Privacy Policy

  1. Introduction
  • Tide Platform Ltd (Company number 09595646) (Tide, we, us or our) provides the products and services offered on the Tide website and/or mobile application www.tide.co (Platform). We are registered with the Information Commissioner (No. ZA165305); and authorised and regulated as an Electronic Money Institution by the Financial Conduct Authority in the United Kingdom with reference number: 900843.
  • For the purposes of the Data Protection Act 2018 and General Data Protection Regulation (EU) 2016/679 as amended from time to time (“DPA”), we are the data controller of any data we hold that may be used to identify you (“personal data”).
  • For the purpose of providing our services under the Tide Terms & Conditions we also act as an agent for PrePay Technologies Limited, a company registered in England and Wales with number 04008083 who can be contacted at PO Box 3883 Swindon SN3 9EA (PPS), which is a separate controller in relation to your personal data. You can see details about how PPS uses and protects your personal data at Section 11 of this policy.
  • We have adopted this policy to ensure that we have standards in place to protect the data that we collect about you that is necessary and incidental to:
    • providing the products and services that we offer; and
    • the normal day-to-day operations of our business.
  • Together with the Tide Terms & Conditions and the Tide Customer Agreement (Service Terms), this Privacy Policy it forms part of our agreement with you and determine our responsibilities under the DPA.
  • Capitalised terms not otherwise defined in this Privacy Policy shall have the meaning given to them where they first appear, or in the Service Terms of which this Privacy Policy forms part, or the DPA.
  • If, at any time, you provide data or other information about someone other than yourself, you warrant that you have that person’s consent to provide such information for the purpose specified.
  • Tide is not available to children (persons under the age of 18 years).
  • If you have any queries about this Privacy Policy or how we use your information, please contact us by email where possible:

hello@tide.co
The Data Controller,
Tide Platform Ltd
2nd Floor White Bear Yard
144a Clerkenwell Road
EC1R 5DF
London
United Kingdom

 

  1. Collection, purpose and legal basis for Processing
  • We may collect and process the personal data specified in Annex A to this Privacy Policy, for the purpose and on the legal basis specified in that Annex.
  • We only collect personal data relevant to your use of the Platform and the administration and enforcement of the Service Terms.
  1. How Personal Data is Stored
  • The personal data that we hold will be stored in the European Economic Area (EEA), but may be transferred to, and stored at, a destination outside the EEA, with and by third parties.
  • Data may also be processed by third parties and/or staff operating outside the EEA who work for us or for one of our third party partners. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.
  •  Your personal data will be stored for the duration of the Service Terms and for such time thereafter as required by Applicable Law or the limitation period for bringing contractual claims under or in relation to the Service Terms.
  1. When Data is Disclosed
  • We only disclose personal data to Third Party Service Providers for the purposes explained in Annex A to this Policy.  Third Party Service Providers will only use your information to help provide the Platform, they will not market to you.
  • In order to access the Platform, you may be required to accept additional privacy policies which are specific to third parties whose services you uses (such as an internet service providers).
  • We may share your information with third-party service providers in connection with the provision of the Platform (Third Party Service Providers) and related services to you, and otherwise operating our business, marketing and promoting our products and services. We may link your account with a Third Party Service Provider to the Platform to enable certain functionality, which allows us to obtain information from those accounts.
  • You may choose to access the Platform third parties (such as your accountant) (Third Party Systems). In order to engage with such Third Party Systems, you may be required to accept additional privacy policies which are specific to those Third Party Systems. If you sign-up to Tide through a Third Party System we may share such information  and for such purposes as explained in Annex A to this Policy.. We may also share anonymous aggregate information about you with Third Party Systems to allow them to provide targeted information to you through the Platform.
  • The Platform may contain links to other websites and third party services. When linking your account with third parties, you must read the privacy policies of such providers, so that you can understand the manner in which they will handle your personal data. The information we may obtain from those services often depends on their privacy policies or account settings. Please be aware that we shall not be held responsible for the privacy policies of such other sites and services. Please read the privacy policies or statements of each and every site or service that collects your personal data.
  • These service providers may be located or have facilities that are located a different jurisdiction (including outside the EEA), in which case your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

 

