Tidio LLC (with its registered office in 180 Steuart St. CA 94119, San Francisco), and Tidio Poland Sp. z o.o. with its registered office in [Wojska Polskiego 81, 70-481 Szczecin, Poland]
(referred to “Tidio”,”us”, “we”, or “our”). Each of the Tidio companies participates in different areas of processing of personal data and perform a different function in the data processing activities. More information can be found in Who we are section.
Tidio is committed to protecting your privacy.
- who we are,
- personal data we collect about you, how it is used and why, including the legal basis for our processing,
- marketing communications and automated decision-making (including profiling),
- who we share your personal data with,
- how long we keep your personal data for,
- our policy on children’s personal data,
- your rights,
- how you can contact us.
You have the right to object to certain types of processing, including processing for direct marketing (which we do only with your consent). For more information, please see the section “Your rights”.
Who we are
Founded in 2013, Tidio is a communication platform that allows businesses to communicate with their customers. Hundreds of thousands of merchants around the world use our service to improve their sales and customer satisfaction rates. Our platform includes features such as live chat, bots, integration with Messenger and email. Every tool for communicating with your clients is in one place, accessible through our dashboard and mobile app.
Tidio LLC (with its registered office in 180 Steuart St. CA 94119, San Francisco, USA):
- the controller of personal data collected via the tidio.com (including using cookie or similar technology),
- the controller of your personal data collected as a Tidio user (in connection with the purchase of Services, payments and billings – as a party of the contract for Services).
Tidio Poland (Tidio Poland Sp. z o.o., National Court Register number 0000725583, Tax Identification Number 5842770474 with its registered office at Wojska Polskiego 81, 70-481, Szczecin, POLAND):
- a processor of personal data processed as part of the Services (data entered into Tidio systems by Tidio users),
- controller of your personal data – to the extent that it is a party to the DPA agreement with Tidio user.
You can also contact our Data Protection Officer: Hubert Jackowski, mail: [email protected]
Representative of Tidio LLC within EEA is: Tidio Poland (Tidio Poland Sp. z o.o., National Court Register number 0000725583, Tax Identification Number 5842770474 with its registered office at Wojska Polskiego 81, 70-481, Szczecin, POLAND
Information You Provide
- Your Account Information. You may add information to your account, such as a profile name, profile picture and billing data indicated in Terms and Conditions.
- Your Messages. To improve performance, perform content analysis and deliver media messages more efficiently, we retain that content on our servers for a longer period of time. We reserve the right to contain the message history and your data. You can alter them at any time.
- Customer Support. You may provide us with information related to your use of our Services, including copies of your messages, and how to contact you so we can provide you customer support. For example, you may send us an email with information relating to our app performance or other issues
Automatically Collected Information
- Usage and Log Information. We collect service-related, diagnostic, and performance information. This includes information about your activity (such as how you use our Services, how you interact with others using our Services, and the like), log files, and diagnostic, crash, website, and performance logs and reports.
- Transactional Information. If you pay for our Services, we may receive information and confirmations, such as payment receipts, including from app stores or other third parties processing your payment.
- Device and Connection Information. We collect device-specific information when you install, access, or use our Services. This includes information such as hardware model, operating system information, browser information, IP address, mobile network information and device identifiers. Please be aware Tidio may have access to your geo-location data and process IP address of all devices you use our software on.
- Status Information. We collect information about your online and status message changes on our Services, such as whether you are online (your “online status”).
- Third-Party Providers. We work with third-party providers to help us operate, provide, improve, understand, customize, support, and market our Services. For example, we work with companies to distribute our apps, provide our infrastructure, delivery, and other systems, supply map and places information, process payments, help us understand how people use our Services, and market our Services. These providers may provide us information about you in certain circumstances; for example, app stores may provide us reports to help us diagnose and fix service issues.
- Third-Party Services. We allow you to use our Services in connection with third-party services. If you use our Services with such third-party services, we may receive information about you from them through a mobile carrier’s or device provider’s promotion of our Services. Please note that when you use third-party services, their own terms and privacy policies will govern your use of those services.
