Tide Logo

Privacy Policy

Hi! We’re Tide. We put our Members at the heart of what we do. We want to build long-lasting relationships based on transparency and trust. This is why we have developed this Privacy Policy in which we explain how we will treat your personal if and when you use our products and services or when you visit our website. Our Privacy Policy is divided into the following sections: 

  • Who we are

  • Tide is your Data Controller

  • Tide is also your Data Processor in some cases 

  • When we are a ‘Data Processor’   

  • Third party providers of services available via the Tide Platform 

  • Personal data we collect 

  • Where we collect personal data and who we share it with 

  • Our key partners as Data Controllers 

  • Sharing anonymised data 

  • Third-party links 

  • How long we keep your personal data 

  • Transfer of your data out of the EEA 

  • Cookies and other tracking technologies 

  • Your rights 

  • How to contact us and how to complain 

  • How to withdraw your consent or opt-out of processing 

  • Security 

  • Keeping your data accurate

  • Updates to this Privacy Policy 

Who we are  

We’re Tide Platform Ltd, but you’ll know us better as Tide. We’re a company that respects your privacy and is committed to protecting your personal data. This privacy notice explains how we achieve that. 

Personal data we collect from you will be held by Tide Platform Ltd, which is part of the Tide company group. The Tide company group is made up of our main legal entity in the UK – Tide Platform Ltd; and other legal entities that are under the control of or in common control with Tide Platform Ltd. (the latter referred to as “Tide Group Entities”). Collectively Tide Platform Ltd. and the Tide Group Entities will be referred to as “Tide”, “we” or “us” throughout this policy. We’ll let you know which Tide or non-Tide company you have a relationship with before you take out a product or service on the Tide Platform. More information about Tide can be found on Our Website.

We are registered with the Information Commissioner’s Office (registration no. ZA165305) and are authorised and regulated by the Financial Conduct Authority (FCA) in the UK (reference nos. FRN:900843 and FRN:718743). 

We provide the “Tide Products and Services” which are all the products, services and information offered via our iOS and Android mobile applications available for download on the App Store and on Google Play (“Our App”) and via our website identified by the following Uniform Resource Locator (URL): www.tide.co, including its subdomains (“Our Website”). Our App and Our Website together form “the Tide Platform”.

Tide is your Data Controller    

When you use Tide Products and Services on the Tide Platform, Tide will collect, process and use personal data about you. Tide will be the Data Controller of this personal data, which means we’re responsible for ensuring your data is handled in compliance with the applicable laws on the protection of personal data, privacy and electronic communications in the UK, including but not limited to The Data Protection Act 2018 (the “DPA 2018”, the United Kingdom General Data Protection Regulation (the “UK GDPR”) and The Privacy and Electronic Communications Regulations (“PECR”). 

If you have any queries about this Privacy Policy or how we or any other Tide Group Entities (may) collect, store or use your data, please contact us by email at hello@tide.co.

Throughout this Privacy Policy the terms “Personal Data”, “Data Controller”, “Data Processor”, “Processing”, “Data Subject” and “Profiling” shall have the meaning assigned to them by the applicable data protection laws mentioned above. 

Tide is also your Data Processor in some cases 

When we process personal data related to other individuals (such as your employees or customers) that you’ve provided to us for the purposes of using Tide Products and Services, we may be acting as a Data Processor on your behalf (discussed below). 

When we are a ‘Data Processor’  

When you use some of the Tide Products and Services, Tide will be a Data Processor and you – a Data Controller, which means we will process the personal data you provide to us solely for the purposes of delivering the Tide Products and Services to you and in accordance with your instructions on how to handle this data.

In particular, when you use Tide Products and Services, or those of our partners, that require you providing your employee, customer or other third-party personal data, Tide will be acting as a Data Processor of that data to the extent necessary to provide the Tide Products and Services to you. Such Products and Services include but are not limited to invoicing, bookkeeping, multi-user access, employee payroll and accountancy products.

When we act as a Data Processor, we are required under the applicable data protection laws to have a written agreement in place with you which outlines how we will process the personal data on your behalf. We will let you know if you are using any Tide Products and Services for which Tide is a Data Processor you shall review and enter into the Tide Data Processing Agreement (“DPA”) with us. By using those services, you will be deemed to have read, reviewed and agreed to our DPA with you. If you have any questions about the DPA, please get in touch with us at dpo@tide.co.

