🔥
MEET LYRO - OUR NEW AI CHATBOT

Solve up to 70% of customer problems with AI

START WITH 50 FREE AI CONVERSATIONS
🔥

Privacy Policy

Last updated: 11/03/2023 9:00 pm

I. Who we are. How we collect your personal data.

Tidio LLC with registered office at 149 New Montgomery Street (San Francisco, CA 94105 U.S.A.) and Tidio Poland Sp. z o.o. with its registered office in Szczecin, 81 Wojska Polskiego Street (70-481, Szczecin, Poland) are the joint controllers of your personal data processed in connection with use of our Services and other functionalities via this website (together referred to as  “Controller” or “Tidio”, “we,” “us,” or “our”)

Tidio provides a communication platform that allows businesses to communicate with their customers. Hundreds of thousands of merchants around the world use our service to improve their sales and customer satisfaction rates. Our platform includes features such as live chat, bots, integration with Messenger and email. Every tool for communicating with your clients is in one place, accessible through our dashboard and mobile app

We may collect and process your personal data when we interact with you. We process all personal data that you provide on the Website or that we collect about you when you use our Services as Controller in accordance with the GDPR. Personal data includes any information by which we can identify you as a specific person, such as your name, last name, email address or billing information, but also any other information related to you.

We are committed to safeguarding the privacy of your personal data. We will use your personal data in compliance with all applicable laws and regulations relating to data protection and privacy, including:

  1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation” or “GDPR”);
  2. California Consumer Privacy Act (together with related amendments and regulations, the “CCPA”), describe in section “Information and Notice for California Residents”;
  3. Nevada applicable law, describe in section “Nevada Residents”; 

II. Contact us

If you have any questions about this Privacy Policy or you wish to exercise any of your rights in relation to your personal data, please contact us at support@tidio.net.

You can also contact our Data Protection Officer: Hubert Jackowski via e-mail: privacy@tidio.net

III. What are the purposes and grounds for our processing of personal data?

We may process your personal data for the following purposes:

  1. If you have access to and use our Services, according to our Terms & Conditions (https://www.tidio.com/terms/ ), we will process your personal data in order to:
    1. A. perform an agreement for the provision of Services by electronic means, related to the purchase of the Services (GDPR legal basis – Article 6(1) (b) of the GDPR);
    2. legal obligations to which the Controller is subject (GDPR legal basis – Article 6(1)(c) of the GDPR read together with the Accounting Act, in case of issuing and storing invoices and accounting documents);
    3. pursue our legitimate interest in a proper provision of Services (GDPR legal basis -Article 6(1) of the GDPR), such as:
      • taking steps to set up and properly maintain your account;
      • improving, fixing, customizing, personalizing the service according to your needs;
      • ensure data safe and security;
      • pursuing claims and defense against claims, including third parties.
  1. If you have entered into a contract with us via either a contact form  (chat) or e-mail, we will process your personal data in order to:
    1. pursue our legitimate interest in response to your enquiry or contact and resolve the issue presented (GDPR legal basis Article 6(1) (f) of the GDPR) 
    2. take steps to enter into a agreement with you (purchasing the Services), including preparing and presenting an offer to you (which will vary depending on the scope of the matter)  with point (b) of Article 6(1) of the GDPR as the legal basis for processing, also 
  2. If you receive from us information about latest news, special events, offers and other benefits or you subscribe to our newsletter, we will process your personal data on the basis of our legitimate interest (Article 6 (1) (f) of the GDPR). Remember that you can always revoke your consent (unsubscribe from our newsletter). If you wish to unsubscribe to do so, you cans also contact us at the following address support@tidio.net
    If we are required by applicable law provisions, we may also collect consents from you to send you marketing materials.
  1. If you follow our social media profiles we will process your personal data in order to pursue our legitimate interest (Art 6(1) (f) GDPR), such as:
    1. responding to private messages you send us;
    2. conducting conversations via the comments under individual posts;
    3. sharing our posts with you as a follower of our profile;
    4. marketing, consisting of informing you about our services and ourselves through our profile posts;
    5. via statistics, presented to us by social media entities, such as Facebook Ireland Ltd., LinkedIn Ireland Unlimited Company, Twitter Inc., including data about the display of our posts, their reach, number of interactions, the demographics of our followers; the data presented to us by Social media entities are statistics, created on the basis of observations by that company of your behaviour on our profile.
  1. If you apply for a job, we will process your personal data in order to:
    1. carrying out the recruitment process in which you are taking part, with point (GDPR legal basis -Article 6(1)(b) and point (c) of Article 6(1) (c) of the GDPR to the extent of legal obligations to which the Controller is subject),  
    2. processing of other your data you voluntary send us or processing for the purposes of future recruitment if you consented to it, (GDPR legal basis- Article 6(1)(a) of the GDPR);

The provision of your personal data is voluntary, but may be necessary in order to pursue the aforementioned purposes. However, due to the rules applied by Social media, we will see your name (or nickname) or photo if you write to us or comment on our post.