  1. Processing of personal data provided to us by others
  • We will process your personal data provided to us by PPS concerning your account and transactions involving their services (see Section 11 below).
  • As required by Applicable Law, we will also check your identity and other personal details with a fraud prevention agency/agencies and credit reference agencies. If you give false or inaccurate information and we identify fraud, this will be recorded and may be shared by those agencies with other organisations, so that we and those other organisations, including law enforcement agencies and debt collection agencies, may access, use and search these records to:
    • help make decisions about credit and credit related services, for you and members of your household;
    • help make decisions on motor, household, credit, life and other insurance proposals and insurance claims, for you and members of your household;
    • trace debtors, recover debt, prevent fraud, and to manage your accounts or insurance policies;
    • prevent fraud and money laundering, for example, when:
      • Checking details on applications for credit and credit related or other facilities;
      • Managing credit and credit related accounts or facilities;
      • Checking details on proposals and claims for all types of insurance; and
      • Checking details of job applicants and employees.
  • More information about credit reference agencies, their role as fraud prevention agencies, the data they hold, for how long, your rights and how they use personal data is available at the following links to each agency’s Credit Reference Agency Information Notice:

    Call Credit:

    Equifax

    Experian:

 

  1. Cookie Policy
  • Our Platform may use cookies to distinguish you from other users of our Platform. This helps us to provide you with a good experience when you browse our Platform, and also allows us to improve our Platform. Your consent will be obtained prior to our use of cookies on our Platform and you are able to revoke that consent following the procedure below.
  • A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device if you agree. Cookies send information back to the originating website on each subsequent visit, or to another website which recognises that cookie.
  • We may use the following cookies:
    • Strictly necessary cookies required for the operation of the Platform (including, for example, cookies that enable you to log into secure accounts and use interactive features);
    • Analytical/performance cookies that allow us to recognise and count the number of visitors and users and see how they use the Platform (e.g. to help us improve the way our Platform works by ensuring that users are finding what they are looking for easily);
    • Functionality cookies to recognise you when you return to the Platform (this enables us to personalise our content for you, greet you by name and remember your preferences, such as choice of language or region).
    • Targeting cookies to record your visit to the Platform, the pages you have visited and the links you have followed. We will use this information to make our Platform and the information displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
  • Please note that third parties (including, for example, Third Party Services and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. You should refer to their privacy policies or cookie policies for the relevant information about those cookies.
  • You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. All browsers provide tools that allow you to control how you handle cookies: accept, reject or delete them. These settings are normally accessed via the ‘settings’, ‘preferences’ or ‘options’ menu of the browser you are using, but you could also look for a ‘help’ function or contact the browser provider. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Platform for which we require the use of cookies.

 

  1. The Safety & Security of Your Personal Data
  • We will take all reasonable precautions to protect your personal data from unauthorised and unlawful access and processing, as well as accidental loss, destruction or damage. This includes appropriately securing our physical facilities and electronic networks. Examples of such precautions include:
    • Data encryption
    • Firewalls
    • Intrusion detection systems
    • Physical protection of premises where data is stored (24/7)
    • Background checks for all employees accessing our physical facilities

 

  • The security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. When you provide information to us via the internet or by post, you do so at your own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, data, where the security of information is not within our control.
  • Privacy or security practices of any third party (including third parties that we are permitted to disclose your data to in accordance with this policy or any applicable laws) may be subject to separate privacy and security policies than that of Tide’s.
  • If you suspect any misuse or loss of, or unauthorised access to, your data, you should let us know immediately.
  • We are not liable for any loss, damage or claim arising out of another person’s use of the data where we were authorised to provide that person with the data.

 

  1. Your rights
  • The table in Annex B to this Privacy Policy explains your rights under the DPA and how to exercise them. This Privacy Policy provides confirmation of the details required in relation to your right of access.
  • We aim to keep your personal data up-to-date, so please advise us of any changes by e-mailing hello@tide.co or by updating the Platform promptly if there is any change in your name, residential address, telephone number, e-mail address or any other details that are important for our dealings with you in relation to the Platform.

 

  1. Complaints and Disputes
  • You have the right to object to:
      • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
      • direct marketing; and
      • processing for purposes of scientific/historical research and statistics
      • unless we hold compelling legitimate grounds for processing or the processing is for the establishment, exercise or defence of legal claims.
  • You can adjust your contact preferences at any time in the ‘More’ section of the Tide app.
  • You can choose how you would like to receive marketing and other non-business critical communications.
  • Any changes made to these contact preferences can take up to 72 hours to come into effect.
  • If you have a complaint about our handling of your data, you should address this complaint in writing to the details provided at the top of this page.
  • You have the right to lodge a complaint with the Information Commissioner or other competent supervisory authority if you consider that the processing of your data infringes the DPA.
  • If you lodge a dispute regarding your data, we both must first attempt to resolve the issue directly between us.
  • If we become aware of any unauthorised access to your data which is likely to result in a high risk for the rights and freedoms of the data subjects, we will inform you without undue delay after becoming aware of it, once we have established what was accessed and how it was accessed.