- Payment Data. Credit/debit card data and PayPal account data provided by the user are processed by professional companies that conduct non-cash transactions and only to the extent necessary to effect the payments. Tidio shall not store nor disclose any financial information provided by users to 3rd party entities. PayPal shall store your customer’s credit card account information during the entire period of your account subscription. Cardholder data is protected and encrypted during transit by PayPal.
- Sales Data. We collect information (including personal information) relating to you, including but not limited to business, financial and product information, and any information relating to your customer, including, but not limited to, order information, payment information, and account information. Please note that we (i) will only use such information for purpose of providing you our Services, (ii) will not communicate with your customers directly or indirectly, provided however that Tidio may contact your customers if the information is obtained from another source, such as from the customers themselves, (iii) will only store such information for as long as reasonably necessary to provide the Services to you to whom your data relates, (iv) will use industry-standard measures to protect against unauthorized access to, disclosure or use of such information.
We use all the information we have to help us operate, provide, improve, understand, customize, support, and market our Services.
- Safety and Security. We verify accounts and activity, and promote safety and security on and off our Services, such as by investigating suspicious activity or violations of our Terms and Conditions, and to ensure our Services are being used legally.
- Marketing. Personal Data are processed for marketing purposes, for example presenting advertisement / discounts intended for all recipients.
- Agreements for Services. Personal Data are processed in order to conclude and implement the agreement for Services or to take action at the request of the future user before its conclusion.
- Claims and legal obligations. Personal Data may be processed for the purpose of pursuing claims and defense against claims, including third parties, as well as to fulfill legal obligations resulting from regulations, e.g. tax and accounting regulations.
Information You And We Share
You share your information as you use and communicate through our Services, and we share your information to help us operate, provide, improve, understand, customize, support, and market our Services.
- Account Information. Your profile name and photo, online status and status message, last seen status, and receipts may be available only for our employees, although you can configure your Services settings to manage certain information available to other users.
- Third-Party Providers. We work with third-party providers to help us operate, provide, improve, understand, customize, support, and market our Services. When we share information with third-party providers, we require them to use your information in accordance with our instructions and terms or with express permission from you.
- Third-Party Services. When you use third-party services that are integrated with our Services, they may receive information about what you share with them. For example, if you use a data backup service integrated with our Services (such as iCloud or Google Drive), they will receive information about what you share with them. If you interact with a third-party service linked through our Services, you may be providing information directly to such third party. Please note that when you use third-party services, their own terms and privacy policies will govern your use of those services.
Marketing communications and automated decision-making (including profiling)
In order to provide you with all of the benefits of the our Service, we ask for your permission to send you information about the latest news, special events, offers, promotions and other benefits. We also ask for your permission to send you our newsletter. We will use your email address to contact you with this information.
You can choose to withdraw your permission at any time by clicking on the opt out link in newsletter marketing emails from us.
If you don’t agree with an automated decision that our technology has made in relation to you, you can contact us and we will look into it for you (see the section “Contact us”).
Who we share your personal data with
For the purposes set out in the section “Information Collection” , we sometimes provide your personal data to other companies and certain services providers who perform certain business operation on our behalf.
These companies and service providers may participate in the processing of Personal Data to a limited extent, in particular those who support Tidio in the process of concluding and accounting contracts, providing services, contact with customers and marketing activities, for example entities providing IT and hosting services, ICT services, as well as providers of legal and advisory services.
In addition, we may share your personal data with other organisations, institutions or authorities in the following circumstances:
- if we are required by applicable law or a public authority to share information about you,
- if we need to share information about you in order to establish, exercise, defend or protect the right, property or safety of our business, our customers or others (this includes, in specific cases, exchanging information with other organisations for the purposes of fraud protection; and
- To successors in title or replacement operators of all or part of our respective businesses.
Assignment, Change Of Control And Transfer
A cookie is a small text file that a website you visit asks your browser to store on your computer or mobile device.
