform certain tasks on our behalf. We only share the minimum amount of personal data necessary for these partners to perform their services. Tentunit does not sell personal information.
2. Processors We Use
| Processor | Purpose | Data Shared | Legal Basis & Safeguards |
|---|---|---|---|
| Google Tag Manager | Manages and deploys marketing tags (e.g., analytics and tracking tags) on our site without modifying code. | Device identifiers, page‑view data and event data (e.g., button clicks). No directly identifying information (names, emails) is sent through tags. | Legitimate interests in monitoring and improving website functionality. Tags are configured to avoid collecting sensitive data. |
| Google Ads | Tracks advertising performance and optimizes campaigns. Measures conversions and retargets users who have interacted with our ads. | Device identifiers, page‑view data, hashed contact details (if used for retargeting) and conversion events (e.g., sign‑ups). | Consent (where required). We adhere to Google’s policies on data minimization and pseudonymization and provide users with choices regarding ad personalization via our Cookie Banner. |
| Stripe | Processes payments, handles refunds and supports financial reporting. | Payment method details (e.g., card information), transaction amounts, billing addresses, email addresses, and limited account identifiers required to authenticate transactions. | Performance of a contract (processing payments). Stripe is PCI‑DSS‑compliant; payment details never reach Tentunit’s servers. |
3. How We Protect Your Data
- Data Minimization: We share only the information needed for each processor to perform its function.
- Contractual Obligations: Our agreements with processors include confidentiality clauses, data‑security requirements and restrictions on secondary uses.
- Security Measures: Processors must implement industry‑standard security controls (e.g., encryption, access controls) to safeguard data.
- Geographic Controls: Where feasible, data is stored in regions that offer adequate data‑protection standards.
4. User Controls & Rights
- Opt‑Out / Consent: You can manage non‑essential cookies (including those used by Google Ads) via our Cookie Settings at any time.
- Access & Portability: You may request access to or a copy of your personal data. If technically feasible, we will provide it in a structured, commonly used format.
- Deletion: You may request deletion of personal data we hold, subject to certain retention requirements (e.g., tax and accounting laws).
- Objection to Processing: For processing based on legitimate interests (e.g., analytics or marketing), you can object, and we will assess and address your request.
5. Updates to This Policy
We may update this policy to reflect changes in our use of third‑party processors or legal requirements. When we make material changes, we will post a notice on our website and update the “Effective Date.” Continued use of Tentunit after an update constitutes acceptance of the revised policy.