Personal data we collect 

We collect personal data for a variety of reasons, including to meet our legal obligations, manage our operations, improve our business, establish, exercise or defend our legal claims and most importantly – to deliver our Services and Products to you. We’re dedicated to protecting all of our Tide Members from the industry-wide threat of fraud, so we may use any data provided to us for the identification, investigation, reporting and prevention of fraud.

Below is a list of types of personal data that we will collect and use when you apply for, or use, any of our Products or Services.

Type of personal data 

Description

Purpose

Lawful basis

Contact

Your name, addresses, e-mail addresses, phone numbers and other ways in which to contact you

Managing our relationship with you or your business.

Communicating with you about our and our business partners’ products and services.

Delivering the Tide Products and Services to you, including to facilitate your use of the different Tide Products and Services via single sign-on.

Developing and carrying out marketing or business development activities.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Communicate with our customers. 

Keep our records up to date.

Resolve issues and improve the service we provide to you. 

Optimise your user experience. 

When it is in your or someone else’s vital interest.

Transactional

Details about the transactions you carry out and the payments to and from your accounts with us.

Details about transactions you have carried out with other banks or payment services providers

Making and managing customer payments.

Delivering our and our business partners’ products and services.

Managing fees, charges and interest due on customer accounts.

Collecting and recovering money that is owed to us.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Facilitate delivery of the Tide Products and Services. 

Develop the Tide Products and Services, our pricing for them and types of Members that may want to use them.

Develop and improve how we deal with financial crime, as well as discharging our legal duties in this respect.

Contractual

Details about the Tide Products and Services we provide to you or the Tide Products or Services you’ve applied for

Carrying out our obligations arising from and exercising our rights set out in our contracts with you.

Collecting and recovering money that is owed to us.

Operating our business in an efficient and proper way, including managing our financial position, business capability, planning, and audit.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Understand and improve how we contract with our customers.

Understand each party’s obligations and risks under any agreements.

Be efficient about how we fulfil our legal and contractual duties.

Locational

Data we get about where you are. This may come indirectly from the IP address assigned to your device when you connect to the Internet or from post codes. It may also include locations where you’ve used your Tide payment card.

Delivering our and our business partners’ products and services.

Identifying, investigating, reporting and preventing fraud, security breaches, money laundering and other crime.

Protecting your account and funds held with Tide from malicious actors.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Be efficient about how we fulfil our legal and contractual duties.

Determine the risks that applicants for a Tide account may pose to Tide’s business and our Members. 

Develop and improve how we deal with financial crime, as well as discharging our legal duties in this respect.

Develop the Tide Products and Services, our pricing for them and types of Members that may want to use them.

When it is in your or someone else’s vital interest.

Behavioural

Details about how you use products and services offered on the Tide Platform from us and other organisations, incl. clicks and taps, time spent on pages, app downloads, time and date of usage of our Products and Services, etc.

Studying how our Members use Products and Services and the Tide Platform.

Testing new Tide Products or Services.

Managing how we work with other companies and partners that provide products or services to our Members.

Delivering more personalised user experiences to our Members.

Developing and carrying out marketing or business development activities.

Identifying, investigating, reporting and preventing fraud, security breaches, money laundering and other crime.

Protecting your account and funds held with Tide from malicious actors

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Work out which of the Tide Products and Services may be of interest to you and tell you about them.

Determine the risks that Members may pose to Tide’s business and our Members.

Develop and improve how we deal with financial crime, as well as discharging our legal duties in this respect.

Develop new products and services, our pricing for them and types of Members that may want to use them.

Technical

Details on the devices and technology you use, for example your website browser settings or cookie/marketing choices. 

Delivering the Tide Products and Services to you.

 

Delivering our business partners’ products and services.

Identifying, investigating, reporting and preventing fraud, money laundering and other crime.

Developing and carrying out marketing or business development activities.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Be efficient about how we fulfil our legal and contractual duties.

Develop and improve how we deal with financial crime, as well as discharging our legal duties in this respect.