IV. What types of data can we process?

We may collect and process different forms of personal data depending on the functionalities you use: 

  1. If you have access and use our Services, we will process your:
    1. identification data such as your name, email address, 
    2. financial data necessary for the processing of invoices and, also 
    3. other data you may provide while using these Services, in particular data relating to the conclusion and performance of contract with you.
    4. automatically collected information i.e.:
      • usage and log information, this includes information about your activity, log files, and diagnostic, crash, website, and performance logs and reports;
      • transaction information;
      • devices and connection information, this includes information such as hardware model, operating system information, browser information, IP address, mobile network information and device identifiers;
      • status information, i.e. information about your online and status message changes on our Services, such as whether you are online;
      • sales data, relating to you, including but not limited to business, financial and product information, and any information relating to your customer, including, but not limited to, order information, payment information, and account information;
  1. If you wish to contact us, we will process your identification data such as your name, email address  and any other data you may provide using our contact form (chat) or via e-mail contact. 
  2. We will also process your email address if you subscribe to our newsletter or otherwise consent to the marketing of our services
  3. As part of your activity on our social media profiles, we may process your personal data that you post on your profile and other data related to our use of social media functionality.
  4. If you apply for a job, we may process your personal data indicated in the Labour Code or in other specific laws, processed on the basis of legal provisions.

V. Your right to object.

  1. You are entitled to object at any time to the processing of your personal data on the basis of legitimate interest. In such case, we will cease to process your data for these purposes, unless there are legitimate grounds that prevent the cessation of processing or the processing may be necessary for the potential establishment, exercise or defence of legal claims.
  2. You are entitled to object at any time to the processing of your personal data for direct marketing purposes, mentioned in Section III, point (3).

Depending on the purposes and grounds, as described in Section III. above, your personal data will be processed for the time it takes to :

  1. service and process your account in our Services, but no longer than until the account is deleted, except in the case of violation of the Terms by you, resulting in the assertion of claims. In that case, your personal data will be processed for the time necessary to assert claims, but no longer than the period of limitations for claims under generally applicable law. 
  2. provide services (duration of the agreement), but if the processing is necessary to fulfill a legal obligation by Tidio, your personal data will be processed for a period of time resulting from generally applicable laws, in particular tax law and accounting regulations. If the processing is necessary for purposes arising from legitimate interests pursued by the Data Controller or by a third party, your personal data will be processed for no longer than necessary for the purposes for which the data are processed or until you object to the processing of your personal data.
  3. resolve your case. Depending on the type of case, your data could also be processed for the time needed to improve performance and the time needed to establish that we have resolved the case correctly, i.e. for the period of limitations for claims.
  4. provide our marketing activities (newsletter), until you object to the processing of your data for this purpose, or revoke your consent to send messages to your email address. Your revocation of consent does not affect the lawfulness of processing prior to the withdrawal of that consent. You can unsubscribe/ withdraw consent by clicking on the opt out link in newsletter, marketing e-mails from us.
  5. interact with you via our social media profiles if you choose to comment on our posts or follow us. Remember that you can always delete your comments under our posts, stop following us or cancel your social media account.
  6. until the end of the recruitment process, in case of consented to the processing of your data for future recruitment purposes, your data will be processed for a period of 48 months, but no longer than until you withdraw your consent to the processing of your data.

VII. Data recipients.

We could provide your personal data to other companies and certain services providers who perform certain business operation on our behalf. These companies and service providers may participate in the processing of Personal Data to the extent necessary to perform services for Tidio. Depending on your activities as described in Section III, recipients of your data may be:

  1. Service hosting providers;
  2. Website hosting providers;
  3. Subjects involved in storing data for us;
  4. Entities providing ICT services;
  5. Social media providers such as Facebook Ireland Ltd., LinkedIn Ireland Unlimited Company, Twitter Inc.,

Personal data may also be disclosed to other entities that support our operations, i.e. 