 

  1. Additions to This Policy
  • We reserve the right to modify this policy at any time on the same conditions as we may vary our Service Terms. If we decide to change this policy, we will post the changes on our Platform at www.tide.co/privacy. It is your responsibility to refer back to this policy to review any amendments. Changes and clarifications will take effect immediately upon their posting on the Platform. If we make material changes to this policy, we will notify you here that it has been updated.
  1. PREPAY TECHNOLOGIES LIMITED
  • Prepay Technologies Limited trading as Prepay Solutions (PPS) provides technology, expertise and regulatory authority appropriate for the operation of certain payment services and e-money accounts on Tide’s behalf under the Tide Terms and Conditions.
  • WHO IS PPS SOLUTIONS AND HOW DO THEY PROTECT MY PERSONAL DATA?
    • PPS is a company registered in England and Wales (Company number 04008083) and a registered office at 6th Floor, 3 Sheldon Square, Paddington, London, W2 6HY, United Kingdom. You can email PPS at contact@prepaysolutions.com or you can call PPS on 0845 303 5303 (+44 845 303 5303 from outside the UK).
    • PPS is the Data Controller in relation to your Card and all necessary activities relating to the operation of the Card: allowing you to receive, activate and use your Card (activating, managing and using your online account where applicable, making and receiving payment transactions, meeting legal requirements, answering requests, providing information to you).
    • PPS’ Data Protection Officer can be contacted at PO Box 3883, Swindon SN3 9EA or at dpo@prepaysolutions.com.
  • WHY DOES PPS HANDLE MY PERSONAL DATA?
    • Processing is necessary for the performance your contract for the issue and operation of Cards and is necessary for compliance with legal obligations applicable to PPS. PPS does not use your personal information for marketing purposes and will not share your information with third parties for marketing purposes.
  • WHAT PERSONAL DATA DOES PPS PROCESS?
Type of personal information Description
Personal Details Full name and date of birth
Contact Details Where you live and how to contact you including phone numbers and e-mail addresses
Transactional and Card Data Details about your Card, use of your Card and payments to and from your accounts
Documentary Data Details about you that are stored in documents in various formats, or copies of them. This could include things like your passport, drivers licence or birth certificate collected to fulfil customer due diligence requirements.
  • Personal information will only be collected directly and voluntarily from you as part of the application process or as a result of transactions relating to your Cards. Some personal information may be verified by PPS with use of publicly accessible sources to fulfil customer due diligence.
  • SENDING PERSONAL INFORMATION OUTSIDE OF EEA
    • PPS will only send your personal information outside of the European Economic Area (EEA) to:
    • Follow your instructions
    • Comply with a legal duty
    • In relation to personal information processed by Mastercard certain processors are located outside of Europe. Personal information processed by Mastercard is subject to Mastercard Binding Corporate Rules which you have enforcement rights under as a third-party beneficiary.
  • DOES PPS SEND MY PERSONAL DATA TO ANY THIRD PARTIES?
    • PPS is committed to ensuring that your information is secure with us and with third parties who act on our behalf. These third parties include MasterCard, card manufacturers, suppliers of identity validation services, IVR and call recording (telephone) suppliers and to Tide. PPS uses many tools to make sure that your information remains confidential and accurate.
  • HOW LONG DOES PPS HOLD MY PERSONAL DATA?
    • PPS does not keep your information for longer than we need to, which is usually up to 7 years after termination of your contract, unless we they are  required to keep it longer (for example due to a court order or investigation by law enforcement agencies or regulators).
  • WHAT ARE MY RIGHTS?
    • You have the same rights as apply to personal data controlled by Tide. To exercise any of your legal rights, you can email PPS at dpo@prepaysolutions.com or you can write to PPS DPO at PO Box 3883, Swindon SN3 9EA.
  • RIGHT TO LODGE A COMPLAINT
    • If you wish to raise a complaint on how PPS has handled your personal information, you can contact PPS’ Data Protection Officer and if PPS fails to address your complaint you can contact the Information Commissioner’s Office (https://ico.org.uk/).

