Privacy Policy
Hello, we are Tide. We put our customers at the center of our actions. We want to build lasting customer relationships based on transparency and trust. With this Privacy Policy we inform you about how we treat your personal data when you use Tide products and services or visit our website. Our Privacy Policy is divided into the following sections:
Who or what is Tide?
Tide as Data controller
Tide as a Data Processor
When Tide acts as a Data Processor
List of all personal data we collect
Automated decision-making and profiling
Where we collect personal data and to whom we share it
Information provided by you
Information collected and shared with you by others
Our most important partners as data controllers
Adyen
PPS EU SA
Disclosure of anonymised data
Links to third-party providers and third-party providers of products and services available through the Tide Platform
How long we keep your personal data
Transfer of your data outside the European Economic Area
Cookies and similar technologies
Your rights as a data subject
This is how you can contact us or file a possible complaint
In this way, you can revoke your consent or object to the processing
Data security
Updates to this Privacy Policy
Who or what is Tide?
We are Tide Platform S.A, but you will know us better as Tide. We are a company that respects your privacy and is committed to protecting your personal data. In the coming sections you will learn how we do this.
Your personal data collected by us will be processed by Tide Platform S.A, a company registered in Luxembourg under company number B272663 société anonyme, which is part of the Tide Group.
The Tide Group consists of our headquarters in the UK - Tide Platform Ltd. and other companies worldwide that are under the control of or in joint control with Tide Platform Ltd. ("Tide Group Entities"). Overall, Tide Platform S.A. and the other Tide Group Entities are referred to as "Tide", "we" or "us" in this Policy. We will let you know which Tide or non-Tide company you are entering into a relationship with before you use a product or service available on the Tide Platform. Further information can be found on our Website.
We offer "Tide Products and Services", which means all products, services and information available through our iOS and Android mobile applications, which are available on the App Store and on Google Play ("Our App"), and through our website, which is identified by the following Uniform Resource Locator (URL): www.tide.co/en-de or www.tide.co/de-de, including our subdomains ("Our Website"). Our App and our Website together form "the Tide Platform".
Tide as Data Controller
When you use Tide Products and Services on the Tide Platform, Tide processes certain personal data about you. Tide acts as the Data Controller for this personal data, which means that Tide is responsible for ensuring that your data is processed in accordance with applicable laws for protection of personal data, privacy and electronic communications, including, but not limited to, the EU General Data Protection Regulation ("GDPR") and the German Federal Data Protection Act (BDSG).
If you have any questions about this Privacy Policy or need information about how we or another company of the Tide Group use your data, please contact us by e-mail at support.de@tide.co.
In this privacy Policy, the terms "personal data", "data controller", "data processor", "processing", "data subject" and "profiling" have the meaning assigned to them in the applicable data protection laws mentioned above.
Tide as a Data Processor
If we process personal data on behalf of third parties (companies or service providers), we may act as a processor (see below).
When Tide acts as a Data Processor
If you use some of the Tide Products and Services, Tide acts as a processor and you as a data controller.
If we act in the role of the processor, we are obliged to conclude a written agreement with you that determines how we will process the personal data you provide us with on your behalf. We will notify you if you use Tide products and services where Tide is acting as a processor, and You must conclude the Tide Data Processing Agreement ("DPA") with us.
List of all personal data we collect
We collect personal data for a variety of reasons, including to comply with our legal obligations, to manage and improve our business operations, to establish, exercise or defend our legal claims and - most importantly - to provide you with our services and products.
Below is a list of the types of personal data that we collect and use when you request or use one of the Tide Products and Services.