- to provide Tidio for web and desktop and other Services that are web-based, improve your experiences, understand how our Services are being used, and customize our Services;
- to understand which of our FAQs are most popular and to show you relevant content related to our Services;
- to remember your choices, such as your language preferences, and otherwise to customize our Services for you; and
- understand mobile versus desktop users of our web-based Services, or understand popularity and effectiveness of certain of our web pages,
- to assess and analyze users activity and information;
- to present advertisements, offers, or promotions (discounts), regarding the products or services of Tidio.
How to control cookies
You can follow the instructions provided by your browser or device (usually located under „Settings“ or „Preferences“) to modify your cookie settings. Please note that if you set your browser or device to disable cookies, certain of our Services may not function properly.
How long we keep your personal data for
We retain your personal data for no longer than is necessary for the purposes for which the information is collected (see the section „Personal data we collect about you, how it is used and why, including the legal basis for our processing“ for details of the relevant purposes). When determining the relevant retention periods, we will take into account factors including:
- legal obligation(s) under the applicable law to retain data for a certain period of time, for example, accounting obligations;
- statute of limitations under applicable law,
- (potential) disputes; and
- Guidelines issued by relevant national data protection regulators.
Otherwise, we securely erase your information once this is no longer needed for the purposes for which the information is collected.
We may employ third party companies and individuals to facilitate our Services, to provide the Services on our behalf, to perform Services-related services or to assist us in analyzing how our Services is used.
These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Law And Protection
Our Global Operations
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant EU and United States law, especially GDPR.
Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the information, including Personal Information, to United States and process it there.
In the event that a dispute with Tidio LLC arises with regards to the international transfer of data, you agree that the courts of California shall have exclusive jurisdiction over the matter. In the event of a dispute with Tidio Poland arises with regards to the international transfer of data, courts of Szczecin, Poland have exclusive jurisdiction over the matter.
Transfer outside EEA
Tidio LLC, a company based in the USA, is a party of the contract with you as a Tidio user and the controller of your data in this regard. Therefore, your personal data is processed outside the EEA. The basis for this processing are standard contractual clauses (SCC) which are included in our Terms and Conditions. Data processing in the USA is also necessary for the performance of the contract concluded with Tidio LLC.
As a Tidio user you are also part of the agreement of entrusting the processing of personal data (DPA) concluded with Tidio Poland. DPA is necessary for the provision of the Services in connection with the fact that the Services have been developed and are currently maintained by the polish company Tidio Poland. That is why Tidio Poland is a processor of personal data processed as part of the Services, entered into Tidio systems by Tidio users (end-users data – individuals who interact with the Tidio user by way of the Tidio communication platform). Moreover, Tidio Poland, to the extent that it is a party to the DPA agreement, is also the controller of your personal data (as a party to the contract). When personal data is processed by Tidio Poland, personal data is processed primarily in the EEA.
In some cases, in particular when Tidio uses the services of third parties / partners, who support Tidio in its business activities, the personal data may also be accessed or processed outside the EEA. When personal data we collect is processed outside the EEA we have obligations to ensure that personal data is only processed outside the EEA where the European Commission has decided that the territory in question ensures an adequate level of protection (known as a ‘whitelisted’ territory) or, in the absence of a decision by the European Commission, there are appropriate safeguards in place to protect your personal data. For example, if your personal data is accessed or processed from a territory outside the EEA which is not whitelisted, the appropriate safeguards may be provided by standard data protection clauses adopted by the European Commission (known as ‘standard contractual clauses).
Please ask us if you would like more information about the safeguards that are used to protect your personal data when it is processed outside the EEA or to obtain its copies (see the section “Contact us”).
Links To Other Sites
Our Service may contain links to other websites operated by unrelated companies and persons (“Third Party Website”). These links are provided for your information only. The inclusion on the Service of any link to a Third Party Website does not mean that we accept any responsibility for that Third Party Website, its content or use, or the use of any features, products and/or services made available through that Third Party Website.
We have no control over Third Party Websites or any information or materials contained on them and have not investigated, monitored or checked any Third Party Websites for accuracy, completeness or conformance with applicable laws and regulations. We are not responsible for any damages or caused as a result of your use of, or reliance on, Third Party Websites or any information or materials contained on them. You acces and use Third Party Websites at your own risk.