Develop Tide Products and Services, our pricing for them and types of Members that may want to use them.

Communication

Any emails, calls, chats, feedback, testimonials or other communications, incl. file attachments, you’ve sent or provided to us. What we learn about you from communications between you and Tide

Investigating and responding to your enquiries, complaints and feedback.

Improving the Tide Products and Services and carrying out market or user research

Tailoring the Tide Products and Services to your individual needs and characteristics and ensuring all Tide customers receive good and fair outcomes

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Communicate with our customers. 

Be efficient about how we fulfil our legal and contractual duties.

Resolve issues and improve the Tide Products and Services we provide to you. 

Public and third-party records

Details about you that are contained in publicly available sources, such as the Electoral Register, Companies House or Trustpilot and data we receive from records of third-party service providers, such as credit reference or fraud protection agencies like CIFAS.

Identifying, investigating, reporting and preventing fraud, money laundering and other crime.

Assessing your eligibility for Tide Products and Services. 

Developing and carrying out marketing or business development activities.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Determine the risks that applicants for a Tide account may pose to Tide’s business and our Members. 

Develop and improve how we deal with financial crime, as well as discharging our legal duties in this respect.

Keep our records up to date.

Work out which of the Tide Products and Services may be of interest to you and tell you about them.

Develop Tide Products and Services, our pricing for them and types of members that may want to use them.

Documentary data

Details about you that are stored in documents in different formats, or copies of them. This could include things like your passport, driver’s licence, birth certificate, photographs of invoices, bills and other documents.

Identifying, investigating, reporting and preventing fraud, money laundering and other crime.

Complying with laws and regulations that require us to verify your and other individuals’ identity.

Providing you with Tide Products and Services.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Be efficient about how we fulfil our legal and contractual duties.

Develop and improve how we deal with financial crime, as well as discharging our legal duties in this respect.

Determine the risks that applicants for a Tide account may pose to Tide’s business and our Members. 

Consents

Any permissions, consents or preferences that you give us

So we know what your preferences are in regards to marketing, automated decision-making and profiling (where this activity is based on your consent), cookies and any other relevant data processing activities that you can opt-out of. 

Developing and carrying out marketing or business development activities.

Fulfilling our contract with you.

When it is our legal duty.

When you consent to it.

When it is in our legitimate interest to:

Keep our records up to date.

Establish, exercise or defend our legal claims.

Ask for your consent when we need it to contact you.

Special category data and criminal offence data

Any categories of data you decide to provide to us, which are defined as ‘special category’ or ‘sensitive’ by applicable laws, including personal data related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union members, genetic data, biometric data, health, sex life or sexual orientation. In particular, we will process data about your criminal offence history and alleged criminal offences, data related to your health (such as disabilities and special health needs), biometric data (photos or videos of you) and racial or ethnic origin (how you identify your ethnicity).

Verifying your identity when we need to.

Tailoring the Tide Products and Services to your individual needs and characteristics and ensuring all Tide customers receive good and fair outcomes.

Understanding our community and the types of Members we work with.

Operating our business in a proper way, including managing our corporate social responsibility and risk. 

Fulfilling our contract with you.

When it is our legal duty.

When you provide explicit consent.

When it is in the public interest. 

When that information has been made manifestly public by you.

When it is in your or someone else’s vital interest. 

Your customer, business partner or employee data

Any data that you provide us with about your employees, business partners, customers or other third-parties (

e.g.,

 

name on an invoice, email address of a team member, etc.).

Delivering our and our business partners’ products and services to you.

Identifying, investigating, reporting and preventing fraud, money laundering and other financial crime.

When you have instructed us to do so and by virtue of your existing contractual relationship with us. 

When it is our legal duty.

When it is in our legitimate interest to:

Develop and improve our strategy for dealing with financial crime.

Determine the risks that Members may pose to Tide’s business and our Members.

 

Automated decision-making and profiling 

To make quicker and more consistent decisions, we also conduct automated individual decision-making in some instances. This means that in the cases listed below we will analyse some information about you via technological means to assess your personal circumstances and thus predict risks, preferences or outcomes. For example, we perform automated decision making in the following cases: 

  • When you apply for an account on the Tide Platform.