Processing operation | Data Categories | Purpose | Legal basis |
Registration | Registration data (E-mail address, your name, your date of birth, your telephone number, address (address) and your delivery address (delivery address) Identification data Tax data Passport information Any consents or preferences that you give us | Setting up the Tide Membership Account and opening a Tide Business Account. Managing our relationship with you or your company. Communication about our products and services and those of our business partners. Providing the Tide products and services, including improving the use of Tide products and services through a single login. Development and implementation of marketing or business development activities. | The performance of our contract with you. Art. 6 Par.1 lit. b) GDPR. When it is our legal duty. Art. 6 Par.1 lit. c) GDPR. Protection of legitimate and overriding interests Art. 6 Par.1 lit. f) GDPR. |
Authentication Checks & Money Laundering Prevention | Identification data Passport information Location data derived from your IP address or from your postal code. This can also include places where you have used your Tide Card. If you authorise this, location data may also be based on your GPS signal. Information about you that is contained in publicly available sources, as well as data that we receive from records of third-party companies, e.g. credit reporting or fraud protection agencies. Data about your criminal record and alleged crimes, data about your health (such as disabilities and special health needs), biometric data (photos or videos of you). | Identification, investigation, reporting and prevention of fraud, money laundering and other crimes. Assessment of your entitlement to Tide products and services. Development and implementation of marketing or business development activities. Protection of your Tide Business Account and funds held with our business partners from malicious actors. Compliance with laws and regulations that oblige us to verify your identity and the identity of other persons. Providing the Tide Products and Services. | The performance of our contract with you. Art. 6 Par.1 lit. b) GDPR. When it is our legal duty. Art. 6 Par.1 lit. c) GDPR. Protection of legitimate and overriding interests Art. 6 Par.1 lit. f) GDPR. Art. 9, Part 2 lit. a GDPR, i.e. if you give your explicit consent. Art. 9, Part 2 lit. g GDPR, i.e. when processing is done to pursue a substantial public interest. Art. 9, Part 2 lit. e GDPR, I.e. when the data has been made public by you. |
Banking and Business Account Management | Identification data Details about Tide Products and Services you use, or about Tide Products or Services for which you have applied. Details of the transactions and payments you have made to and from your Tide accounts. Transactions that you have made with other banks or payment service providers and you have shared with us. Information about how you use products and services offered on the Tide Platform by other organisations. Details about the devices and technologies you use, such as your browser settings, IP address, or the selection of cookies/marketing measures. All categories of data that you provide to us that are defined as "sensitive" under applicable law, including personal data about your political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health, sex life or sexual orientation. Any consents or preferences that you give us. E-mails, calls, chats, feedback, testimonials or other communications, including file attachments that you have sent or provided to us. Content from the communication between you and Tide. All data that you provide to us about your employees, business partners, customers or other third parties (e.g. Business Name on an invoice, e-mail address of a Team member, etc.). | Provision of the Tide Products and Services and the products and services of our business partners. Execution and management of customer payments. The management of the fees, costs and interest accrued on customer accounts. Collection and recovery of the money that is owed to us. Fulfilling our obligations and exercising our rights under the contracts with you. To conduct our business efficiently and properly, including managing our financial and legal position, legal capacity, corporate planning and testing. Evaluation and response to your inquiries, complaints and feedback. Improving the Tide Products and Services and conducting market or user research. To tailor Tide Products and Services to your individual needs and characteristics and ensure that all Tide customers receive good and fair final results. Understanding of our community and the types of clients we work with. To conduct our business in an appropriate manner, including the exercise of our social responsibility. | The performance of our contract with you. Art. 6 Par.1 lit. b) GDPR. When it is our legal duty. Art. 6 Par.1 lit. c) GDPR. Protection of legitimate and overriding interests Art. 6 Par.1 lit. f) GDPR. Consent of the data subject Art. 6 Par.1 lit. a) GDPR. Art. 9, Par. 2 lit. a) GDPR, i.e. if you give your explicit consent. Art. 9, Part 2 lit. g GDPR, i.e. when processing is done to pursue a substantial public interest. Art. 9, Part 2 lit. e GDPR, I.e. when the data has been made public by you. Art. 9, Part 2 lit. c GDPR, I.e. when this is necessary to protect your or someone else’s vital interests. |
