Trust
Security
How Tempo approaches security for field-team data, AI-assisted workflows, integrations, and operational memory.
By Tempo Team
Our Approach
Tempo is operated by Shelfffy Pty Ltd (ABN 26 692 711 041), trading as Use Tempo.
Tempo is built for teams that trust software with live field operations. Our security program focuses on protecting customer data, limiting access, reviewing vendors, and keeping AI-assisted workflows auditable.
This page describes our general security posture. Specific controls, environments, and contractual commitments may vary by customer agreement.
Data Protection
- Data is encrypted in transit using TLS.
- Production data is stored with cloud infrastructure providers that support encryption at rest.
- Customer content is scoped to the relevant workspace and organization.
- Operational audit trails help teams understand who did what and when.
- Backups and retention practices are designed to support recovery while respecting customer deletion requests.
Access Controls
Tempo uses role-aware access patterns for product workspaces and least-privilege access for internal systems. Access to production systems is limited to authorized personnel with a business need.
- Authentication is required for private workspace access.
- Organization data is segmented by workspace and permission boundaries.
- Internal access is reviewed and removed when no longer needed.
- Sensitive operational actions are designed to be visible in the product experience or audit history where appropriate.
Application and Infrastructure
We use modern hosted infrastructure and managed service providers for application hosting, storage, authentication, databases, observability, and delivery. We monitor for errors, abuse, and availability issues.
- Code changes are reviewed before production release.
- Dependencies are updated as part of routine maintenance.
- Secrets are managed outside source code where supported by the platform.
- Logs and diagnostics are used to investigate incidents and improve reliability.
AI and Integration Safeguards
Tempo processes customer content with AI and integration providers to produce summaries, recommendations, tasks, and reports. We design workflows so generated output can be reviewed before sensitive actions are taken.
- AI outputs are treated as assistive and may require human approval.
- Customer content is sent to providers only as needed to provide configured product features.
- Integration access is based on the permissions granted by the customer or workspace admin.
- We avoid using customer field content for advertising.
Vendor Review
Tempo relies on specialized providers for infrastructure, AI processing, analytics, communication, authentication, and support. We evaluate vendors based on the type of data they handle, their role in the Service, and the safeguards available through their platforms and contracts.
Security Operations
- We monitor application behavior, errors, and suspicious activity.
- We investigate suspected security incidents and take containment steps when needed.
- We maintain internal practices for access management, secure development, and customer support handling.
- We improve controls as the product, customer base, and risk profile evolve.
Availability and Recovery
Tempo uses managed infrastructure and backup-oriented practices to support service continuity. Availability can still be affected by maintenance, provider incidents, integration outages, network issues, or events outside our control.
Customer Responsibilities
Security is shared. Customers are responsible for configuring users, roles, integrations, device permissions, field-team policies, and approval workflows appropriately.
- Use strong authentication practices and remove access when team members leave.
- Limit uploaded content to data your organization is permitted to process in Tempo.
- Review AI outputs before taking sensitive operational, legal, employment, safety, or customer-facing action.
- Report suspected security issues promptly.
Responsible Disclosure
If you believe you have found a vulnerability in Tempo, contact us at hello@usetempo.co. Please include enough detail for us to reproduce the issue and avoid accessing, modifying, or deleting data that is not yours.
Contact
Security and trust questions can be sent to hello@usetempo.co.