  • When we offer you credit-related Tide Products and Services.

  • When we monitor transactions on the Tide Platform to detect and prevent financial crime.

When we take automated decisions in those circumstances, you can request a review of such a decision by Tide, express your point of view or contest the decision by contacting us at dpo@tide.co or via Our App.

Tide will also conduct profiling for purposes of communicating effectively with you, for example, to send you relevant notifications or updates, according to the type of Tide Products and Services you use, interests you have, etc. Tide will also use such profiling for targeted or direct marketing purposes (for example, to issue advertisements tailored to your assumed interests in Tide Products and Services). 

Where we collect personal data and who we share it with  

We will collect personal data about you (or your business) from other Tide Group Entities and any of these sources:

Information from you 

This includes data given by you or your business, as well as data provided by people linked with you or your business’ product or service, or people working on your behalf, among others:

  • When you apply for Tide Products and Services

  • When you talk to us on the phone

  • When you use Our Website or Our App

  • In emails, web or in-app chats and letters

  • In surveys

  • If you take part in our competitions or promotions.

Information collected from and shared with others

We collect personal data from a number of different third parties, including our service partners, such as PrePay Solutions and ClearBank (defined below).

Type of third party

Description

Collect

Share

Tide Group Entities

Our affiliated companies 

Clear Bank and PPS

Our key service partners. 

Credit reference agencies (CRAs)

We carry out credit checks when you apply for some of the Tide Products and Services. We will use domestic or international CRAs or other to help us ascertain your eligibility for those Products and Services and to comply with our legal and other obligations.

We will share your personal data with CRAs and in return they will give us data about you which will be processed for the same purposes stated in this Privacy Policy. This data will include, among other, information about settled accounts or any debts not fully repaid on time.

The identities of the CRAs, and the ways in which they use and share personal data are explained in more detail at TransUnionEquifax and Experian.

Debt collection agencies

We may share your data with providers of commercial debt-collection services if we have to seek repayment of debts owed to us.

X

Financial crime prevention agencies and service providers

We share and collect data with financial crime prevention agencies and service providers like

 

CIFAS

 

to prevent fraud and money-laundering and to verify your identity. These verifications for purposes of fraud prevention can result in refusal of Tide Products and Services.

Support tools and operational partners

These include analytics, search engine service providers, customer experience support platforms to optimise and improve our Services, as well as subcontractors we may use to supplement our customer support resources. 

X

Hosting and IT service providers

IT vendors, such as cloud storage providers, to securely store your personal data. 

X

Tide card manufacturers and delivery providers

Card manufacturing, personalisation and delivery companies. 

X

Payment processing partners and vendors

Financial services providers, including card issuers like Mastercard, payment processors and banking partners to facilitate payment transactions and to provide associated services to you. These third parties may be part of Open Banking, which means they will send information they hold about your account and transactions to us (based on your consent). 

Identity and other information verification providers

We work with third parties such as Jumio to verify the information you provide to us, for example your identity and address.

Partner platforms, providing business services

We work with partners to offer you ‘add-ons’ to the Tide Products and Services such as invoicing, bookkeeping, employee payroll, domain registration and accountancy.

Social networks and other online platforms providers

Social media sites, for the purposes of conducting market research, marketing campaigns, targeted and retargeted marketing and understanding the success of our marketing activities. 

These social media sites will check if you hold an account with them and, based on the characteristics they have about you, display targeted advertising to you.

Public data sources

Companies House, LinkedIn and other public data sources. 

X

Marketing, business development and sales partners

Third parties that help us generate sales and marketing leads, or to create and deliver our marketing activities. 

Data services third parties

Data analytics and insight firms that help us, for example to continuously test the quality of our data, to improve the effectiveness of our crime prevention controls, to generate synthetic data, etc.

X

Government, law-enforcement and court authorities

Government, law enforcement agencies, public authorities, courts and regulatory bodies when Tide has to comply with its legal obligations.

 

Our key partners as Data Controllers  

In addition to the above ways in which we process and share your personal data, Tide also shares this data with companies who are integral in allowing us to offer the Tide Products and Services to Members. 