Credit checks | The result of the credit checks that we have carried out at credit reference agencies, incl. credit information about you and your company as well as similar data about your creditworthiness. | Fulfilling our obligations and exercising our rights under the contracts with you, incl. to assess if you’re eligible for particular Tide Products and Services. Collection and recovery of the money that is owed to us. To conduct our business efficiently and properly, including managing our financial and legal position, legal capacity, corporate planning and testing. | The performance of our contract with you. Art. 6 Par.1 lit. b) GDPR. If it is in our legitimate interest: Art. 6 Par.1 lit. f) GDPR. |
Marketing | Location data derived from your IP address or from your postal code. This can also include places where you have used your Tide Card. If you authorise this, location data may also be based on your GPS signal. Contact details such as your phone number, email address, corporate registered address, etc. E-mails, calls, chats, feedback, testimonials or other communications between you and Tide, including file attachments that you have sent or provided to us. Content from the communication between you and Tide. Any consents or preferences that you give us. Your usage of Tide Products and Services and products and services offered by our business partners. | Provision of the Tide Products and Services and the products and services of our business partners. Protecting your Tide Business Account and our business partners funds held in front of malicious actors. Managing your preferences regarding marketing, automated decision-making and profiling (if these activities are based on your consent), cookies and other relevant data processing activities that you can refuse. | If it is in our legitimate interest: Art. 6 Par.1 lit. f) GDPR. Consent of the data subject Art. 6 Par.1 lit. a) GDPR. |
Automated decision-making and profiling
In order to make quick and coherent decisions, in some cases we also carry out automated individual decisions. This means that in the cases listed below, we analyse some information about you by technical means in order to evaluate your personal circumstances and thus make predictions, classifications or recommendations. In the following cases, for example, we carry out automated decision-making:
When you apply for a business account on the Tide Platform
When we offer you credit-related Tide Products and Services
When we monitor transactions on the Tide Platform to detect and prevent financial crime
If we make automated decisions in these circumstances, you can request a review of such a decision by Tide, express your point of view or challenge the decision by contacting us at dpo@tide.co or via the Tide app.
Tide also performs profiling in order to be able to communicate with you effectively, for example, to send you relevant notifications or updates, depending on what kind of Tide Products and Services you use, what interests you have, etc.
Tide will also use such profiling for targeted or direct marketing purposes (e.g. to place advertisements tailored to your use or your interests in Tide Products and Services or to your Tide business account information or the use of in-app or other app functions).
Where we collect personal data and to whom we share it
We will collect personal data about you or your company from other Tide Group Entities and each of these sources:
Information provided by you
This includes data provided by you or your company, as well as data from people related to your business, or from people working on your behalf:
When you apply for Tide Products and Services
When you talk to us on the phone
When you use our Website or our App
In emails, web or in-app chats and letters
In surveys
When you participate in our contests or promotions
Information collected and shared with you by others
We collect and share personal data from/with a number of different third parties, including our service partners, such as Adyen N.V. (“Adyen”) and PPS EU S.A. (“PPS”).
Type of third party | Description | Collecting data | Sharing data |
Tide Group Entities | Our affiliated companies | ✓ | ✓ |
Adyen and PPS | Our most important service partners | ✓ | ✓ |
Credit Reference Agencies (CRAs) | For some Tide Products and Services, we carry out a credit check when you apply for it for your company. We use domestic or international rating agencies to help us with this. We may share some of your personal data with credit rating agencies. In return, they provide us with data about you, which we process for the same reasons mentioned in this privacy Policy. This data includes information about settled invoices or debts that you did not repay on time and in full. The identity of the credit rating agencies and the manner in which they use and disclose personal data will be disclosed at TransUnion, Equifax and Experian explained in more detail. | ✓ | ✓ |
Collection agencies | We may pass on your data to providers of commercial debt collection services if we have to demand repayment of the amounts owed to us. | X | ✓ |
Agencies and service providers for the prevention of financial crime | We share and collect data with financial crime prevention agencies and service providers to prevent fraud and money laundering and to verify your identity. These checks for the purpose of fraud prevention may result in the rejection of Tide Products and Services. | ✓ | ✓ |