 

Annex A

Personal Data Collected Purpose Basis for processing
(a)        Information that you provide by filling in forms on the Platform. This includes information provided at the time of registering to use the Platform, posting material or requesting further services. We may also ask you for information when you report a problem with the Platform;

(b)        Your contact details, including residential and business address(es), your e-mail address, home address, mobile and/or landline telephone numbers;

(c)        Records of any correspondence between you and Tide;

(d)        Details of transactions you carry out through the Platform, information about payments you make and receive such as the date, amount, currency and details of payer/payee;

(e) Details of your visits to the Platform and the resources that you access;

(f) Pixel tags and web beacons;

(g) information you post about us, or communicate to us, on a social media service;

 

·       to manage and administer the Platform;

·       to enable you to use the Platform;

·       to communicate with you about the Platform, your relationship with us

·       to investigate complaints, deal with enquiries, complaints and feedback from you;

·       To give you any notices under the Service Terms;

·       To keep you informed about payments you initiate or information that you allow access to via the Platform;

·       To update Tide’s records;

·       To identify, prevent, detect or tackle fraud, money laundering and other crime;

·       To carry out checks required by applicable regulation or regulatory guidance;

·       To carry out our obligations arising from and exercise our rights under, any agreements between you and us, including tracing and recovering payments and debts;

·       To enable us to send email messages in a format customers can read and to show if email has been read;

·       To check any instructions given to us, for training purposes, for crime prevention and to improve the quality of our customer service.

 

To disclose to third parties:

·       In the course of using cloud services (Amazon Web Services);

·       information that may be required to communicate with you (such as Gmail from Google, Inc);

·       in relation to the provision of a cross-border payment solution (such as our partnership with Saxo Payments).

·       When entering into such contracts with third parties, we take all reasonable precautions to ensure that their privacy policy abides by the same principles held in this policy.

·       When you click on links to third-party websites, we may link your account with a third party to our services to enable certain functionality, which allows us to obtain information from those accounts.

·       If it is under a duty to disclose or share your personal data in order to comply with any legal obligation;

·       To enforce this Privacy Policy or the Service Terms;

·       to a credit reference agency to check your identity and to prevent fraud, (it will also keep a record of your request and use it whenever anyone applies to be authenticated in your name);

·       to Third Party Service Providers, agents and subcontractors, acting for us, to use for the purpose of operating the Platform;

·       to anti-fraud agencies, for the purpose of preventing and detecting fraud;

·       to debt collectors and other third parties to trace you and recover any debt;

·       In the event that Tide sells any business or assets, in which case it may disclose your personal data to the prospective seller or buyer of such business or assets;

·       To protect the rights, property, or safety of it, its customers, or others (which includes exchanging information with other companies and organisations for the purposes of fraud protection);

·       To investigate, prevent or detect fraud or carry out checks against money laundering;

·       For audit purposes and to meet obligations to any relevant regulatory authority or taxing authority.

 

The processing is necessary for:

·       the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;

·       compliance with a legal obligation to which we are subject;

·       the purposes of the legitimate interests pursued by us or a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.

Information about the device(s) you use to access the Platform and your visits to and use of the Platform (including your Internet Protocol address, location, browser/platform type and version, internet service provider, hardware model, advertising identifier, unique device identifiers, language, wireless network, mobile network (including mobile number), operating system, referral source, exit pages, length of visit, page views, website navigation and search terms used)

 

·       To improve your browsing experience by personalising the Platform;

·       To develop and improve the Platform;

·       To ensure that content on the Platform is presented in the most effective manner for you and for your computer;

 

To disclose to third parties:

·       To comply with a current judicial proceeding, a court order or legal process served on us, any request by the FCA or any other regulator who may have jurisdiction over us from time to time or for audit purposes and to meet obligations to any relevant regulatory authority or taxing authority;

·       To enforce this Privacy Policy or the Service Terms;

 

The processing is necessary for:

·       the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;

·       the purposes of the legitimate interests pursued by us or a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.

Copies of passports, name, location, date of birth, location, photograph, driver’s licence or other identification evidence that you provide for anti-money laundering and anti-fraud purposes;

 

·       To identify you and verify your identity;

·       To identify, prevent, detect or tackle fraud, money laundering and other crime;

·       To carry out checks required by applicable regulation or regulatory guidance;

 

To disclose to third parties for:

·       authentication of identity, passport and driver’s license (third parties such as AU10TIX, Onfido, GB Group, Trulio);

·       To comply with a current judicial proceeding, a court order or legal process served on us, any request by the FCA or any other regulator who may have jurisdiction over us from time to time or for audit purposes and to meet obligations to any relevant regulatory authority or taxing authority;

·       To enforce this Privacy Policy or the Service Terms;

·       To a credit reference agency to check your identity and to prevent fraud, (it will also keep a record of your request and use it whenever anyone applies to be authenticated in your name);

·       To anti-fraud agencies, for the purpose of preventing and detecting fraud;

 

The processing is necessary for:

·       the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;

·       compliance with a legal obligation to which we are subject;

·       the purposes of the legitimate interests pursued by us or a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.

