Privacy Policy – India

We ask that you read this privacy policy (Privacy Policy) carefully as it contains important information on who we are, how and why we collect, store, use, transfer and share personal information, your rights in relation to your personal information, and how to contact us. This Privacy Policy should be read alongside, and in addition to the Tide Platform Terms of Use, and any separate product or service agreement entered into between us from time to time.

Whenever we refer to the ‘law’ under this Privacy Policy we are referring to those laws all as amended from time to time. Where we have used but haven’t explained the meaning of a defined term in this Privacy Policy, that defined term has the same meaning as set out under the Tide Platform Terms of Use. When we refer to ‘information’ or ‘data’ under this Privacy Policy, we refer to your personal information (described in ‘Personal Information we collect’).

By accessing the Tide Platform, using any medium: mobile app, website, web app, mobile site or otherwise, you consent to us using your personal information in the way described in the Privacy Policy. If you do not agree to the terms of the policy, please do not use or access the Tide Platform.

This Privacy Policy is divided into the following sections:

  • Who we are
  • How to contact us – Grievance officer
  • Personal information we collect
  • Where we collect personal information
  • How we use your personal information
  • Who we share your personal information with
  • How long we keep your personal information
  • Cookies and similar technologies
  • Your rights
  • How to withdraw your consent
  • Data protection practices
  • Updates to the privacy policy

Who we are

In this Privacy Policy, reference to us, our, we, or Tide are to Tide Platform Private Limited, a company having its registered office at 2nd Floor, 10, The Skyview, Sy no 83/1 Raidurgam, Hyderabad, Telangana – 500081, India. We are part of the Tide Group, which is made up of a mix of companies, involving different Tide and non-Tide legal entities (more information about this can be found on our website).

We operate and manage the Tide Platform. In doing so, we collect, process, use, and are responsible for certain personal information about you. When we do so, we are regulated by the Information Technology Act 2000 and the Information Technology (Reasonable Security Practices and Procedures for Sensitive Personal Data and Information) Rules, 2011, and other applicable law.

How to contact us – Grievance officer

We have appointed a data grievance officer – Martyna Budzynska. Our data grievance officer is accessible through email at dpoindia@tide.co. You can contact the officer confidentially by email to inquire about how we collect, store or use your information.

Personal information we collect

Personal information means any information of a natural person which can assist in identification of that person. Below is a list of types of information that we may collect and use when you use the Tide Platform, or use any of our products or services.

Type of personal information Description

Contact

Your name, addresses, e-mail addresses, phone numbers, addresses, and other ways in which to contact you

Personal details

Details, such as date of birth, marital status, Aadhaar number, income details, etc. that you enter to use the Tide Platform and avail any products or services

Transactional

Details about the transactions you carry out and the payments to and from your accounts with us, including your bank account numbers, credit/ debit card numbers

Contractual

Details about the products or services we provide to you

Locational

Data we get about where you are. This may come from your mobile phone or other device. It may also include locations where you used your card

Behavioural

Details about how you use products and services through the Tide Platform from us and other organisations, including through the use of cookies or other tracking software

Technical

Details on the devices and technology you use, such as device identifiers

Communications

What we learn about you from communications between us, including any feedback that we may receive from you

Public and third-party data

Details about you that are publicly available on the internet. We may also receive information about you from credit bureaus (see below for more information) or from third-parties like search engines, Google analytics, etc.

Usage data

Other data about how you use our products and services

Documentary data

Details about you that are stored in documents in different formats, or copies of them. This could include documents like your PAN card, Aadhaar card, or other identity proofs, or photographs

Consents

Any permissions, consents or preferences that you give us on our app or otherwise

Where we collect personal information

We may collect personal information about you (or your business) from any of these sources:

Data you provide to us

  • Contact information (e.g., name, address, telephone, and email address).
  • Personal information to facilitate your use of the Tide Platform, like date of birth, age, marital status, birthplace, etc.
  • Government-issued identifiers, including Aadhaar number, PAN and GST information.
  • Financial information, including bank account details, credit/debit card details, billing information, tax information and payroll information (as applicable); and
  • Photographs and signature copies.
  • Any other information which would help determine your eligibility to avail the services offered on the app.
  • Any other information you provide us when you access the Tide Platform or apply for our and our Tide Partners’ products and services through the Tide Platform
  • Data collected when you talk to us on the phone or in emails, web chats, letters, and surveys
  • Any data you provide us if you take part in our competitions or promotions
  • Any other information that we are required to collect as per specific mandate from any bank, NBFC or as a requirement under applicable law, regulation, rule or statute in India.

This includes data given by you or your business, as well as data provided by people linked with you or your business’ product or service, or people working on your behalf.