The companies listed below become Data Controllers in relation to your personal data shared with them. This means that if you would like to exercise any of the rights afforded to you by the personal data protection laws applicable to your case, these companies must be contacted separately from Tide. The following ways describe how and why we share your data with them: 

ClearBank

ClearBank Limited (“ClearBank”) provides the bank account under the Tide Platform Terms of Use and the Bank Account Terms. Generally speaking, ClearBank holds and processes your personal data for the same reasons and in similar ways to Tide.

Who is ClearBank and why do they handle my data?

ClearBank is a Data Controller in relation to your bank account and all necessary activities relating to the operation of the bank account: allowing you to establish, access and operate your bank account. ClearBank does not use your personal data for marketing purposes and will not share your personal data with third parties for marketing purposes.

What personal data does ClearBank process?

ClearBank processes your personal data in accordance with its Privacy Notice. Please read that Privacy Notice to understand how and why ClearBank processes your personal data and the details of any third-party who has access to that data.

How do I contact ClearBank?

You can contact ClearBank’s Data Protection Officer at dataprotectionofficer@clear.bank, by telephoning 0203 1112328, or by writing to:

The Data Protection Officer

ClearBank 13 Dirty Lane, Borough Yards, London, SE1 9PA

Prepay Technologies Limited

Prepay Technologies Limited (PPT) provides the prepaid Mastercard under the Tide Platform Terms of Use and the Tide Card Terms and Conditions.

Who is PPT and why do they handle my data?

PPT is a Data Controller in relation to your card and all necessary activities relating to the operation of the card: allowing you to receive, activate and use your Card. The processing of your personal data is necessary for the performance of your contract for the issue and operation of cards and is necessary for compliance with legal and regulatory obligations applicable to PPT. EPPT does not use your personal data for marketing purposes and will not share your personal data with third parties for marketing purposes.

What personal data does PPT process?

  • Personal details: full name and date of birth.

  • Contact details: where you live and how to contact you, including phone numbers and email addresses.

  • Transactional and card data: details about your Card, use of your Card and payments to and from your accounts.

  • Documentary data: details about you that are stored in documents and in various formats, or copies of them. This could include things like (without limitation) your passport, driver’s license or birth certification collected to fulfil customer due diligence requirements. 

Personal data will only be collected directly and voluntarily from you as part of the application process or as a result of transactions relating to your Card(s). Some personal data may be verified by PPT with the use of publicly accessible sources to fulfil customer due diligence.

Sending personal data outside of the UK or EEA

PPT will only send your personal data outside of the UK or EEA if:

  • You have instructed PPT to do that; or

  • There is a legal or regulatory duty imposed upon PPT to make such a transfer. In such cases, PPT will ensure that the parties who process that particular personal data do so in accordance with the applicable laws on the protection of personal data and privacy.

In relation to personal data processed by Mastercard as a service provider to PPT certain processors are located outside of the UK and the EEA. Personal data processed by Mastercard is subject to Mastercard Binding Corporate Rules (BCRs) which you have enforcement rights under as a third-party beneficiary.

Does PPT send my personal data to any third parties?

PPT is committed to ensuring that your data is secure with us and with third parties who act on our behalf. These third parties include MasterCard, card manufacturers, suppliers of identity validation services, IVR and call recording (telephone) suppliers and to Tide. PPT uses certain tools to make sure that your data remains confidential and accurate and is only processed in accordance with applicable laws.

How long does PPT hold my personal data?

PPT only holds your personal data in accordance with its established policies and usually no longer than 7 years after the termination of your contract. The retention period may be longer for legal or regulatory reasons, but all personal data will be destroyed as soon as practicable in all other cases.

How do I contact PPT?

You can contact PPT’ DPO at dpo@prepaysolutions.com or by writing to:

PPT DPO

PO Box 3883

Swindon

SN3 9EA.

Sharing anonymised data 

In addition to the data sharing listed above, we will share some data to other companies outside the Tide Group, but only when it is converted so that no person’s identity can be known or found out and is no longer considered personal data under the law (anonymised data).