  1. servicers of IT systems, 
  2. law firms, auditors;
  3. third-party companies and individuals who facilitate our Services, to provide the Services on our behalf, to perform Services-related services, or to assist us in analyzing how our Services are used, or
  4. entities to which the Data controller is obliged to transfer data under the provisions of law.

VIII. Your rights as a data subject.

By law, you have the following right with regard to your personal data. Further information and advice about your rights can be obtained from your national data protection regulator. If you wish to exercise any of your rights in relation to your personal data, please contact us here.

  • Right to be informed
    You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we’re providing you with the information in this Privacy Policy.
  • Right do access
    You have the right to obtain access to your personal data (if we’re processing it) and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your personal data in accordance with data protection law.
  • Right to rectification
    You are entitled to have your personal data corrected if it’s inaccurate or incomplete.
  • Right to erasure
    This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
  • Right to restrict processing
    You have rights to ‘block’ or suppress further use of your personal data. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.
  • Right to data portability
    You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your personal data between our IT systems and theirs safely and securely, without affecting its usability.
  • Right to object to processing
    You have the right to object to certain types of processing, including processing for direct marketing (which we do only with your consent).
  • Right to withdraw consent
    If you have given your consent for direct marketing, you have the right to withdraw your consent at any time. The withdrawal does not affect the lawfulness of previous processing, but from the time you withdraw your consent we will not process any further personal data. As noted above, if you withdraw consent then we may not be able to provide you with all the benefits of the Tidio platform.
  • Right to lodge a complaint Right to explanation & human intervention
    You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator. You have the right to obtain an explanation of automated decision, to contest it, to express your views and to obtain human intervention in order to make a new decision.

We are required by law to act on requests and provide information free of charge, except where your requests are manifestly unfounded or excessive (in particular because of their repetitive nature) in which case we may charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking the action requested) or refuse to act on the requested.

Please consider your request responsibly before submitting it. We will respond to your request as soon as we can. Generally, this will be within one month from when we receive your request but if the request is going to take longer to deal with, we will let you know.To find out how to submit a request, please see the Contact Us section.

IX. Information on data transfers outside of the EEA.

We mainly process the data you submit within the EEA and the servers located there. Note, however, that TIDIO LLC, as the entity entering into the Agreement with you, is a U.S.-based entity, and therefore some of your data may be transferred from the EEA and/or the United Kingdom and processed in the United States.

Information for individuals in the EEA and UK
Because we operate globally, Tidio may transfer your Personal Information from the EEA or the UK to the United States and other countries. This may include Personal Information that we receive from individuals residing in the EEA or the UK who visit our Websites, use our Services, or otherwise interact with us. When we transfer Personal Information, we rely on the Adequacy Decisions of the European Commission (“EC”), based on Article 45 of Regulation (EU) 2016/679 (GDPR) and UK Secretary of State,
based on Article 45 of the UK GDPR and Section 17A of the Data Protection Act 2018 or the EC’s Standard Contractual Clauses (“SCCs”) and the UK Information Commissioner’s Office’s International Data Transfer Addendum (“IDTA”), as applicable, supplemented by additional security measures as recommended by the European Data Protection Board.  The EC’s and the UK’s Information Commissioner’s Office (“ICO”) have determined that the SCCs and IDTA may provide sufficient safeguards to protect personal data transferred outside the EEA and the UK. Where we transfer data, we perform transfer impact assessments (“TIAs”) and continually monitor the circumstances surrounding such transfers to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the EEA and UK data protection laws.  

Additional information for individuals from the EEA and Switzerland: EU-US Data Privacy Framework 
In addition to utilizing SCCs, as part of our commitment to maintaining high data protection standards when transferring Personal Information between EEA/Switzerland and the United States, we participate in the EU-US Data Privacy Framework (“EU-US DPF”) and the Swiss-US Data Privacy Framework (“Swiss-US DPF”).  Tidio complies with the EU-US DPF and the Swiss-US DPF as set forth by the US Department of Commerce. We have certified to the US Department of Commerce that it adheres to the EU-US DPF Principles (“EU-US DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-US DPF. We have certified to the US Department of Commerce that we adhere to the Swiss-US DPF Principles (“Swiss-US DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-US DPF.  If there is any conflict between the terms in this Privacy Policy and the EU-US DPF Principles and/or the
Swiss-US DPF Principles the Principles shall govern.  Use hyperlinks to learn more about the Data Privacy Framework (“DPF”) program and to view our certification.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Tidio is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. Pursuant to the Data Privacy Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to privacy@tidio.net. If requested to remove data, we will respond within a reasonable timeframe. We will provide an individual opt-out choice or opt-in for sensitive data before we share your data with third parties other than our agents or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to
limit the use and disclosure of your personal information, please submit a written
request to privacy@tidio.net.  In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement
requirements.  Tidio’s accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Tidio remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Tidio proves that it is not responsible for the event giving rise to the damage. In compliance with the EU-US DPF Principles, we commit to resolve complaints about your privacy and our collection or use of your Personal Information transferred to the United States pursuant to the EU/SWISS DPF Principles.  European Union and Swiss individuals with DPF inquiries or complaints should first contact Tidio: Data Protection Officer, privacy@tidio.net. We will investigate and attempt to resolve any complaints or disputes regarding the processing of Personal Information within 45 days of receiving your privacy complaint.  
 