Data we collect when you use our products or services

  • Payment and transaction data
  • Geolocation data collected about your location through your mobile phone or other device
  • Profile and usage data (including, your security details, app or your website browser settings, and data from the devices you use to connect to the Tide Platform so we can provide you with our products or services).
  • We also use cookies and other internet tracking software to collect data while you are using our website or mobile app (or any other device) (as described in more detail under ‘Cookies and other tracking technology’).
  • We also collect information from and about the device through which you access our app. This includes permissions to:
    • Access the device’s camera: to allow you to scan documents instead of manually entering the data or information required.
    • Read SMS messages: to auto-populate OTPs and to collect information from providers of products/ services that will help us provide you with better access to our and our Tide Partners’ products and services.
    • Read/ copy contacts from device: to allow you to automatically add contacts from your phonebook instead of annually entering details.
    • Store on device: to allow you to store documents/ images generated from the app on your device for offline viewing, and upload the right documents, for a smooth user experience.
    • Device location: for security purposes/ tackling fraud and validating transactions

Data we collect from third parties

  • Tide Partners, such as Ratnakar Bank (RBL)
  • Other companies and partners that introduce you to us
  • Our third-party vendors, including services that help us authenticate your identity, like KYC service providers
  • Your credit information (credit score and credit information report) from credit information companies on your behalf
  • Social networks and other technology providers (for instance, when you click on one of our advertisements on social media platforms like Facebook or Google)
  • Fraud prevention agencies
  • Other financial institutions (to fulfil a payment or other service as part of a contract which they have with you, or to help prevent, detect and prosecute unlawful acts, money laundering, and fraudulent behaviour)
  • Public information sources
  • Third-party agents, suppliers, sub-contractors and advisers
  • Market researchers
  • Government, law enforcement agencies, authorities and regulatory bodies to help the Tide Group comply with its legal obligations.

How we use your personal information

We use your personal information for:

Serving you

  • Managing our relationship with you or your business, including to provide services to you, to conclude transactions, to generate and maintain user profiles, and to provide personalised features/ content of interest to you
  • Communicating with you about our and Tide Partners’ products and services, and responding to your requests/ queries, through calls, SMS messages, emails, Tide Platform notifications or other means
  • Developing and carrying out marketing activities
  • Studying how our customers use products and services from us
  • Delivering promotional offers, including contacting you, through calls, SMS messages, emails, Tide Platform notifications or other means

Improving our business

  • Testing new products
  • Analytics and research and otherwise improving our products and services
  • Managing how we work with other companies that provide services to us and our customers
  • Developing new ways to meet our customers’ needs and to grow our business

Managing our operations

  • Delivering our and Tide Partners’ products and services
  • Marketing and outreach, such as to market to you or offer you Tide Partners’ special offers or other products or services we think that you may be interested in
  • Collecting and managing fees and other charges from you
  • Collecting and recovering money that is owed to us

Fraud prevention and managing risks

  • Identifying, investigating, reporting and preventing fraud, money laundering and other crime
  • Managing risk for us and our customers
  • Managing and protecting our information technology infrastructure
  • Complying with laws and regulations
  • Investigating and responding to complaints and feedback

Business management

  • Operating our business in an efficient way, including managing our financial position, business capability, planning, adding and testing systems and processes, managing communications, corporate governance, and audit
  • Carrying out our obligations arising from and exercising our rights set out in our contracts

Who we share your personal information with

We do not share any sensitive or personal data about you with any third parties unless necessary. We will only disclose personal information with third parties for the reasons explained in this Privacy Policy or otherwise in the Terms. Below is a list of the types of third parties that we may share your personal information with.

Tide Group

We may share your personal information with other companies in Tide Group (whether in or outside India) that help us with any of the purposes noted above or otherwise in the Tide Platform Terms of Use.

Tide Partners and third party links

We may share your information with Tide Partners, such as our banking partner RBL, for the purposes noted above or otherwise in the Terms.

We may include or offer products or services to you from Tide Partners on the Tide Platform. Tide Partners’ websites have separate and independent privacy policies that apply and we (and any other Tide Group company; or any of our Tide company directors, officers, agents, contractors, sub-contractors or workers) have no responsibility or liability for the content, activities and services relating to those linked websites. You can contact those third party Tide Partners for more information on how they may use your information. Similarly, the Tide Platform may host links to third party websites. We are not responsible for the content, activities or services related to such linked websites.

Authorities

We may share your information with any governmental authority or law enforcement officers who request or require any information and we think disclosure is required or appropriate in order to comply with laws, regulations, or a legal process.

Service providers

We may share your information with third party service providers (whether in or outside India) to provide our services and products to you and to run our business. This includes vendors, agents, sub-contractors, suppliers, consultants, advisers and other service providers. If you have a product with benefits such as discount offers, we will share your data with the benefit providers.

General business

We may share your information with third parties to help grow and improve our business. This includes:

  • Companies we have a joint venture or agreement to co-operate with
  • Organisations that introduce you to us
  • Market researchers
  • Advisers who help us to come up with new ways of doing business
  • Advertisers and technology providers that you use (such as third-party websites you visit, social networks, and providers of apps and smart devices).
  • While negotiating or in relation to a change of corporate control such as a restructuring, merger or sale of our assets, we may have to disclose our databases and information we have stored in the course of our operations.
  • Other financial institutions to help prevent, detect and prosecute unlawful acts, money laundering or fraudulent behaviour.

Sharing anonymised data

We may share anonymised data with other companies, but only when it is converted so that no-one’s identity can be known or found out and is no longer considered to be personal information under the law (it is anonymised).