Third-party links and third-party providers of products and services available via the Tide Platform 

Occasionally, at our reasonable discretion, we will include or offer products or services to you from our business partners (third parties). These are independent service providers whose services are made available to you or promoted via the Tide Platform (for example invoicing, accounting, payment processing, direct debit, domain registration, insurance and credit loan providers). 

As a Tide member, you can opt to make use of these services, such that your data will be shared by Tide with the third-party providers to facilitate your use of the products or services, or you will be referred directly to the third-party provider. The personal data we will share and collect in those cases will include, depending on the service involved, and by way of example, the name and contact details of your business, your turnover, employees’ data and payroll data, invoicing data, your customer data and any other data that the provider may require to deliver the product or service requested by you. 

Business partners will act as Data Processors to Tide or as Data Controllers. When business partners act as Data Processors to Tide, they will process your personal data solely to deliver the Tide Products and Services that you have requested and as described in this Privacy Policy. When business partners act as separate Data Controllers – they will have their own and independent privacy policies that apply when you use their products and services or visit their website. We (and any other Tide Group Entity; or any of our Tide company directors, officers, agents, contractors, sub-contractors or workers) have no responsibility or liability (however so caused) for the content, activities, data processing and services relating to those service providers who act as data controllers or their linked websites. You can contact those third-party business partners for more data on how they will use your data.

How long we keep your personal data 

We will keep your personal data for as long as you use the Tide Products and Services.

We will keep your personal data for a limited period after you stop using the Tide Products and Services. Some of the reasons why we will do this are:

  • To respond to a question or complaint, or to show whether we gave you fair treatment

  • To establish, exercise or defend our legal claims

  • To study customer data as part of our own research when this will not cause harm to your privacy and personal data protection rights 

  • To comply with legal rules that apply to us about keeping customer records or information in which case we will retain your data for a minimum of six years after your account has been terminated or longer depending on the laws applicable to us from time to time. 

We will also keep your data if certain laws that Tide is subject to stipulate that we cannot delete it for legal, regulatory or technical reasons. To receive more information about how long we will keep your data for, you can reach out to hello@tide.co.

Transfer of your data out of the United Kingdom or the European Economic Area 

The personal data that we hold will be stored by Tide in the UK or the European Economic Area (EEA), but will also be transferred to, and stored at, a destination outside the UK or EEA, with and by third parties, when this is necessary for us to provide or run the Tide Products and Services. If we do transfer your personal data outside the UK or EEA, we will make sure that it is protected to the same extent as in the UK and EEA. We’ll use one of these legal safeguards:

  • Transfer it to a non-UK or non-EEA country with privacy laws that give the same protection as those under the UK or the EEA (has “adequacy” status according to applicable data protection laws).

  • Put in place a contract with the recipient that means they must protect the data to the same standards as in the UK and EEA.

  • Use the standard contractual clauses approved by the EU or UK authorities under EU and UK data protection laws. 

When we rely on contractual instruments to transfer your personal data to countries which do not have “adequacy” status, we will also make sure to supplement those transfer instruments with sufficient additional safeguards to comply with UK/EEA personal data rules and ensure your data continues to enjoy the same level of protection as if still in the UK.

Please contact us if you want further data on the specific mechanism used by us when transferring your personal data out of the UK or the EEA.

Cookies and other tracking technologies 

We will use cookies and other tracking technologies to distinguish you from other users of our Products or Services when you visit Our Website or use Our App. This helps us provide you with a good user experience, allows us to continuously improve the Tide Products and Services, helps us keep Our Website and Our App safe and also enables us to present you with advertising content that is relevant to you. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device when you visit Our Website or use Our App. Cookies send data back to the originating website or app on each subsequent visit, or to another website which recognises that cookie. Cookies also make it easier for you to log in and use the Tide Platform. 

For more detailed information on what specific cookies we use, please read our Cookie Policy.

You can block or disable cookies by activating the setting on your website browser that allows you to refuse the setting of all or some cookies or through the banner on Our Website and in the “Cookie Settings” page available in the footer of Our Website. All browsers provide tools that allow you to control how you handle cookies: accept, reject or delete them. These settings are normally accessed via the ‘settings’, ‘preferences’ or ‘options’ menu of the browser you are using, but you could also look for a ‘help’ function or contact the browser provider. However, if you set your browser settings to block or disable all cookies (including essential cookies) you may not be able to access all or parts of the Tide Platform for which we require the use of cookies. 

