Privacy Policy

1. Introduction

Tempo HQ ("we," "our," or "us") operates the Tempo platform at https://tempohq.dev. Tempo is a B2B operations and sales management platform that integrates with your existing tools — Google Workspace, Slack, Jira, HubSpot, Dialpad, and others — to help teams manage implementations, customer success, and sales workflows.

This Privacy Policy explains what information we collect, why we collect it, our legal basis for processing it, how we use and protect it, who we share it with, and what rights you have over it. We have written this policy to reflect exactly how the service works — not as a generic template.

Data controller: For purposes of the EU General Data Protection Regulation (GDPR) and UK GDPR, Tempo HQ is the data controller of personal data collected through the Service. Where you use Tempo to process personal data about your own customers or contacts (for example, sales contacts or client portal invitees), you are the data controller for that data and Tempo HQ acts as your data processor. See Section 14 for information about our Data Processing Agreement.

2. Information We Collect

2.1 Account and identity information

Tempo uses Google OAuth exclusively — there are no passwords. When you sign in, Google provides us with your name, email address, and profile picture. We store these alongside optional fields you may add: phone number, Slack user ID, Jira email, and preferred avatar settings.

2.2 Google Workspace data

When you connect your Google account, Tempo requests the following OAuth scopes: read your Gmail messages and metadata (gmail.readonly), send email on your behalf (gmail.send), and read and write calendar events (calendar.events). We store a Gmail OAuth refresh token to maintain access between sessions. We cache Google Calendar events in a 14-day rolling window, including event titles, attendee email addresses, meeting links, and start/end times, to power scheduling and briefing features.

Tempo's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use Google data only to provide Tempo features you have explicitly authorized. We do not use Google data for advertising, do not transfer it to third parties except as required to operate the service, and do not allow humans to read your Google data unless you have explicitly consented, it is necessary for security purposes, or we are required to do so by law.

2.3 Connected integration data

When you or your organization connects third-party services, Tempo accesses and stores data from those services as needed to provide features:

Slack: Channel messages and threads from configured channels, and user information needed to match Slack users to your Tempo team.
Jira: Issues, issue keys, project metadata, and status updates. Jira issue keys and URLs are stored on tasks and change requests.
Confluence: Page content and hierarchy used to populate your knowledge base.
HubSpot: Deals, contacts, and engagement records, synced bidirectionally with your sales pipeline in Tempo.
Dialpad: Call metadata, call recordings, and transcripts linked to sales activities and contacts.
Notion: Page content synced to your knowledge base.
Meeting recorders (Spiky, Granola, Fathom, and others): Meeting transcripts, summaries, and extracted action items.
Loom: Video metadata linked to implementations or client portals.

Integration credentials (API tokens and OAuth tokens) are encrypted at rest using AES-256-GCM before being stored in our database.

2.4 Contact and sales data you enter

If your organization uses the sales features, Tempo stores information about your prospects and customers that you enter directly or import: names, email addresses, phone numbers, job titles, company names, LinkedIn URLs, notes, and sentiment or influence tags. If you connect Apollo for contact enrichment, additional data may be pulled from Apollo's database, including direct phone numbers, seniority, department, company employee counts, revenue estimates, and technology stack information.

2.5 Implementation and delivery data

Tempo stores information about your customer implementations: client names, contract values, budgets, project phases, health scores, risk signals, key contacts (names, emails, phone numbers, titles), meeting notes, transcripts, action items, and customer success plans.

2.6 Email sending and engagement tracking

If you use Tempo's email sequence or campaign features, we send outbound emails on your behalf through Resend (our transactional email provider) or your connected Gmail account. For emails sent through Resend, we track engagement — specifically whether recipients opened, clicked, replied to, or bounced your messages — using standard techniques (tracking pixels and link rewriting). Engagement records are stored and linked to the recipient contact in your account.

2.7 Client portal data

When clients access portals you create in Tempo, we log their email address, IP address, browser user-agent, access method (invite link or password), and session timestamps. Clients may also upload files through portals; these are stored in Vercel Blob storage.

2.8 Waitlist signups

If you sign up for the Tempo waitlist on our marketing site, we store your email address, name, and company name.

