Privacy Policy
Last updated: 2 April 2026 | Tentrois Ltd
1. Introduction
Tentrois Ltd ("we", "us", "our") is committed to protecting the privacy of individuals whose data we process. This Privacy Policy explains how we collect, use, store, and share personal data in connection with our B2B lead intelligence platform.
Tentrois Ltd is the data controller for personal data processed through our platform. We are registered in England and Wales.
2. Data We Collect
2.1 Business Contact Data (Leads)
We collect publicly available business information from open sources including:
- Company name, domain, country, and industry classification
- Job postings from public ATS platforms (Greenhouse, Lever, Ashby, etc.)
- News mentions from public RSS feeds and news APIs
- Public company registry filings (Companies House, SEC EDGAR, etc.)
- Business contact details where publicly listed (name, job title, business email)
2.2 Client Account Data
When you create a Tentrois account, we collect:
- Full name, company name, business email address
- Role/title and country
- Niche/industry selection
- Password (stored as a bcrypt hash; we never store plaintext passwords)
2.3 Inbound Enquiry Data
When you submit our Get Started form, we collect: name, company, email, role, country, niche, and selected challenges.
3. Lawful Basis for Processing
| Data Category | Lawful Basis | GDPR Article |
|---|
| Client account data | Contract performance | Art. 6(1)(b) |
| Business contact data (leads) | Legitimate interest | Art. 6(1)(f) |
| Inbound enquiry data | Consent (form submission) | Art. 6(1)(a) |
Our legitimate interest assessment for processing business contact data is documented in our Legitimate Interest Assessment.
4. How We Use Data
We process data through a 6-stage pipeline:
- Extraction — Collecting publicly available business data from 54 open sources
- Transformation — Normalising, deduplicating, and verifying data quality
- Signal Intersection — Identifying companies showing 3+ growth signals (hiring, funding, expansion)
- Propensity Scoring — Machine learning scoring to rank leads by purchase likelihood
- AI Enrichment — Generating intelligence layers including company analysis, competitive positioning, and outreach recommendations
- Delivery — Routing qualified leads to subscribed clients based on niche matching
5. Data Sharing
We share personal data only with:
- Subscribed clients — Qualified lead data delivered through our platform dashboard
- Infrastructure providers — Supabase (database hosting), Render (application hosting)
- AI providers — Google (Gemini API for lead enrichment). Prompts contain only business-context data, never personal identifiers beyond business name and title
We do not sell personal data. We do not share data with advertisers or marketing platforms.
6. Data Retention
| Data Type | Retention Period |
|---|
| Raw extracted leads | 90 days, then deleted |
| Qualified/enriched leads | 12 months from creation |
| Delivered leads | 12 months from delivery date |
| Client accounts | Duration of subscription + 12 months |
| Inbound enquiries | 6 months if not converted to client |
7. Data Subject Rights
Under UK GDPR, individuals whose data we process have the right to:
- Access — Request a copy of personal data we hold about you
- Rectification — Request correction of inaccurate data
- Erasure — Request deletion of your personal data ("right to be forgotten")
- Restriction — Request we limit how we process your data
- Object — Object to processing based on legitimate interests
- Portability — Receive your data in a structured, machine-readable format
To exercise any of these rights, contact us at privacy@tentrois.com. We will respond within 30 days.
8. Security
We implement appropriate technical and organisational measures to protect personal data:
- Passwords hashed with bcrypt (not reversible)
- JWT authentication with configurable expiry
- TLS encryption for all data in transit
- Database access restricted by role and IP
- Regular security reviews of our data pipeline
9. International Transfers
Our infrastructure providers may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via our platform dashboard or by email to registered clients.
11. Contact
For any privacy-related enquiries:
Tentrois Ltd
Email: privacy@tentrois.com
Website: tentrois.com