Your family's health and care information is deeply personal. tendercare is built with privacy and security as core design principles, not afterthoughts.
For the full technical details on how tendercare protects your data — encryption, infrastructure, certifications, and policies — visit trytendercare.com/security.
The short version
Encryption. All data is encrypted in transit and at rest using AES-256, the same standard used by banks and government agencies.
HIPAA. tendercare has successfully completed a HIPAA attestation examination.
Access controls. Only people you invite can access your vault. You can remove access at any time. Invite links expire after 24 hours.
No selling your data. tendercare does not sell your data or share it with third parties for advertising.
Storage. Data is stored in secure cloud infrastructure in the United States.
tenderID security
tenderID is designed for frictionless emergency access (no login, no app needed by the responder), and it's protected by a multi-layer security architecture:
Scan links expire after 24 hours. Each scan generates a fresh, time-limited link.
You control exactly what's shown. Only the information you've chosen to include is visible.
Cards can be instantly deactivated. If a card is lost, you can turn it off from the app or web.
Every scan triggers a family notification. Unauthorized scans don't go undetected.
See How tenderID protects your data for the full architecture.
What you can control
Vault access. Add and remove collaborators at any time.
tenderID privacy settings. Control what information is visible when your tenderID is scanned.
Account data. You can request deletion of your account and all associated data at any time.
Questions?
If you have specific questions about privacy or security, contact us at [email protected].