tenara-privacy-policy

Tenara Privacy Policy

Baca dalam Bahasa Indonesia

Effective date: May 5, 2026 Last updated: May 5, 2026

About this document

This privacy policy explains how Tenara handles information when you and your child use the Tenara app. Tenara is published by PT Bitpoin Teknologi Cakrawala, a company registered in Indonesia at Jl. CBD Blok J9 No. 1, Bintaro Jaya Sektor 9, Kota Tangerang Selatan, Banten 15229, Indonesia. We are the data controller for any personal data described in this policy.

If anything in this document is unclear, or you have questions about how we handle data, email us at prelaunchsupport.tenara@gmail.com.

Who uses Tenara

Tenara is a parental companion app. The parent or caregiver is the person who installs the app, sets it up, adds videos to the library, makes purchases, and operates the controls. The child is a viewer of the YouTube content the app plays back, and the front camera observes the child during playback for distance estimation. Children do not log in, create accounts, navigate the app, or input personal information.

The short version

Tenara processes only what it needs to, runs detection on your device rather than sending data to our servers, and does not collect personal information such as your name, email address, account login, photos, videos, voice recordings, or stored face data from you or your child. We do receive limited pseudonymous app activity and crash reports through Firebase, which are not directly linked to your identity. The rest of this policy is the detail.

Camera and face detection

Tenara uses the front camera to estimate the distance between your child and the screen during playback sessions. The camera detects whether a face is present and where the eyes are positioned, then converts those positions into an estimated distance in centimeters. This is face detection, not face recognition. No specific person is identified, no biometric template is created, and no comparison is made against any database. All processing runs on your device using an on-device model. No images, video frames, or facial landmark coordinates are stored, transmitted, or shared with anyone. The camera is only active during playback sessions and can be disabled in Settings. The distance estimate is temporary and used only during the playback session to decide whether to show a reminder.

Distance values shown by Tenara are estimates produced by computer vision, not precise measurements. They are intended to encourage comfortable screen time habits, not to provide medical or optometric guidance.

Voice recordings

If you record a custom voice reminder, that recording stays on your device only. It is used to play your reminder during playback sessions when the system decides a reminder is appropriate. Voice recordings are never used in the session ending sequence, never sent to our servers (Tenara does not run servers that receive user content), and never shared with anyone. When you delete a recording in the app, it is removed from your device immediately.

The microphone is only active when you choose to record a reminder. It is not active during a child’s playback session.

What we receive through Firebase

Tenara uses Firebase Analytics and Firebase Crashlytics, both provided by Google LLC, to understand how the app is used and to detect technical problems.

Through Firebase we receive a pseudonymous app instance ID generated randomly when the app is installed. This ID is not linked to your name, email, phone number, Google account, or any other identifying information about you. We also receive your app version, Android OS version, device model and class, locale, and approximate region. Google may use the IP address during data intake to derive that approximate region, but Tenara does not receive the IP address in Firebase reports available to us.

Limited interaction events tell us things like which screen was opened, whether a session started or ended normally, and whether a purchase succeeded or failed. We have configured Tenara to never send the title or ID of any YouTube video, the duration or content of any voice recording, or any measurement from the front camera distance check.

Crash reports include the call stack at the moment of a crash and basic context such as which screen was active. They do not include video metadata, voice recordings, or distance measurements.

Firebase data is used only for internal app operations, including app maintenance, reliability, crash diagnosis, and understanding basic app usage. It is not used for advertising, profiling children, behavioral targeting, or contacting children.

What Firebase does not collect from Tenara

We have explicitly disabled the Advertising ID (AAID) and the Android ID (SSAID) at the platform level. Tenara is configured so that Firebase Analytics and Firebase Crashlytics do not collect or use them. We do not call setUserId, and we do not link any Tenara session data to a Google account or other identity. Firebase does not receive YouTube video IDs, titles, channels, or thumbnails from Tenara, and it does not receive voice recordings, face data, or distance measurements.

Why we collect this

The pseudonymous data described above helps us understand whether features work, where parents get stuck, and which crashes need fixing. The legal basis for this processing is our legitimate interest in maintaining and improving the app, which is consistent with the limited and pseudonymous nature of what we receive.

How long Firebase keeps data

Firebase Analytics retains pseudonymous event data for up to 14 months, which is currently Google’s default. Crashlytics retains crash reports for up to 90 days, which is currently Crashlytics’ default.

International data processing

Firebase is provided by Google LLC, which operates global infrastructure. Firebase data may be processed in countries outside Indonesia, subject to Google’s applicable data protection terms and safeguards. Google’s privacy practices for Firebase are documented at https://firebase.google.com/support/privacy.

