Privacy Policy

Tidio LLC with registered office at 149 New Montgomery Street (San Francisco, CA 94105 U.S.A.) and Tidio Poland Sp. z o.o. with its registered office in Szczecin, 81 Wojska Polskiego Street (70-481, Szczecin, Poland) are the joint controllers of your personal data processed in connection with use of our Services and other functionalities via this website (together referred to as "Controller" or "Tidio", "we," "us," or "our").

Tidio provides a communication platform that allows businesses to communicate with their customers. Hundreds of thousands of merchants around the world use our service to improve their sales and customer satisfaction rates. Our platform includes features such as live chat, bots, integration with Messenger and email. Every tool for communicating with your clients is in one place, accessible through our dashboard and mobile app.

We may collect and process your personal data when we interact with you. We process all personal data that you provide on the Website or that we collect about you when you use our Services as Controller in accordance with the GDPR. Personal data includes any information by which we can identify you as a specific person, such as your name, last name, email address or billing information, but also any other information related to you.

We are committed to safeguarding the privacy of your personal data. We will use your personal data in compliance with all applicable laws and regulations relating to data protection and privacy, including:

1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("General Data Protection Regulation" or "GDPR");
2. California Consumer Privacy Act (together with related amendments and regulations, the "CCPA"), described in section "Information and Notice for California Residents";
3. Nevada applicable law, described in section "Nevada Residents".

If you have any questions about this Privacy Policy or you wish to exercise any of your rights in relation to your personal data, please contact us at support@tidio.net.

You can also contact our Data Protection Officer: Hubert Jackowski via e-mail: privacy@tidio.net.

We may process your personal data for the following purposes:

1. If you have access to and use our Services, according to our Terms & Conditions, we will process your personal data in order to:

2. If you have entered into a contract with us via either a contact form (chat) or e-mail, we will process your personal data in order to:

3. If you receive from us information about latest news, special events, offers and other benefits or you subscribe to our newsletter, we will process your personal data on the basis of our legitimate interest (Article 6(1)(f) of the GDPR).

Remember that you can always revoke your consent (unsubscribe from our newsletter). If you wish to unsubscribe to do so, you can also contact us at the following address: support@tidio.net. If we are required by applicable law provisions, we may also collect consents from you to send you marketing materials.

4. If you follow our social media profiles we will process your personal data in order to pursue our legitimate interest (Art 6(1)(f) GDPR), such as:

1. responding to private messages you send us;
2. conducting conversations via the comments under individual posts;
3. sharing our posts with you as a follower of our profile;
4. marketing, consisting of informing you about our services and ourselves through our profile posts;
5. via statistics, presented to us by social media entities, such as Facebook Ireland Ltd., LinkedIn Ireland Unlimited Company, Twitter Inc., including data about the display of our posts, their reach, number of interactions, the demographics of our followers; the data presented to us by social media entities are statistics, created on the basis of observations by that company of your behaviour on our profile.

5. If you apply for a job, we will process your personal data in order to:

1. carrying out the recruitment process in which you are taking part, with point (GDPR legal basis – Article 6(1)(b) and point (c) of Article 6(1)(c) of the GDPR to the extent of legal obligations to which the Controller is subject);
2. processing other data you voluntarily send us or processing for the purposes of future recruitment if you consented to it (GDPR legal basis – Article 6(1)(a) of the GDPR).

The provision of your personal data is voluntary, but may be necessary in order to pursue the aforementioned purposes. However, due to the rules applied by Social media, we will see your name (or nickname) or photo if you write to us or comment on our post.

We may collect and process different forms of personal data depending on the functionalities you use:

1. If you have access and use our Services, we will process your:

2. If you wish to contact us, we will process your identification data such as your name, email address and any other data you may provide using our contact form (chat) or via e-mail contact.

3. We will also process your email address if you subscribe to our newsletter or otherwise consent to the marketing of our services.

4. As part of your activity on our social media profiles, we may process your personal data that you post on your profile and other data related to our use of social media functionality.

5. If you apply for a job, we may process your personal data indicated in the Labour Code or in other specific laws, processed on the basis of legal provisions.

1. You are entitled to object at any time to the processing of your personal data on the basis of legitimate interest. In such case, we will cease to process your data for these purposes, unless there are legitimate grounds that prevent the cessation of processing or the processing may be necessary for the potential establishment, exercise or defence of legal claims.

2. You are entitled to object at any time to the processing of your personal data for direct marketing purposes, mentioned in Section III, point (3).