Supporting instruments and operational partners | These include analysts, providers of search engine services, platforms to support the user experience in order to optimise and improve our services, as well as subcontractors that we can use to supplement our customer service resources. | X | ✓ |
Hosting and IT service providers | IT providers, including cloud storage providers, to store your personal data securely. | X | ✓ |
Manufacturers of Tide Cards and shipping service providers | Companies that produce, personalise and send bank cards. | X | ✓ |
Partners and suppliers for payment processing | Financial service providers, including card issuers, payment processors and banking partners, to facilitate payment transactions. These third parties may transfer information about your Tide business account and your transactions to us (with your consent). | ✓ | ✓ |
Providers of identity verification services such as Jumio and IDnow | We work with third parties to verify the information you provide to us, such as your identity and address. | ✓ | ✓ |
Partner platforms that offer business services | We work with partners to offer you "add-ons" to the Tide Products and Services, such as invoicing, accounting, payroll for employees, domain registration and accounting. | ✓ | ✓ |
Providers of social networks and other online platforms | Social media platforms for the purpose of conducting market research, marketing campaigns, targeted marketing, retargeting and to determine the success of our marketing activities. These platforms check if you have an account with them and show you targeted advertising based on the characteristics they have about you. | ✓ | ✓ |
Public data sources | The Business register, LinkedIn and other public data sources. | ✓ | X |
Marketing, Business Development and sales partners | Third parties who support us in generating sales and marketing contacts or in developing and carrying out our marketing activities. | ✓ | ✓ |
Third-Party Data Services | Data analysis and insight companies that help us, for example, to continuously check the quality of our data, to improve the effectiveness of our crime prevention controls, to generate synthetic data, etc. | X | ✓ |
Law enforcement and judicial authorities | Government, law enforcement agencies, authorities and regulatory bodies when Tide has to comply with its legal obligations. | ✓ | ✓ |
Our most important partners as data controllers
In addition to the above-mentioned ways in which we process and share your personal data, Tide also shares this data with companies that enable us to offer Tide products and services to our customers.
The companies listed below are responsible for the processing of your personal data that has been passed on to them.
This means that you must contact these companies separately from Tide if you wish to exercise any of the rights granted to you by the personal data protection laws applicable to you.
The following describes how and why we share your data with these companies:
Adyen N.V
Adyen provides the Tide Business Accounts in accordance with the Adyen Terms and Conditions (Tide Business Account Agreement – User Terms).
Who is Adyen and why do they process my data?
Adyen is responsible for the data processing regarding your Tide Business Account and all necessary activities related to the management of the Tide Business Account: you can set up, access and manage your Tide Business Account. Adyen does not use your personal data for marketing purposes and does not pass it on to third parties for marketing purposes.
Which personal data are processed by Adyen?
Adyen processes your personal data in accordance with the Adyen Privacy policy. Please read Adyen’s Privacy Policy to understand how and why Adyen processes your personal data and to learn the details about third parties who have access to this data.
How can I contact Adyen?
You can contact Adyen at dpo@adyen.com or contact the Data Protection Officer of Adyen in writing at the following address:
Simon Carmiggeltstraat 5-60, 1011 DJ Amsterdam, the Netherlands.
PPS EU SA
PPS EU SA, is an Electronic Money Institution (“EMI”) with company number 0712.775.202 and registered address at: Boulevard de Souverain 165, Boite 9, 1160 Brussels, Belgium, and issues the Mastercard Business Debit Card (the “Tide Card”) linked to your Tide Business Account in accordance with the Tide Card Terms.
Who is PPS and why do they process my data?
PPS is authorised and regulated by the National Bank of Belgium as an Electronic Money Institution. PPS is the data controller in relation to your Tide Card and all necessary activities related to the operation of the Tide Card: you can receive, activate and use your Tide Card. The processing of your personal data is necessary for the performance of your contract for the issuance and operation of the Tide Card, as well as for compliance with the legal and regulatory obligations applicable to PPS. PPS does not use your personal data for marketing purposes and does not pass it on to third parties for marketing purposes.
Which personal data are processed by PPS?
PPS processes your personal data in accordance with the PPS’Privacy Policy. Please read this policy carefully to understand how and why PPS processes your personal data and to find out the details about third parties who have access to this data.
How can I contact PPS?
You can contact PPS at dpo@prepaysolutions.comor contact the Data Protection Officer of PPS in writing:
PPS DATA PROTECTION OFFICER
P.O. Box 3883
Swindon
SN3 9EA.