Your rights 

Under the DPA 2018 and the UK GDPR, you are entitled to the following rights:

  • Question any data about you that you think is incorrect and have us take reasonable steps to correct it for you

  • To be told about how we process your data

  • Require the erasure of personal data concerning you in certain situations

  • Access personal data and copies (free of charge, where reasonable for us to do so at the time) concerning you collected by us in the course of our relationship with you

  • Object at any time to processing of personal data concerning you for e.g.

     direct marketing

  • Object to decisions being taken by automated means which produce legal effects concerning you or which similarly may significantly affect you

  • Object in certain other situations to our continued processing of your personal data

  • Otherwise, restrict our processing of your personal data in certain circumstances

  • The right to move, copy or transfer your personal data to another service provider (where reasonable and proportionate for us to do so e.g. by using the Current Account Switch Service of Pay.uk).

For further data on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual rights under the GDPR.

Please note that your specific rights may vary depending on the country you are established in.

If you would like to exercise your rights, please contact us at hello@tide.co, through the chat functionality of Our App or at:

Tide Platform Ltd

4th Floor, The Featherstone Building

66 City Road, London

EC1Y 2AL

United Kingdom

How to contact us and how to complain 

We hope that our Data Protection Officer (DPO) can resolve any query or concern you raise about our use of your data. You can write to our DPO at dpo@tide.co or at Tide Platform Ltd, 4th Floor, The Featherstone Building, 66 City Road, London,EC1Y 2AL, United Kingdom

You also have the right to complain to the regulator. The supervisory authority in the UK is the Information Commissioner’s Office (ICO). You can find out how to report a concern on their website – https://ico.org.uk/.

How to withdraw your consent or opt-out of processing 

You can withdraw your consent to our processing of your data at any time. Please contact us if you want to do so at hello@tide.co.

This will only affect the way we use data when our basis for processing your data is your consent. See the section ‘Your Rights’ and more specifically your right to restrict use of your data.

You may also opt out of some forms of data processing we are conducting, such as: 

  • Marketing, including email, phone and SMS marketing.

  • Social media and targeted marketing, including retargeting and curated audiences. 

  • Non-essential cookie collection on Our Website. You may be unable to opt out of ‘necessary’ cookies as discussed above. 

  • Non-essential profiling and automated decision-making, including those activities undertaken for marketing purposes. 

If you withdraw your consent and/or opt-out, we may not be able to provide certain Tide Products or Services to you. If this is so, we will tell you. You then have the option to give us your consent again if you want to access the Tide Products and Services.

Security 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, changed, shared or accessed in a way it shouldn’t be. We will employ adequate technical and organisational security measures to protect your personal data. Some of these measures include: 

  • The pseudonymisation and encryption of personal data, where possible.

  • Ensuring the ongoing confidentiality, integrity, availability and resilience of processing systems we use to Process your personal data via implementation of role-based access controls, confidentiality undertakings of our staff, regular data back-ups etc.

  • Tools allowing us to restore the availability and access to your personal data quickly in the event of or technical incident. 

  • Using secure and verified channels for communication with you, such as the app functionality of Our App. 

  • A process for regularly testing, assessing and evaluating the effectiveness of our technical and organisational security measures.

We will also limit access to your personal data to employees, agents, contractors and other third parties who have a strict need to see it to perform their business functions. They will only process your personal data on a ‘need-to-know’ basis, pursuant to our instructions and they will keep your personal data strictly confidential. 

We have put in place procedures to deal with any suspected personal data breaches and will let you and any applicable regulator know of a breach when we have to by law.

Keeping your data accurate 

We will use reasonable efforts to ensure that your personal data is accurate, complete and up to date. Please make sure to notify us without undue delay if there any changes in the personal data that you have provided to us by updating your details on the Tide Platform or by contacting us at the details provided in this Privacy Policy.

Updates to this Privacy Policy 

We may update this Privacy Policy from time to time to ensure that it remains accurate. Please check back from time to time for updates.

This Privacy Policy was last updated on 14 December 2023.