Tidio has further committed to refer unresolved privacy complaints under the EU/SWISS DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit the BBB National Programs website for more information and to file a complaint. This service is provided free of charge to you.   If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms, see DPF Arbitration Procedures. Tidio is subject to the jurisdiction of the US Federal Trade Commission for the purposes of DPF enforcement.

X. Automated decision, including profiling. 

Except for the cookie-based advertising profiling described below, automated decision-making, including profiling, may take place during your use of our Service, among other things in order to provide you basic rules (“Service onboarding”) and predict your behaviour (i.e., to enable you to take advantage of our benefits and support your use of our Service). The purpose of these activities is for you to be able to use our Service in the best version, plan, and price for you. At the same time, our goal is to support your use of our Service in the most suitable model and form for you.

Your personal data, including data obtained based on your activity and the way you use our Service, will be processed by us in order to evaluate and analyze your activity and information about you. We will analyze and forecast aspects of your behavior and preferences as our client, including in an automated manner, to create your individual profile and present dedicated offers and functionalities (“profiling”).

Certain decisions taken by Tidio at the stage of performance a contract may be based solely on automated processing of personal data, including on set of rules and algorithms used by Tidio for the purpose of providing you our Service with all the benefits and improving the Service. These decisions may produce legal effects concerning you or similarly significantly effect. 

Remember, If you don’t agree with an automated decision that our technology has made in relation to you, you can contact us and we will look into it for you.

You have the right to obtain an explanation of automated decision, to contest it, to express your views, and to obtain human intervention in order to make a new decision.

XI. Security of your personal data.

We are committed to ensuring that your privacy is protected, since the security of your privacy, including your personal data, is a priority to us. We take every precaution to ensure that personal data provided by website users is protected from loss, destruction, disclosure, unauthorised access or misuse. 

The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant EU and United States law.

XII. Cookies.

  1. General information about cookies:

In common with other companies, we use cookies on our website. Cookies are small text files stored on your computer or other device by websites you visit. For general information on cookies, please visit: www.allaboutcookies.org and www.youronlinechoices.eu.  

We use cookies and other technologies to understand, secure, operate, and provide our Services.
We use cookies and other technologies to:

  • provide Tidio for web and desktop and other Services that are web-based, improve your experiences, understand how our Services are being used, and customize our Services;
  • understand which of our FAQs are most popular and to show you relevant content related to our Services;
  • remember your choices, such as your language preferences, and otherwise to customize our Services for you;
  • understand mobile versus desktop users of our web-based Services, or understand popularity and effectiveness of certain of our web pages,
  • assess and analyze users’ activity and information; and
  • present advertisements, offers, or promotions (discounts) regarding the products or services of Tidio.

Please note that restricting or blocking the use of cookies on our website may affect its functionality or operation and may prevent you from using specific services.

  1. Cookies used by us include:
    1. Necessary cookies – Necessary to use our website’s features and Services. Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. If you block these cookies, we cannot guarantee access to the associated Services, nor guarantee website performance during your visit. 
    2. Preferences cookies – Functional cookies allow our website to remember your choices, such as customizations you make to website pages during your visit.
    3. Statistics cookies – These help us understand how you use our website. For example, they collect information on which pages on our website you select most frequently, which features you use and which sites you have visited previously. We use this information to improve our website and provide a better user experience.
      They also allow us to provide related entities and third parties authorised to post links on our website with feedback about users visiting their websites. This information may be used by such third parties to improve their websites or services. Analytical cookies are also used to support website layout and functionality testing.
    4. Marketing cookies – Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers:
    5. Unclassified cookies – Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
  1. How to delete cookies?