Disclosure of anonymised data
In addition to the data listed above, we pass on some data to other companies outside the Tide Group, but only if the data have been changed in such a way that the identity of any person is not recognisable and they are no longer considered personal data within the meaning of the applicable law (anonymised data).
Links to third-party providers and third-party providers of products and services available through the Tide Platform
Occasionally, we will include or offer products or services from our business partners on the Tide Platform at our reasonable discretion. These are independent service providers whose services are made available or advertised to you via the Tide Platform (e.g. for invoicing, accounting, payment processing as well as direct debiting procedures, domain registration, insurance companies and credit providers).
As a customer of Tide, you can decide to use these services. In doing so, your data will be passed on by Tide to the third-party provider in order to facilitate your use of the products or services. Alternatively, we can also forward you directly to the third-party provider's website. The personal data that we share and collect in such cases may vary depending on the type of service.
This includes, for example, the name and contact details of your company, your turnover, information about your employees and their payslips, billing data, customer data and all other information that the provider needs to provide the product or service you have requested.
Business partners can either act as data processors for Tide or act as independent data controllers. If business partners act as data processors for Tide, they will only use your personal data to provide the Tide products and services you have requested, as described in this Privacy Policy.
On the other hand, if business partners act as independent data controllers, their own independent data protection policies apply when you use their products and services or visit their website. Neither we nor other members of the Tide Group, our directors, officers, agents, contractors, subcontractors or employees assume any responsibility or liability (regardless of the cause) for the content, activities, data processing and services provided by these data controllers or on their linked websites.
If you would like more information about how these third parties will use your data, you should contact them directly.
How long we keep your personal data
We will keep your personal data for as long as you use the Tide Products and Services.
We will keep your personal data for a certain period of time even after the end of your use of the Tide Products and Services. This happens for the following reasons:
To respond to inquiries or complaints or to prove whether we have treated you fairly and in accordance with the law
To establish, exercise or defend our legal claims
To study customer data as part of our own research, provided that this does not affect your privacy and your right to the protection of personal data
In order to comply with the statutory retention obligations or requirements that apply to us
Furthermore, we will keep your data even if certain laws to which Tide is subject require that we may not delete it for legal or regulatory reasons
For detailed information on how long we keep your data, please feel free to contact support.de@tide.co.
Transfer of your data outside the European Economic Area
Although Tide stores the personal data we process in the European Economic Area (EEA) and the United Kingdom, it may be necessary to transfer this data to a location outside the EEA or the United Kingdom and store it there. This is done in cooperation with third parties if this is necessary for the provision or operation of the Tide Products and Services. If we transfer your personal data outside the EEA, we will ensure that it is protected as comprehensively as in the EEA. For this we use one of the following legal protection measures:
We transfer data to a non-EEA country with data protection laws if those laws offer the same protection as the European data protection laws (classified as "appropriate" by the EU Commission)
We conclude contracts with the data recipient, which protects your data according to the same standards as in the EEA
We use the standard contractual clauses for the transfer of personal data to third countries approved by the EU Commission by Implementing Decision (EU) 2021/914.
If we use contractual instruments to transfer your personal data to countries that do not have an "adequacy" status, we ensure that these transfer instruments are additionally supplemented by appropriate guarantees for the protection of your data. In this way, we ensure compliance with the applicable data protection regulations and ensure that your data continues to enjoy the same level of protection as in the EEA.
If you would like more information about the specific mechanism we use when transferring your personal data to countries outside the EEA, please contact us.
Cookies and other tracking technologies
We use cookies and other tracking technologies to distinguish you from other users of our products or services when you visit our website or use our app. This is to provide you with a better user experience, to continuously improve our Tide Products and Services, to maintain the security of our Website and App and to present you with relevant advertising content.
A cookie is a small file with letters and numbers that we store in your browser or on the hard drive of your device when you visit our Website or use our App. On each subsequent visit, cookies send data back to the original website or app, or to another website that recognises this cookie. Further information about the cookies we use can be found in our Cookie Policy.