Depending on the purposes and grounds, as described in Section III. above, your personal data will be processed for the time it takes to :

1. service and process your account in our Services, but no longer than until the account is deleted, except in the case of violation of the Terms by you, resulting in the assertion of claims. In that case, your personal data will be processed for the time necessary to assert claims, but no longer than the period of limitations for claims under generally applicable law.

2. provide services (duration of the agreement), but if the processing is necessary to fulfill a legal obligation by Tidio, your personal data will be processed for a period of time resulting from generally applicable laws, in particular tax law and accounting regulations. If the processing is necessary for purposes arising from legitimate interests pursued by the Data Controller or by a third party, your personal data will be processed for no longer than necessary for the purposes for which the data are processed or until you object to the processing of your personal data.

3. resolve your case. Depending on the type of case, your data could also be processed for the time needed to improve performance and the time needed to establish that we have resolved the case correctly, i.e. for the period of limitations for claims.

4. provide our marketing activities (newsletter), until you object to the processing of your data for this purpose, or revoke your consent to send messages to your email address. Your revocation of consent does not affect the lawfulness of processing prior to the withdrawal of that consent. You can unsubscribe/ withdraw consent by clicking on the opt-out link in newsletter, marketing e-mails from us.

5. interact with you via our social media profiles if you choose to comment on our posts or follow us. Remember that you can always delete your comments under our posts, stop following us or cancel your social media account.

6. until the end of the recruitment process, in case of consented to the processing of your data for future recruitment purposes, your data will be processed for a period of 48 months, but no longer than until you withdraw your consent to the processing of your data.

We could provide your personal data to other companies and certain services providers who perform certain business operation on our behalf. These companies and service providers may participate in the processing of Personal Data to the extent necessary to perform services for Tidio. Depending on your activities as described in Section III, recipients of your data may be:

1. Service hosting providers;
2. Website hosting providers;
3. Subjects involved in storing data for us;
4. Entities providing ICT services;
5. Social media providers such as Facebook Ireland Ltd., LinkedIn Ireland Unlimited Company, Twitter Inc.

Personal data may also be disclosed to other entities that support our operations, i.e.:

1. Servicers of IT systems,
2. Law firms, auditors;
3. Third-party companies and individuals who facilitate our Services, to provide the Services on our behalf, to perform Service-related services, or to assist us in analyzing how our Services are used, or
4. Entities to which the Data controller is obliged to transfer data under the provisions of law.

By law, you have the following right with regard to your personal data. Further information and advice about your rights can be obtained from your national data protection regulator. If you wish to exercise any of your rights in relation to your personal data, please contact us here. If you wish to exercise any of your rights in relation to your personal data, please contact us at the following address: support@tidio.net.

We are required by law to act on requests and provide information free of charge, except where your requests are manifestly unfounded or excessive (in particular because of their repetitive nature) in which case we may charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking the action requested) or refuse to act on the requested.

Please consider your request responsibly before submitting it. We will respond to your request as soon as we can. Generally, this will be within one month from when we receive your request but if the request is going to take longer to deal with, we will let you know. To find out how to submit a request, please see the Contact Us section.

We mainly process the data you submit within the EEA and the servers located there. Note, however, that TIDIO LLC, as the entity entering into the Agreement with you, is a U.S.-based entity, and therefore some of your data may be transferred from the EEA and/or the United Kingdom and processed in the United States.

Information for individuals in the EEA and UK

Because we operate globally, Tidio may transfer your Personal Information from the EEA or the UK to the United States and other countries. This may include Personal Information that we receive from individuals residing in the EEA or the UK who visit our Websites, use our Services, or otherwise interact with us. When we transfer Personal Information, we rely on the Adequacy Decisions of the European Commission ("EC"), based on Article 45 of Regulation (EU) 2016/679 (GDPR) and UK Secretary of State, based on Article 45 of the UK GDPR and Section 17A of the Data Protection Act 2018 or the EC's Standard Contractual Clauses ("SCCs") and the UK Information Commissioner's Office's International Data Transfer Addendum ("IDTA"), as applicable, supplemented by additional security measures as recommended by the European Data Protection Board. The EC's and the UK's Information Commissioner's Office ("ICO") have determined that the SCCs and IDTA may provide sufficient safeguards to protect personal data transferred outside the EEA and the UK. Where we transfer data, we perform transfer impact assessments ("TIAs") and continually monitor the circumstances surrounding such transfers to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the EEA and UK data protection laws.

