How we handle access, credentials and client data.

Tensile Infrastructure works on client websites, asset-management workspaces or client systems only to the extent needed for the agreed scope. Access is limited to named personnel and kept to the smallest practical set of systems for the engagement.

Website and code access

Website work may need access to repositories, hosting, DNS, analytics or content systems. We use read-only access where it fits the task, and agree production changes before making them. Credentials are not accepted by plain email.

Asset management data

Asset-management conversations can involve sites, assets, users, routes, work records and reporting needs. Public screenshots use demo data only. Client data is handled under an agreed engagement scope and is not used for public examples without written permission.

Product access model

Asset-management clients use a controlled workspace with agreed owners, admins and users. Before real data is imported, we agree who should have access, what the workspace is for, and how the first rollout will be supported.

Credentials

Credentials are stored in a dedicated password manager. Client systems are accessed over encrypted channels from encrypted, password-protected devices.

Retention

Any source code, credentials, exports and temporary artefacts we receive are retained only as long as needed for the agreed work, unless the client agrees otherwise in writing.

People and subcontractors

Tensile is a UK business. Any additional developer brought into a client engagement is agreed with the client in writing before access is granted.