Legal

Privacy Policy

How The Munna Co Pty Ltd (Tention) collects, uses, stores, and protects your information, and the choices and rights you have.

Last updated
June 16, 2026
3.0

Who we are

Tention is operated by The Munna Co Pty Ltd (ABN 14 660 483 581), 81 Watt Road, Mornington, Victoria 3931, Australia ("Tention", "we", "us"). We are the controller of the personal information described in this policy. You can reach us at privacy@tention.app.

We have assessed that we are not required to appoint a Data Protection Officer; privacy matters are handled by our team and reachable at privacy@tention.app.

This policy applies to our website, our web app, and our mobile app.

Who this applies to

Tention is for people aged 18 and over. It is not available to United States healthcare practitioners and must not be used with United States Protected Health Information (see our Terms of Service).

What we collect

  • Account information: your name, email, and authentication details.
  • Guidelines you write: the rules you author for the brand-check feature.
  • Recordings: videos you record or upload.
  • Transcripts: the text transcript of a recording you save.
  • Brand-check reports: where you run a brand check, the phrases from your transcript that matched a guideline you wrote.
  • Topic summaries: short, non-identifying descriptions of what a recording is about.
  • Usage and event data: how you interact with the product.
  • Connected-account metadata: where you connect a social account for scheduling.
  • Payment references: where billing applies, references from our payment processor. We do not store your full card details.

How we use it, and our lawful bases

We use your information to provide and operate the service (recording, transcription, captions, editing, the brand check, scheduling), to keep it secure, to support you, and to improve the product. Where the law requires a lawful basis (for example under the EU and UK GDPR), we rely on: performance of our contract with you for the core service; our legitimate interests in operating, securing and improving the product; and your consent where consent is required (for example for analytics and marketing cookies, and for retaining transcripts and any sensitive information you choose to record).

Where we rely on legitimate interests, you may object at any time by contacting privacy@tention.app, and we will stop unless we have compelling legitimate grounds that override your interests. "Improving the product" means analysing usage patterns and de-identified topic summaries; it does not include using your recordings, transcripts or guideline text to train any AI model, ours or a provider's.

We do not sell your personal information. We do not permit our AI providers to use your content to train their models.

Recordings, transcripts and brand-check reports

  • Recordings: we retain your video while you are a subscriber where a feature needs it, and purge it after a 30-day grace period following account cancellation. You can delete a recording at any time.
  • The raw audio file uploaded for transcription is deleted once transcription completes, backed up by a 24-hour storage lifecycle policy.
  • Transcripts: to power captions, editing and the brand check, we keep a text transcript of a recording you save, including word-level timing. When you save a recording, we record your consent to retain its transcript, including the version of this notice shown to you. We keep the transcript for as long as we keep the associated recording. You can delete the transcript, or the recording, at any time; deletion is permanent. Deleting your account permanently removes your transcripts.
  • Brand-check reports: when you choose to run a brand check, we save the result so it stays attached to that recording. It contains the verbatim phrases from your own transcript that matched a guideline you wrote, a short context snippet, the timing, and your guideline's label. A brand-check result reports only where your words matched, or did not match, your own guidelines. It is not a finding that your content is compliant or fit to publish, and it can miss things. You can delete a report, or the recording, at any time. Before you save a recording, an in-progress check is held in a temporary area that is automatically purged within 24 hours if you do not save it.
  • The audit record: an append-only record of the fact that a check ran. It holds only counts, identifiers and timestamps, never transcript text, never the matched phrases, and never your guideline text. We keep it to evidence that checks ran and to protect the integrity of the service (our legitimate interest).

Sensitive and special-category information

Some users work in regulated fields and may choose to record content that includes health or other sensitive information. Where you do, you provide that information to us by your own choice, and we process it on the basis of your explicit consent (Article 9(2)(a) of the GDPR; APP 3.3) solely to deliver the features you use. You control what you record and can delete it at any time. We do not require you to record sensitive information, and we recommend you avoid recording information that identifies your clients, patients or other third parties.