Tenara’s own servers

Tenara does not run application servers that receive your content. The internet is used by Tenara for YouTube video playback through the WebView, Google Play Billing for purchases, public video thumbnail fetching from YouTube’s oEmbed endpoint, and Firebase analytics and crash reporting upload as described above.

Purchases through Google Play

Purchases are processed by Google Play. Google may process account, payment, and transaction information according to Google Play’s own terms and privacy policies. Tenara receives the purchase and entitlement status needed to unlock access. Tenara does not receive your full payment card details or other payment-method information held by Google.

YouTube content

Tenara plays YouTube videos that you add, approve, or choose from a small set of starter suggestions provided in the app for first-time users. Tenara does not control, moderate, or guarantee the content of YouTube videos. Videos come from YouTube and remain subject to YouTube’s terms, policies, and availability. You are responsible for deciding which videos are suitable for your child. If you have concerns about specific YouTube content, please refer to YouTube’s policies.

When YouTube videos or thumbnails are loaded, YouTube and Google may receive normal request information needed to provide that content, such as device, network, and playback request information, according to YouTube and Google’s own policies.

Children’s privacy

Tenara is designed for parents and caregivers who support young children’s screen time, especially in early childhood. Tenara is designed so that the parent or caregiver installs, configures, purchases, and operates the app. Where parental consent is required by applicable law, the parent or caregiver is the person expected to provide it. Children do not operate the app, do not create accounts, and do not enter personal information.

The on-device camera processing of the child during playback is functional distance estimation, not identification, and produces no stored data about the child. Limited pseudonymous app activity collected through Firebase is not directly linked by Tenara to the identity of any parent, child, or adult, and is used only for app maintenance and improvement, never for advertising or for profiling.

If you believe your child has provided personal information through Tenara, contact us and we will help.

Direct contact with us

If you email our support address, we may receive whatever information you choose to include in your message: your email address, the content of your message, screenshots, and any diagnostic details you share. We use this information only to respond to you and to improve the app where your message indicates a bug or design problem. We retain support correspondence for as long as needed to provide that response, and you can ask us to delete it.

Security

We use reasonable technical and organizational measures to protect the data Tenara processes. Personal content such as voice recordings and your library stays on your device. Advertising identifiers are disabled at the platform level. Analytics and crash data through Firebase is pseudonymous and not directly linked to your identity. No app or internet service can guarantee perfect security, but we work to keep what Tenara handles minimal and protected.

Your rights under UU PDP

Indonesia’s UU PDP gives you certain rights as a data subject. You have the right to information about how your data is processed, the right to access and copy any personal data we hold about you, the right to correct inaccuracies, the right to request deletion, the right to withdraw consent where processing is based on consent, the right to object to processing, the right to data portability, and the right to file a complaint with the supervisory authority.

Because Tenara collects only limited pseudonymous app activity that is not directly linked to your identity, in many cases there is little personal data we can act on. For any personal data we may hold from direct correspondence (such as an email exchange with our support address), you can exercise these rights by contacting prelaunchsupport.tenara@gmail.com. You can also submit a data deletion request through our form at https://docs.google.com/forms/d/e/1FAIpQLScuRnHY0RT6iloR7K42y7Y85DeFubnZ531W5JICN-KoNnEnJA/viewform. We will respond within the timeframe required by applicable law, and we aim to respond promptly, generally within 3 x 24 hours.

Choices about data collection

We do not currently provide a separate in-app toggle for analytics and crash reporting. The data we receive is limited, pseudonymous, and used only for app maintenance and improvement, not for advertising or for profiling individual users. You can stop further collection by uninstalling the app at any time. If you have specific concerns about data collection in Tenara, contact prelaunchsupport.tenara@gmail.com and we will discuss your situation.

Data shared with third parties

We do not sell personal data or disclose it for advertising or marketing. We use Firebase Analytics and Firebase Crashlytics to process the limited data described above on our behalf, subject to Google’s Firebase terms and privacy documentation.

Changes to this policy

If we change this policy, the updated version will be posted at this address with a new effective date. Material changes will be flagged in the app where reasonable.

Governing law and language

This policy is governed by the laws of the Republic of Indonesia. Any disputes arising under this policy are subject to the jurisdiction of the courts of Jakarta, Indonesia, unless applicable law gives you non-waivable rights to bring a claim elsewhere. This policy is published in English and Indonesian. If there is a discrepancy between the two versions, the Indonesian version controls.

Contact

PT Bitpoin Teknologi Cakrawala Jl. CBD Blok J9 No. 1 Bintaro Jaya Sektor 9 Kota Tangerang Selatan, Banten 15229 Indonesia

Email: prelaunchsupport.tenara@gmail.com