2.9 Usage and audit data

We maintain an internal audit log of significant actions taken within the application — such as creating or modifying implementations, changing roles, and connecting integrations. This log records the user email, user ID, IP address, action type, and the before/after values of changed fields. We use this log for security monitoring, debugging, and compliance — not for advertising or behavioral profiling. We do not use third-party analytics tools (such as Google Analytics, Mixpanel, or Segment) and do not place advertising or tracking cookies on your browser.

2.10 Error and performance data

We use Sentry to capture application errors and performance issues. When an error occurs, Sentry may receive the URL, browser type, and stack trace. We configure Sentry to scrub credentials and tokens from error reports.

3. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases as applicable:

Performance of a contract (Article 6(1)(b) GDPR): We process your account information, session data, and integration data because it is necessary to provide the Service you have signed up for. This covers authentication, core product features, and operating your account.
Consent (Article 6(1)(a) GDPR): Where you explicitly grant access to your Google Gmail or Calendar data, we process that data based on your consent. You may withdraw consent at any time by disconnecting the integration in your settings; withdrawal does not affect the lawfulness of processing prior to withdrawal.
Legitimate interests (Article 6(1)(f) GDPR): We process audit log data, error data, and security-related information based on our legitimate interest in maintaining the security and integrity of the Service, preventing fraud, and improving our product. We have determined that our legitimate interests are not overridden by your rights and freedoms in these contexts, given the limited nature of the data involved and the reasonable expectations of users of a business software platform.
Legal obligation (Article 6(1)(c) GDPR): In some cases we may need to process or retain data to comply with applicable laws, court orders, or regulatory requirements.

Where we process personal data about third parties that you enter into the platform (such as sales contacts or key stakeholders), you are the data controller and are responsible for identifying a lawful basis for that processing.

4. How We Use Your Information

We use the information we collect to:

Authenticate you and maintain your session
Provide all platform features — implementation tracking, task management, sales pipeline, customer success workflows, client portals, meeting notes, and reporting
Sync data from your connected integrations (Jira, Slack, Gmail, HubSpot, Dialpad, and others) into Tempo
Power Scout features: AI-generated briefings, risk scoring, meeting enrichment, RFP answer generation, and organizational insights
Send outbound emails and sequences on your behalf when you use the email features
Track email engagement (opens, clicks, replies) for emails sent through Tempo
Detect, investigate, and respond to security incidents and technical issues
Comply with legal obligations

We do not use your data to train AI models, build advertising profiles, or sell insights about you or your organization to third parties.

5. AI Processing and Scout

Tempo uses Anthropic's Claude API to power Scout features, including daily briefings, implementation risk scoring, meeting enrichment, RFP answer generation, buyer persona generation, and organizational insights. We also use OpenAI's API for text-to-speech audio in daily briefings.

When you use Scout features, relevant data from your account is sent to these AI providers as part of the prompt — for example, implementation names and status, task lists, deal summaries, meeting transcripts, or company context you have configured. This data is transmitted over TLS (HTTPS).

Per Anthropic's API usage policies, data submitted via the API is not used to train Anthropic's models. Anthropic retains API request data for up to 30 days for trust and safety monitoring, after which it is deleted. OpenAI's API data retention policies apply similarly for TTS requests. We recommend not including sensitive personal information in your organization's company context configuration, as this text is included in AI prompts.

6. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

6.1 Within your organization

Information you create within Tempo — implementations, tasks, meeting notes, deals, contacts, and similar — is visible to other members of your organization within the platform. Certain items (such as client portals and shared success plans) are also visible to external clients you explicitly share them with.

6.2 Sub-processors

We use the following third-party service providers that process data on our behalf. Each is bound by appropriate data processing agreements:

Vercel — application hosting and serverless compute (United States)
Neon — PostgreSQL database hosted on AWS (United States)
Upstash — Redis caching and rate limiting (United States)
Pusher — real-time WebSocket infrastructure for collaborative features
Vercel Blob — file storage for logos, documents, and portal uploads (United States)
Anthropic — Claude AI API for Scout features
OpenAI — text-to-speech API for audio briefings
Resend — transactional email delivery
Sentry — application error tracking and performance monitoring

6.3 Third-party integrations you authorize

When you connect a third-party service (Google, Slack, Jira, HubSpot, Dialpad, etc.), data flows between Tempo and that service as required to power the integration. Your use of those services is governed by their own privacy policies, for which we are not responsible.