Information about other people

If you record or write about other people (for example a client or patient), you are responsible, as the person with that relationship, for having a lawful basis to do so and for any notice or consent they are owed. We provide tools to minimise this (topic summaries are designed to be non-identifying, and you can delete content at any time), and we ask you not to identify third parties in your recordings or guidelines.

Cookies and similar technologies

We use cookies and similar technologies on our website and apps. The detail is in our Cookie Policy.

Who we share it with (sub-processors)

We use trusted third-party services to run Tention, which process data on our behalf under data-processing terms and only as needed. The full, current list, with each provider's purpose, region and terms, is in our Sub-processors register, which we keep up to date and give advance notice before materially changing.

International transfers

We are based in Australia. Some of our providers process data outside your country, including in the United States and the European Union. For transfers from the EEA we rely on the European Commission's Standard Contractual Clauses; for transfers from the UK we rely on the UK Addendum to those Clauses (the UK IDTA); for transfers from Australia we take the steps required by APP 8. We carry out transfer-impact assessments on recipients in countries without an adequacy decision and apply supplementary measures, such as encryption in transit and at rest. For voice transcription, we route EU and UK users to our provider's EU processing endpoint so that audio is processed within the EU. Provider regions are listed in the Sub-processors register.

How long we keep it

Account information
While your account is active, then deleted within 30 days of account closure.
Guidelines you write
Until you delete them; deletion is permanent.
Recordings
While you are a subscriber where a feature needs them; purged after a 30-day grace period following cancellation. Deletable at any time.
Raw audio uploads
Deleted once transcription completes; 24-hour storage lifecycle backstop.
Transcripts
For the life of the associated recording; deletable at any time; purged on account deletion.
Brand-check reports
For the life of the associated recording; deletable at any time; purged on account deletion.
In-progress brand-check data
Automatically purged within 24 hours if you do not save the recording.
Topic summaries
On a rolling 12-month basis.
Audit records
While your account is active, then deleted within 30 days of closure (append-only while retained).
Product and usage events
Up to 24 months.
Website analytics
Per our analytics provider's retention setting (currently 14 months).
Routine technical logs
Around 90 days.
When you delete content
It is removed from our live systems immediately and from routine encrypted backups within 30 days, after which no copy remains.
On account cancellation
A 30-day grace period, after which your recordings, transcripts, reports and associated data are purged.

Your rights

Depending on where you live, you have rights over your personal information. Under the EU and UK GDPR these include access, correction, erasure, portability, restriction, objection, and the right to withdraw consent. Australian residents have rights of access and correction under the Australian Privacy Principles.

California residents have rights under the CCPA/CPRA: to know, delete, and correct personal information; to opt out of any "sale" or "sharing" of personal information; to limit use of sensitive personal information; and to non-discrimination for exercising these rights. We do not sell your personal information. Some advertising-measurement cookies on our marketing site may constitute "sharing" for cross-context behavioural advertising; you can opt out through our cookie settings, and we honour Global Privacy Control signals. You may use an authorised agent to make a request.

You can access, export and delete your data directly in the app ("Download my data" and "Delete account"), or by contacting privacy@tention.app. We respond within one month (EU/UK) or 45 days (California), and will tell you if we need longer. We may need to verify your identity before acting. You also have the right to complain to your local data protection authority (in Australia, the OAIC).

Security

We protect your information with encryption in transit (TLS), and we configure our systems to encrypt stored recordings and transcripts at rest, to control access, and to keep verbatim content out of our routine diagnostic and monitoring tools. No system is perfectly secure, but we take reasonable steps to protect your data.

Data breaches

If a qualifying personal-data breach occurs, we will notify the relevant regulator within the time the law requires (including, under the GDPR, without undue delay and where feasible within 72 hours of becoming aware), comply with the Australian Notifiable Data Breaches scheme, and notify affected individuals without undue delay where the risk to them is high.

Children

Tention is not intended for anyone under 18, and we do not knowingly collect their information. If we learn we have collected information from someone under 18, we delete it promptly.

Changes to this policy

We may update this policy as the product and the law evolve. The "last updated" date above reflects the current version, and we will give notice of material changes.

Contact

The Munna Co Pty Ltd, 81 Watt Road, Mornington, Victoria 3931, Australia. Privacy enquiries: privacy@tention.app.