Privacy and Security at

Tenon takes privacy and security of customer data very seriously. We also take transparency very seriously. The following document discusses our approaches to Privacy and Security.


No customer information will be shared with any third party except as needed to provide quality customer service. Tenon makes use of the following third party services for some of our functionality and/ or customer service activities, each of whom have their own privacy policies.

  • Payment processing via Stripe
  • User support and drip marketing via
  • User support via HelpSite
  • Customer Relationship Management via Pipedrive

Tenon is not responsible for Privacy or Security problems derived from third parties. We encourage you to read and understand the above third parties' policies as well as ours.

Tenon Itself


  • At no time do we store any credit card data on our servers.
  • All passwords stored in our database are hashed with a one-way hash. Our forgotten password process is actually a reset process. Not even staff can see your password in plaintext.
  • We routinely test our system for common security vulnerabilities such as SQL Injection, XSS, CSRF, and more.

Mailing Lists

  • When you sign up for an account on, you are automatically subscribed to our mailing list. If you wish to unsubscribe, you can do so at any time by visiting our Unsubscribe page
  • We have two primary lists: our general marketing mailing list and a list for system updates. You can also stop system update emails at the Unsubscribe page. We heartily recommend you don't unsubscribe from late list, because that list receives no marketing and is solely reserved for important messages about system status
  • We reserve the right to send you messages about your account, such as billing or confirmation messages.


We set cookies for the following reasons on

  • Whenever someone uses the public demo
  • Whenever someone lands on a landing page from a CPC ad, email newsletter, or other digital marketing asset.
  • Whenever a registered user logs into the website

Use of any web system under the domain is implicit consent to accept cookies. We may, in the future, elect to add third party cookies directly related to our service and/ or the marketing of our service. No third party cookies or beacons will ever been set relating to marketing of any other product, service, or website.

Public Demo

  • The public demo page stores all results temporarily as described below.
  • The public demo also stores the requesting computer's IP address and sets a cookie.
  • We do not have any display ads or any other code which would use a beacon or set a third-party cookie.

Storage of test data

  • We temporarily store every result of every test run by the tenon API. The length of time this is stored depends largely upon server demand but is anticipated to be less than a few minutes.
  • We permanently store your test results if you specifically set the 'store' parameter to '1'
  • In both of the above cases, the information stored is the verbatim copy of the JSON response, stored as a string.
  • If your API request is for testing of document source (via the 'src' request parameter) we will temporarily store that document source for the purposes of testing. After testing is complete we delete the source.[1]
  • If your API request calls for testing of an URL, we do not store the source of that document in any way.
  • We calculate statistics for a wide array of things such as document size, number of errors, and types of errors and we store this information permanently. Some of this informatiom is associated with your account, for the purposes of presenting this useful information to you.
  • We store messages sent to us by our payment processor that relate to your account. At no time does this contain any PII or credit card data. Instead, our processor sends us unique IDs which can be referenced later so that we can manage your account without requiring direct access to your information

We may, in the future, choose to store tested document source and/ or a snapshot image of the tested page. This would occur as part of future visualization features and would also be based on explicit permission from you.


Every single request against this system is tracked in order to protect and defend against abuse. Any abusive behavior will cause an immediate and irreversible revocation of your privileges to use this system. For some types of abuse this will happen at the very first sign of abuse, with no warning whatsoever.