6.4 Legal process and protection

We may disclose your information if required by law, regulation, subpoena, court order, or governmental request. We may also disclose information where we reasonably believe disclosure is necessary to prevent fraud, protect the rights or safety of Tempo HQ, our users, or others, or to enforce these policies.

6.5 Business transfers

In connection with a merger, acquisition, financing, reorganization, or sale of all or substantially all of our assets, your information may be transferred. We will provide reasonable notice before your information is transferred and becomes subject to a materially different privacy policy.

7. Data Security

We implement the following technical and organizational security measures:

Integration credentials (API tokens and OAuth tokens for Slack, Jira, Confluence, HubSpot, Dialpad, Notion, and other integrations) are encrypted at rest using AES-256-GCM before storage
All data in transit is protected by TLS encryption (HTTPS)
Authentication is delegated to Google OAuth — we do not store passwords
Session tokens are stored in httpOnly, Secure cookies, inaccessible to JavaScript
Rate limiting is enforced on all API endpoints to prevent brute force and abuse
Sensitive fields (tokens, keys, credentials) are redacted from application logs
Our database provider (Neon) encrypts data at rest and maintains automated backups
Access to production systems is restricted to authorized personnel on a need-to-know basis

Security breach notification

If we become aware of a security breach that affects your personal data, we will notify affected users and, where required, the relevant supervisory authority. For users in the EEA or United Kingdom, we will notify the applicable supervisory authority within 72 hours of becoming aware of the breach where feasible and where the breach is likely to result in a risk to your rights and freedoms. We will notify affected individuals without undue delay where the breach is likely to result in a high risk to your rights and freedoms. Notice will be provided by email to the address associated with your account.

No security measures are perfect. We cannot guarantee absolute security of your data. If you discover a security vulnerability, please contact us at support@tempohq.dev.

8. Cookies

Tempo uses only strictly necessary cookies required to operate the service. We do not use analytics, advertising, or tracking cookies.

Session cookie (next-auth.session-token): A signed JSON Web Token containing your user ID, organization context, and role. Set as httpOnly (inaccessible to JavaScript) and Secure (HTTPS only), expires after 8 hours. This cookie is strictly necessary — the service cannot function without it.
CSRF protection cookie: A short-lived token used to prevent cross-site request forgery. Strictly necessary.
Theme preference: Your light/dark/system theme preference is stored in localStorage, not a cookie.

Because we use only strictly necessary cookies, consent is not required for cookie placement under most privacy regulations (including the EU ePrivacy Directive), though we provide a notice for transparency.

9. Data Retention

We retain your personal information for as long as it is necessary to provide the Service and for the purposes described in this policy, unless a longer retention period is required by law. Specific retention periods:

Account and organizational data: Retained while your account or organization is active. Deleting your account removes your user record and associated personal settings.
Google Calendar events: Cached in a rolling 14-day window; events older than 14 days are not retained in our systems.
Client portal sessions: Retained until the session expires or is revoked.
Waitlist entries: Retained until you request removal.
AI inference data (at Anthropic and OpenAI): Retained by those providers for up to 30 days per their respective API data retention policies.
Soft-deleted records: Some records (contacts, deals, activities, meeting notes) are soft-deleted — hidden from the UI but remaining in the database. These are permanently deleted when your account or organization is deleted, or upon written request.
Audit logs: Retained for security monitoring and compliance. To request deletion, contact us at support@tempohq.dev.

To request deletion of your data, contact us at support@tempohq.dev. We will respond within 30 days.