You can configure your web browser to prevent cookies from being stored on your computer, phone or tablet.

You can delete cookies after we have stored them. To do this, you can use: the relevant functions of your browser, programs for this purpose or the relevant tools available within your operating system.

The following links contain information on how to delete cookies in the most popular web browsers:

  1. The effect of changing your browser settings on your use of the Website.

Changing the configuration of your web browser to one that prevents or restricts the storage of cookies may result in restrictions on the functionality of the website. Deleting cookies in the middle of providing a service may lead to similar consequences. This means that some of our services will not be available without cookies, for example, you will not be able to use the contact form.

XIII. Information and Notice for California Residents

Information and Notice for California Residents

This section (the “California Notice”) covers our Collection, use, disclosure, and Sale of California consumers’ “Personal Information” (“PI”) as such are defined by the California Consumer Privacy Act and California Privacy Rights Act (together with related amendments and regulations, collectively, the “CCPA”). This California Notice also explains the rights California Consumers have under the CCPA, as well as other notices to Californians required by other laws. The description of our data practices in the Information Collection and Personal Data Details sections of this Privacy Policy covers the prior calendar year and will be updated annually. Our current practices may change and will be updated in this Privacy Policy. If our practices materially change, we will provide appropriate pre-collection notices, which may include reference to this Privacy Policy or other applicable privacy policies and notices. We recommend you regularly review this Notice. 

Do Not Track

Please also note that, in addition to the information in the sections above, when you use our Application, we and third parties may use tracking technologies to collect usage information based on your device for a variety of purposes, including serving you advertising, based on your having visited our services or your activities across time and third-party locations. Some browsers may enable you to turn on or off a so-called “Do Not Track” signal. Because there is no industry consensus on what these signals should mean and how they should operate, we do not look for or respond to “Do Not Track” signals.

Sensitive Data

Tidio does not collect or process sensitive personal data (SPI). We ask that the users of our services not share this data with us. 

Use of your Personal Data

Subject to restrictions and obligations of the CCPA, our service providers may also use your PI for some or all of the business purposes identified in this Privacy Policy as well as those disclosures noted in the Information Collection and Information Use sectionsof this Privacy Policy. Our service providers may themselves engage services providers or subcontractors to enable them to perform services for us. That subcontracting is, for purposes of clarity, an additional business purpose for which we are providing you notice.

We may additionally collect and use your PI for commercial purposes, such as for interest-based advertising, provided you have not opted-out. 

Please note that we process your personal data to:

  • provide services to you, including user support;
  • manage requests and complaints received from users;
  • maintain and improve our Application, including debugging;
  • promote our Application Services to our users and others;
  • ensure the quality of our Application and related products and Application Services, including developing new products and services;
  • comply with applicable laws and regulations, including obligations to comply with governmental requests, court orders, regulatory guidelines, and similar compliance obligations; or
  • make or defend legal claims.

CCPA Do Not Sell or Share

  • In the previous calendar year, we did not “sell” PI, and we will not sell your PI collected by us during a period in which we did not offer you the opportunity to opt out of the sale, unless we first obtain your affirmative consent to do so.
  • We may share your data with our third-party analytics providers. If you wish us not to share your PI, please follow the link on our webpage titled: ““DO NOT SELL OR SHARE MY PERSONAL INFORMATION.” 
  • We may disclose your PI for the following purposes, which are not sales: (i) if you direct us to share PI; (ii) to comply with your requests under the CCPA; (iii) disclosures among the Tidio companies; (iv) as part of a merger or asset sale; and (v) as otherwise required or permitted by applicable laws.


Consistent with the CCPA and our interest in the security of your PI, in response to a CCPA rights request from you, even if we are in possession of the following, we will not deliver to you a Social Security number; driver’s license number or other government-issued ID numbers; financial account number; any health or medical identification number; genetic data; race or ethnic data; sex act or sexual orientation data; an account password; security questions or answers in response to your security questions; your precise geolocation;  or unique biometric data generated from measurements or technical analysis of human characteristics. However, you may be able to access some of this information yourself through your account if available and if you have an active account with us.

In addition, we do not share your mail, email, or text message content except as set forth in this privacy policy. 

Automated Decision Making

Tidio does not use your data in conducting automated decision making within the scope of the CCPA. In the event that we do, you may opt-out by contacting us through one of the contact channels set forth in this Privacy Policy. 