Our Service does not address anyone under the age of 13 (“Children”).
We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us at [email protected] If we become aware that we have collected Personal Information from children under age 13 without verification of parental consent, we take steps to remove that information from our servers.
By law, you have the following right with regard to your personal data. Further information and advice about your rights can be obtained from your national data protection regulator. If you wish to exercise any of your rights in relation to your personal data, please contact us at [email protected] .
|Rights||What does it mean?|
|Right to rectification||You are entitled to have your personal data corrected if it’s inaccurate or incomplete.|
|Right to erasure||This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.|
|Right to restrict processing||You have rights to ‘block’ or suppress further use of your personal data. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.|
|Right to data portability||You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your personal data between our IT systems and theirs safely and securely, without affecting its usability.|
|Right to object to processing||You have the right to object to certain types of processing, including processing for direct marketing (which we do only with your consent).|
|Right to withdraw consent||If you have given your consent for direct marketing, you have the right to withdraw your consent at any time. The withdrawal does not affect the lawfulness of previous processing, but from the time you withdraw your consent we will not process any further personal data. As noted above, if you withdraw consent then we may not be able to provide you with all the benefits of the Tidio.|
|Right to lodge a complaint||You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.|
We are required by law to act on requests and provide information free of charge, except where your requests are manifestly unfounded or excessive (in particular because of their repetitive nature) in which case we may charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking the action requested) or refuse to act on the requested.
Please consider your request responsibly before submitting it. We will respond to your request as soon as we can. Generally, this will be within one month from when we receive your request but if the request is going to take longer to deal with, we will let you know.
To find out how to submit a request, please see the section “Contact us”.
Details of your personal data that we collect, how they are used and why, including the legal basis for our processing
|Type of interaction with us||Types of personal data we collect||Purpose of processing (how and why we use your personal data)||Legal basis for processing||Controllers(s) of your personal data|
|Creating an account||To create an account it’s required to provide personal data comprising an email address and password. Additionally, in order to better acquaint you with our service, enhance and fully personalise it according to your needs, we will use your personal data for onboarding.||You provide the personal data willingly, although it is required so that we can provide the service.||Performance of the contract mentioned in article 6, paragraph 1, point b) of GDPR constitutes the basis for processing your personal data. Additionally, it is in our justified interests to provide you with information that allows complete usage of our service’s feature.||You personal data may be transferred between associated holding entities active within the Tidio group. Data processing will be conducted through a marketing automation service.|
|Starting the tour||In order to enhance the experience of users during our “starting tour,” we collect the following personal data: name, website address, appearance, business type, business name, and country.||The data is collected in order to personalise the service according to your needs.||Performance of the contract mentioned in article 6, paragraph 1, point b) of GDPR constitutes the basis for processing your personal data.||You personal data may be transferred between associated holding entities active within the Tidio group.|
|Purchasing the service||A specified extent of our service is free of charge (freemium), but if you’d like to use certain features – payment is required. To finalise the payment process we collect the following essential data:Credit card number,CVC code,Card expiration date.||Performance of the contract, especially the finalisation of the payment procedure. You provide the personal data willingly, although it is required so that we can provide the service.||Performance of the contract mentioned in article 6, paragraph 1, point b) of GDPR constitutes the basis for processing your personal data.||You personal data may be transferred between associated holding entities active within the Tidio group. The personal data will be processed by applications that ensure the finalising of the payment process, such as Stripe, PayPal.|
|Issuing an invoice||If you wish to have an invoice issued, you will be required to provide the following personal data. Please note that we do not always need to issue an invoice; it is voluntary.||The data is collected in order to issue the invoice, they will not be used for any other purpose.||The extent of the personal data present on an invoice stems from applicable laws; the legal obligation mentioned in article 6, paragraph 1, point c) of GDPR constitutes the basis for this data processing.||You personal data may be transferred between associated holding entities active within the Tidio group. The personal data will be processed by applications that ensure the finalisation of issuing an invoice, such as QuickBooks|