Additional information for individuals from the EEA, Switzerland and UK: Swiss-US DPF, EU-US DPF and UK Extension Data Privacy Framework

In addition to utilizing SCCs, as part of our commitment to maintaining high data protection standards when transferring Personal Information between EEA/Switzerland and the United States, Tidio LLC participates in the EU-US Data Privacy Framework ("EU-US DPF"), the UK Extension to the EU-U.S. and the Swiss-US Data Privacy Framework ("Swiss-US DPF"). Tidio LLC complies with the EU-US Data Privacy Framework (EU-US DPF), the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework (Swiss-US DPF) as set forth by the U.S. Department of Commerce. Tidio LLC has certified to the U.S. Department of Commerce that it adheres to the EU-US Data Privacy Framework Principles (EU-US DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-US DPF and the UK Extension to the EU-US DPF. Tidio LLC has certified to the U.S. Department of Commerce that it adheres to the Swiss-US Data Privacy Framework Principles (Swiss-US DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-US DPF. If there is any conflict between the terms in this privacy policy and the EU-US DPF Principles and/or the Swiss-US DPF Principles, the Principles shall govern. Use hyperlinks to learn more about the Data Privacy Framework ("DPF") program and to view our certification (open in a new tab).

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Tidio LLC is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. Pursuant to the Data Privacy Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to privacy@tidio.net. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice or opt-in for sensitive data before we share your data with third parties other than our agents or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@tidio.net.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Tidio LLC's accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Tidio LLC remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Tidio LLC proves that it is not responsible for the event giving rise to the damage.

In compliance with the EU-US DPF Principles, EU-SWISS DPF Principles and EU-UK DPF EU-US DPF Principles and the Swiss-US DPF Principles we commit to resolve complaints about your privacy and our collection or use of your Personal Information transferred to the United States pursuant to the DPF Principles. European Union, United Kingdom and Swiss individuals with DPF inquiries or complaints should first contact Tidio: Data Protection Officer, privacy@tidio.net. We will investigate and attempt to resolve any complaints or disputes regarding the processing of Personal Information within 45 days of receiving your privacy complaint.

Tidio LLC has further committed to refer unresolved privacy complaints under the EU/SWISS DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit the BBB National Programs website for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms, see DPF Arbitration Procedures. Tidio LLC is subject to the jurisdiction of the US Federal Trade Commission for the purposes of DPF enforcement.

Except for the cookie-based advertising profiling described below, automated decision-making, including profiling, may take place during your use of our Service, among other things in order to provide you basic rules ("Service onboarding") and predict your behaviour (i.e., to enable you to take advantage of our benefits and support your use of our Service). The purpose of these activities is for you to be able to use our Service in the best version, plan, and price for you. At the same time, our goal is to support your use of our Service in the most suitable model and form for you.

Your personal data, including data obtained based on your activity and the way you use our Service, will be processed by us in order to evaluate and analyze your activity and information about you. We will analyze and forecast aspects of your behavior and preferences as our client, including in an automated manner, to create your individual profile and present dedicated offers and functionalities ("profiling").

Certain decisions taken by Tidio at the stage of performance a contract may be based solely on automated processing of personal data, including on set of rules and algorithms used by Tidio for the purpose of providing you our Service with all the benefits and improving the Service. These decisions may produce legal effects concerning you or similarly significantly effect.

Remember, If you don't agree with an automated decision that our technology has made in relation to you, you can contact us and we will look into it for you.

You have the right to obtain an explanation of automated decision, to contest it, to express your views, and to obtain human intervention in order to make a new decision.

We are committed to ensuring that your privacy is protected, since the security of your privacy, including your personal data, is a priority to us. We take every precaution to ensure that personal data provided by website users is protected from loss, destruction, disclosure, unauthorised access or misuse.

The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant EU and United States law.

General information about cookies:
In common with other companies, we use cookies on our website. Cookies are small text files stored on your computer or other device by websites you visit. For general information on cookies, please visit: www.allaboutcookies.org and www.youronlinechoices.eu.

We use cookies and other technologies to understand, secure, operate, and provide our Services.

We use cookies and other technologies to:

• provide Tidio for web and desktop and other Services that are web-based, improve your experiences, understand how our Services are being used, and customize our Services;
• understand which of our FAQs are most popular and to show you relevant content related to our Services;
• remember your choices, such as your language preferences, and otherwise to customize our Services for you;
• understand mobile versus desktop users of our web-based Services…