CCPA Right-to-Know  and Access Categories Request – You have the right to send us a request, no more than twice in a twelve (12)-month period, for any of the following for the period that is twelve (12) months prior to the request date:

  • The categories of PI we have collected about you.
  • The categories of sources from which we collected your PI.
  • The business or commercial purposes for our collecting your PI.
  • The categories of third parties to whom we have disclosed your PI.
  • A list of the categories of PI disclosed for a business purpose in the prior twelve (12) months and, for each, the categories of recipients, or that no disclosure occurred.
  • A list of the categories of PI sold about you in the prior twelve (12) months and, for each, the categories of recipients, or that no sale occurred.


CCPA Specific Pieces of PI Request – You have the right to make or obtain a transportable copy, no more than twice in a twelve (12)-month period, of your PI that we have collected in the period that is twelve (12) months prior to the request date and are maintaining.

CCPA Correction Request – You may request that we correct the PI that we have collected directly from you and are maintaining by sending us a CCPA Request for correction through the channels set forth below. 

CCPA Deletion Request – You may request that we delete the PI that we have collected directly from you and are maintaining and to direct those parties with whom we have shared your data to do the same. However, we may have a basis for the retention of your PI under the CCPA. Our retention rights include (i) to complete transactions and services you have requested or that are reasonably anticipated; (ii) for security purposes; and (iii) for legitimate internal business purposes, including to maintain business records, to comply with law, to exercise or defend legal claims, and to cooperate with law enforcement. Note also that we are not required to delete your PI that we did not collect directly from you.

Making CCPA Requests

  • To make a CCPA request, you or an Authorized Agent (as indicated below) may email us here, or write us at Tidio LLC, 149 New Montgomery Street (San Francisco, CA 94105 U.S.A.) (Attn: CCPA Request).
  • Authorized Agent Request – As permitted by the CCPA, any request submitted to us is subject to an identification and verification process, and confirmation of the agent’s authority, which may include attestation under penalty of perjury. Absent a power of attorney, we will also require the consumer to verify his or her own identity. We may verify identity based on matching information you provided with data we have maintained on you in our systems. This data could include email address, mailing address, or phone number.


Third-Party Marketing and Other California Privacy Rights

  • We provide California residents with the option to opt in to sharing of “personal information,” as defined by California’s “Shine the Light” law, with third parties, other than our affiliates, for such third parties’ own direct marketing purposes. California residents may prospectively withdraw that consent, and/or request information about our compliance with the Shine the Light law, and obtain a disclosure of third parties we have shared information with in accordance with the law for those companies direct marketing purposes and the categories of information shared. To obtain such information, email us here, or write us at 149 New Montgomery St 4th Floor, San Francisco, CA 94105 USA (Attn: California Privacy Rights Request). Requests must include your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through the provided email address or postal address. As these rights and your CCPA rights are not the same and exist under different laws, you must exercise your rights under each law separately.
  • California Minors – As noted above, Tidio is intended for a general audience and not directed to children less than thirteen (13) years of age.

XIV. Nevada Residents

Nevada law allows customers to “opt out” of the sale of certain personal information, called “covered information.” We do not sell covered information as defined in the law, and we have no plans to change that practice. If you want to be notified if we do change that practice, you may email us here and provide your name, Nevada resident address, and email address. We will contact you if there are any changes, and you can complete your opt out at that time. If your contact information changes at any point, contact us in the same manner to update your contact information. We may share your data as explained in this Privacy Policy for different purposes, such as to make your experience and our Application Services better, and those activities are separate from your opt-out request.

XV. Links to Other Sites

We strongly advise you to review the Privacy Policy of every site you visit.

Our Service may contain links to other websites operated by unrelated companies and persons (“Third-Party Website(s)”). These links are provided for your information only. The inclusion on the Service of any link to a Third-Party Website does not mean that we accept any responsibility for that Third-Party Website, its content or use, or the use of any features, products and/or services made available through that Third-Party Website.

We have no control over Third-Party Websites or any information or materials contained on them and have not investigated, monitored, or checked any Third-Party Websites for accuracy, completeness, or conformance with applicable laws and regulations. We are not responsible for any damages or caused as a result of your use of, or reliance on, Third-Party Websites or any information or materials contained on them. You access and use Third-Party Websites at your own risk.

XVI. Children’s Privacy

Our Service does not address anyone under the age of 13 (“Children”).

We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us here. If we become aware that we have collected Personal Information from children under age 13 without verification of parental consent, we take steps to remove that information from our servers.

XVII. Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify of any changes by posting the new Privacy Policy on this page. You can see this from the date of the last update, posted at the beginning of the Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.