10. Your Privacy Rights

10.1 Rights under GDPR (EEA and United Kingdom residents)

If you are located in the European Economic Area or United Kingdom, you have the following rights under the GDPR or UK GDPR:

Right of access (Article 15): Request a copy of the personal data we hold about you and information about how we process it.
Right to rectification (Article 16): Request correction of inaccurate or incomplete personal data.
Right to erasure (Article 17): Request deletion of your personal data, subject to certain exceptions (such as compliance with legal obligations).
Right to restriction (Article 18): Request that we restrict processing of your personal data in certain circumstances.
Right to data portability (Article 20): Receive your personal data in a structured, commonly used, machine-readable format, and transmit it to another controller, where technically feasible.
Right to object (Article 21): Object to processing based on our legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, or processing is for the establishment, exercise, or defense of legal claims.
Right to withdraw consent: Where processing is based on consent (such as Google integration access), you may withdraw consent at any time by disconnecting the integration in your settings. Withdrawal does not affect the lawfulness of prior processing.
Right to lodge a complaint: You have the right to lodge a complaint with your local data protection supervisory authority. In the EU, this is your national DPA (e.g., the CNIL in France, the ICO in the United Kingdom, or the relevant authority in your member state). We encourage you to contact us first so we can try to resolve your concern directly.

10.2 Rights under CCPA (California residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Right to know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business purpose, and the categories of third parties with whom we share it.
Right to delete: Request deletion of personal information we have collected, subject to certain exceptions.
Right to correct: Request correction of inaccurate personal information.
Right to opt out of sale or sharing: We do not sell personal information or share it for cross-context behavioral advertising. This right is not applicable to our current practices.
Right to limit use of sensitive personal information: We do not use sensitive personal information (as defined by CPRA) for any purpose beyond providing the Service.
Right to non-discrimination: We will not discriminate against you for exercising any of these rights.

10.3 How to exercise your rights

To exercise any of these rights, email us at support@tempohq.dev with the subject line "Privacy Rights Request." We will verify your identity before processing the request and respond within 30 days (or within 45 days if an extension is permitted and necessary). We will not charge a fee unless your request is manifestly unfounded or excessive.

11. Data About Third Parties You Enter

Tempo allows you to store information about people who are not users of the service — for example, sales contacts, customer stakeholders, and client portal invitees. If you enter such information, you are the data controller for those individuals and are responsible for:

Having a lawful basis to process their personal data under applicable law
Providing any required notices to those individuals about how their data is processed
Honoring any rights requests made by those individuals

You should not enter special categories of personal data (health information, financial account numbers, government ID numbers, biometric data, etc.) into Tempo without a clear legal basis and appropriate safeguards.

12. Children's Privacy

Tempo is a B2B service intended solely for use by adults in a professional capacity. It is not directed to, and we do not knowingly collect personal information from, children under 16. If we learn that we have inadvertently collected personal information from a child under 16, we will promptly delete it. If you believe we have collected such information, please contact us at support@tempohq.dev.

13. International Data Transfers

Tempo HQ is based in the United States. Our primary infrastructure — database (Neon on AWS), blob storage (Vercel Blob), and cache (Upstash Redis) — is located in the United States. If you access the Service from outside the United States, your personal data will be transferred to and processed in the US, which may not provide the same level of data protection as your home jurisdiction.

For transfers of personal data from the EEA or United Kingdom to the United States, we rely on the European Commission's Standard Contractual Clauses (SCCs) or the UK International Data Transfer Agreement (IDTA), as applicable, or other appropriate transfer mechanisms recognized under the GDPR or UK GDPR. Where our sub-processors process EEA or UK personal data, we ensure they have appropriate transfer mechanisms in place.

You may request a copy of the transfer mechanisms we use by contacting us at support@tempohq.dev.

14. Data Processing Agreement

Where Tempo processes personal data on behalf of your organization as a data processor (for example, personal data about your sales contacts, client stakeholders, or portal invitees), we offer a Data Processing Agreement (DPA) that meets the requirements of GDPR Article 28.

To request our DPA, email us at support@tempohq.dev with the subject line "DPA Request." Enterprise customers on qualifying plans may have DPA terms included in their service agreement.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through an in-app notice prior to the change taking effect. We encourage you to review this policy periodically. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

16. Contact Us

For questions about this Privacy Policy, to exercise your rights, to request a DPA, or to report a privacy concern, contact us:

Tempo HQ
Email: support@tempohq.dev
Website: https://tempohq.dev

If you are in the EEA or United Kingdom and have an unresolved privacy concern that we have not addressed satisfactorily, you have the right to contact your local data protection supervisory authority.