Privacy & security
Last updated July 2026
Tempetto plans the week for people who visit clients at home. Here's exactly what we store, who can see it, and what our routing and AI services never see.
The short version
Your clients' names, addresses, and notes are stored in our database, encrypted at rest by our cloud provider — the same standard banks and healthcare software use.
Access is restricted to your account (or, on a Teams plan, your organization) by database-level access rules — no other customer can ever query your data.
To plan your route or read a schedule request, our routing and AI services still see only a random token and map coordinates for each stop — never a name, street address, or note.
We never sell your data, and there are no ads.
Where your client details live
Client names, home addresses, phone numbers, and your notes are stored in our database. They are encrypted at rest by our cloud infrastructure provider and protected in transit (TLS) — but unlike an earlier version of this page, they are not end-to-end encrypted on your device before they reach us.
We made this change so that a team can share one client roster, assign visits across caregivers, and pull reports (like drive-time and mileage) that only work when a schedule is queryable — none of that is possible if only your device can read the data.
Who can access it
Database access rules (row-level security) scope every query to your own account, or — on a Teams plan — to your organization, by role. A member sees what their role allows; an admin manages the roster and schedules for their org; no one outside your org can query your data through the app.
A small number of Tempetto engineers can access production data when needed for support or to operate the service (for example, diagnosing a bug you report). We don’t use your client data for any other purpose, and we log administrative access to our database.
What our routing and AI services see
To put your stops in the shortest-driving order, or to turn a typed request like "move Tuesday's visit earlier" into a schedule change, those services receive a random token and map coordinates (and, for schedule edits, the structured shape of your request) — never a name, street address, phone number, or your notes.
This part of the architecture hasn’t changed: routing and AI computation stay de-identified regardless of plan, and those services persist nothing after they respond.
Signing in
You sign in with a password, or with your face, fingerprint, or a device passkey where enabled. Account access is separate from — and unaffected by — the storage change described above.
What Tempetto is — and is not
Tempetto is a scheduling and routing tool: it helps you (or your team) lay out a drive-smart week. It is not a medical record system, and it is not a replacement for the software or policies your employer requires.
If you work for an agency, you are responsible for following its rules about what you may enter into outside apps. If your organization needs a signed Business Associate Agreement to enter protected health information, contact us — that’s a Teams-plan conversation with contractual terms, not something this page can grant on its own.
This page is a plain-English overview to help you understand how your data is handled. It is not legal advice or a contract, and it does not by itself establish HIPAA compliance for your practice or agency.
Your data, your call
You can remove any client in the app at any time. To delete your account (or, for a Teams admin, your organization) and everything tied to it, contact us and we’ll erase your stored records.
We never sell your data, and Tempetto has no ads.
For your IT or compliance team
The precise version: client identifiers (names, addresses, phone numbers, notes) are stored in our primary database, encrypted at rest by our infrastructure provider and in transit via TLS, and scoped by row-level security to your account or organization. Our routing/compute service receives only opaque tokens, map coordinates, and structured scheduling constraints, and persists nothing. Authentication is password- and/or passkey-based. A Business Associate Agreement is available for Teams-plan organizations that require one.
We’re glad to walk through this or complete a security questionnaire — reach us at the address below.
Questions
Anything about your privacy you want to ask a human? Reach us at contact@tempetto.com.
© 2026 Tempetto
Back to home