You can block or disable cookies by changing the settings of your website browser. This allows you to refuse the setting of all or some cookies. Alternatively, you can also do this via the banner on our website or on the "Cookie settings" page in the footer of our website. All browsers offer tools that allow you to control the handling of cookies, such as accept, reject or delete. Usually these settings are accessible in the "Settings", "Preferences" or "Options" menu of your browser. If you have any difficulties, you can look up in the "Help" function or contact the browser provider directly. However, please note that if you set your browser to block or disable all cookies (including important cookies), you may not be able to access all or parts of the Tide Platform that require the use of cookies.
Your rights as a data subject
According to the Federal Data Protection Act and the EU General Data Protection Regulation (EU-DSGVO), you have the following rights:
You have the right to question any personal data concerning you and you can take appropriate steps to correct it if you consider it to be incorrect.
You have the right to information about how we process your data.
In certain situations, you have the right to request the deletion of the personal data concerning you.
You have the right to access the personal data we process free of charge (if reasonable) and to receive copies of this data collected in the course of our customer relationship with you.
You can object to the processing of your personal data at any time, for example for direct marketing.
You can object to automated decisions that have legal effects on you or can influence you in a significant way at any time.
In certain situations, you have the right to object to the further processing of your personal data by us.
Otherwise, we may restrict the processing of your personal data under certain circumstances.
You have the right to transfer, copy or transfer your personal data to another service provider, provided that this is appropriate and proportionate.
If you would like to exercise your rights, please contact us at support.de@tide.co, use the chat function of our app or send us a written message to:7, Avenue Gaston Diderich, L-1420, Luxembourg
This is how you can contact us and file a complaint:
You can contact our DPO in writing:
By e-mail: dpo@tide.co
Or by post: 7, Avenue Gaston Diderich, L-1420, Luxembourg
In addition, you have the right to complain to the data protection authority. You can consult this list to find out which data protection authority is competent for processing your complaint.
In this way, you can revoke your consent or object to data processing:
You have the right to revoke your consent to the processing of your data at any time. In this case, you can contact us by e-mail at support.de@tide.co.
Please note that the withdrawal of your consent will only affect the way we use your data if our basis for data processing is your consent. Further information on your rights can be found in the section "Your rights", in particular your right to restrict the use of your data.
In addition, you have the opportunity to opt out of certain forms of data processing that we carry out, such as:
Marketing activities, including email, telephone and SMS marketing.
Social media and targeted marketing, including retargeting and curated audiences.
The collection of non-essential cookies on our website. However, please note that you cannot opt out of "necessary" cookies as described above.
Non-essential profiling and automated decision-making, including activities for marketing purposes.
If you withdraw your consent and/or unsubscribe, there is a possibility that we may no longer be able to offer you certain Tide Products and Services. If this is the case, we will inform you accordingly. You will then have the option to give us your consent again if you wish to access the Tide Products and Services.
Data security
We have taken appropriate security measures to ensure that your personal data is not accidentally lost, used, modified, disclosed or accessed in an unauthorised manner. We use both technical and organisational security measures to ensure the protection of your personal data. These measures include, in particular:
The pseudonymisation and encryption of personal data wherever possible
Ensuring the constant confidentiality, integrity, availability and resilience of our systems for processing your personal data through role-based access controls, obligations to the confidentiality of our employees, regular data backups and similar measures
The use of tools that allow us to quickly restore access to your personal data in the event of technical malfunctions
The use of secure and verified communication channels, such as the app functionality of our app
The establishment of a procedure for the regular review, evaluation and evaluation of the effectiveness of our technical and organisational security measures
In addition, we limit access to your personal data to employees, agents, contractors and other third parties who absolutely need this data to perform their business tasks. They process your personal data only on the basis of the "need-to-know" principle and in accordance with our instructions. In addition, they treat your personal data as strictly confidential.
We have also established procedures for dealing with alleged personal data breaches and will notify you and the relevant supervisory authorities of such a breach if required by law.
Updates to this Privacy Policy
We reserve the right to update this Privacy Policy from time to time to ensure that it is correct and complies with applicable data protection regulations. We recommend that you check this Privacy Policy occasionally for updates.
This Privacy Policy was last updated on April 18, 2024.