How long we keep your personal information

We will keep your personal information as long as it necessary to provide you services on the Tide Platform (for the purposes listed in ‘How we use your information’). We shall retain and use the information collected as necessary to comply with our obligations under applicable law or contracts, resolve disputes or for other business purposes.

To ensure compliance with applicable laws, we may need to retain information even after you have terminated your account with us or stopped using the Tide Platform. We may also keep your contact information and other details for fraud prevention and for the exercise/defense of a legal claim or for providing evidence in legal proceedings.

Post termination, we may continue to use the anonymised data aggregated or in combination with anonymised data of other users. We use this for analytics, research and other business purposes.

Cookies and other tracking technologies

We may use cookies to distinguish you from other users of our products or services. This helps us to provide you with a good experience, and also allows us to improve our products or services. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device when you visit our website. Cookies send information back to the originating website on each subsequent visit, or to another website which recognises that cookie. Cookies also make it easier for you to log in and use our website.

We may use the following cookies:

  • Strictly necessary cookies required for the operation of our products or services (including, for example, cookies that enable you to log into secure accounts and use interactive features);
  • Analytical/performance cookies that allow us to recognise and count the number of visitors and users and see how they use the products or services (e.g. (without limitation) to help us improve the way our products or services work or are provided, by ensuring that users are finding what they are looking for easily);
  • Functionality cookies to help us recognise you when you return to our website (this enables us to e.g. (without limitation) personalise our content for you, greet you by name and remember your preferences, such as choice of language or region).
  • Targeting cookies to record your visit to our website, the pages you have visited and the links you have followed. We may use this information to make our products and services and the information displayed on it, which we reasonably think is more relevant to your interests. We may also share this information with third parties for this purpose.

You can block or disable cookies by activating the setting on your website browser that allows you to refuse the setting of all or some cookies. All browsers provide tools that allow you to control how you handle cookies: accept, reject or delete them. These settings are normally accessed via the ‘settings’, ‘preferences’ or ‘options’ menu of the browser you are using, but you could also look for a ‘help’ function or contact the browser provider. However, if you set your browser settings to block or disable all cookies (including essential cookies) you may not be able to access all or parts of our Platform for which we require the use of cookies.

Your rights

You will have the following rights with regard to our usage of your data and you can exercise those rights by writing to us at dpoindia@tide.co.

  • Right of Rectification: In the event that any personal data provided by you is inaccurate, incomplete or outdated, then you have the right to provide us with the accurate, complete and up to date data, and have us rectify such data at our end without undue delay. Please ensure you notify us without undue delay of any changes to the personal data that you have provided to us by updating your details on the Tide Platform or by contacting us at the details provided in this Privacy Policy.
  • Right to Opt Out: We or our service providers may communicate with you through voice calls, text messages, emails, Tide Platform notifications, or other means. The communication may relate to (a) Tide Services (as defined in the Tide Terms of Use), (b) Tide promotional offers, or (c) any other information that Tide or Tide Partners may want to share with you. You may opt out of receiving information about promotional offers by writing to us at hello@tide.co. But even if You opt out of receiving information from us, we may still send You non-promotional communication.
  • Right to Erase Personal Data: You have the right to demand us to erase your personal data and we will do so without undue delay, provided that the data is no longer required by us and there is no legal requirement to retain the data.
  • Right to Data Portability: You have the right to seek a copy of your data held by us in a structured, machine-readable format. We may not be able to provide you data in this manner, if this is technically infeasible or would reveal a trade secret, personal data of third parties, business confidential information or any other information that we are prohibited to disclose under applicable laws.

How to withdraw your consent

You can withdraw your consent to our processing of your information at any time. Please contact us if you want to do so. If you withdraw your consent, we may not be able to provide products or services to you. You acknowledge that despite your request to withdraw consent, we may still need to retain some data about you for complying with applicable law, contractual obligations, law enforcement requests or judicial proceedings.

Data protection practices

We employ adequate technical and organisational security measures to protect your personal information from being accidentally lost, used, changed, shared or accessed in a way it shouldn’t be. Some of these include:

  • The pseudonymisation and encryption of personal data, where possible.
  • Ensuring the ongoing confidentiality, integrity, availability and resilience of processing systems and services via role-based access controls, firewalls, confidentiality undertakings of our staff, etc.
  • The ability to restore the availability and access to personal data quickly in the event of or technical incident.
  • A process for regularly testing, assessing and evaluating the effectiveness of our technical and organisational measures.

We will also limit access to your personal data to employees, agents, contractors and other third parties who have a strict need to see it in order to perform their business functions. They will only process your personal data on a ‘need-to-know’ basis, pursuant to our instructions and they will keep your personal data confidential.
We have put in place procedures to deal with any suspected personal data breach and will let you and any applicable regulator know of a breach when we have to by law.

However, we do not guarantee that personal data will be completely protected. Any transmission of personal data by you is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Tide Platform, including through the illegal acts of third parties.

Updates to this Privacy Policy

We may update this Privacy Policy from time to time to ensure that it remains accurate. Please check back from to time to time for updates.

This Privacy Policy was last updated on 01 October 2021.