(a)   Records of any surveys that you may be asked to complete about, for example, online and offline preferences, habits, movements, trends, decisions, associations, memberships and finances;

 

(b)   Your e-mail address, mobile and/or landline number;

 

(c)   Information you wish us to provide to your accountants, lawyers or other professional advisers;

 

(d)   We may collect your name and address from publicly available sources such as Companies House.

 

·       To provide you with information, products or services that you request or which Tide decides may interest you;

·       For statistical analysis;

·       To identify which elements of the Platform or other products might interest you.

 

To disclose to third parties:

 

·       to assist marketing and promotions to  customers and prospects on social media (such as Facebook or via post – please see the “Direct Mail Marketing” section below);

With your consent

 

Annex B

Your Rights

Your Rights and How to Exercise Them Exception
Right of Access: To obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information: (a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; (d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; (e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; (f) the right to lodge a complaint with a supervisory authority; (g) where the personal data are not collected from you, any available information as to their source; (h) the existence of automated decision-making, including profiling, referred to in Article 22(1) of the GDPR and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

How to exercise:

This Privacy Policy provides confirmation of the details required in relation to your right of access.

Under the DPA, you have a right to access certain personal records that Tide holds about you. Any access request may be subject to a fee to meet Tide’s costs in providing you with details of the information they hold about you if the request is unfounded or excessive. You can exercise the right at any time by contacting Tide at hello@tide.co.

 

Right to rectification: to obtain from us without undue delay the rectification of inaccurate personal data concerning you.

We must communication to each recipient to whom the rectified personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

We shall inform you about those recipients if you request it.

You can exercise the right at any time by contacting Tide at hello@tide.co.

Right to erasure: to obtain from us the erasure of personal data concerning you without undue delay where:

(a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

(c) you object to the processing based on legitimate interest where there are no overriding legitimate grounds for the processing;

(d) the personal data have been unlawfully processed;

(e) the personal data have to be erased for compliance with a legal obligation to which we are subject.

We must communication to each recipient to whom the erased personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

We shall inform you about those recipients if you request it.

You can exercise the right at any time by contacting Tide at hello@tide.co.

Processing is necessary for

(b) compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us; or

(e) the establishment, exercise or defence of legal claims.

Right to request the restriction of processing concerning you: to obtain from us restriction of processing where:

(a) the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;

(b) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;

(c) we no longer need the personal data for the purposes of the processing, but it is required by you for the establishment, exercise or defence of legal claims;

(d) you object to the processing based on legitimate interest pending the verification whether our legitimate grounds override yours.

We must communication to each recipient to whom the restricted personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

We shall inform you about those recipients if you request it.

You can exercise the right at any time by contacting Tide at hello@tide.co.

Where processing has been restricted under this right, such personal data shall, with the exception of storage, only be processed:

(a)   with your consent; or

(b)   for the establishment, exercise or defence of legal claims; or

(c)   for the protection of the rights of another natural or legal person; or

(d)   for reasons of important public interest of the Union or of a Member State.

 

The right to data portability: to receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where:

(a) the processing is based on consent or is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract; and

(b) the processing is carried out by automated means.

You have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to the right to erasure.

You can exercise the right at any time by contacting Tide at hello@tide.co.

 

That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

 

The right to object to processing: to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on processing necessary for the purposes of the legitimate interests pursued by us or a third party (except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data), including profiling.

You can exercise the right at any time by contacting Tide at hello@tide.co.

Where:

(a)   we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject; or

(b)   for the establishment, exercise or defence of legal claims.

 

The right to ask us not to process your personal data for direct marketing purposes: to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

You have the right to ask Tide not to process your personal data for marketing purposes. Tide will usually inform you (before collecting your data) if it intends to use your data for such purposes or if it intends to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms used to collect your data.

You can also exercise the right at any time by contacting Tide at hello@tide.co.

The right not to be subject to automated individual decision-making, including profiling: to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

 

You can exercise the right at any time by contacting Tide at hello@tide.co.

If the decision:

(a) is necessary for entering into, or performance of, a contract between you and us;

(b) is authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests; or

(c) is based on the data subject’s explicit consent.

In the cases referred to in points (a) and (c) we shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on our part, to express his or her point of view and to contest the decision.