Privacy Policy

1. Information We Collect

1.1 Information You Provide

When you create an account, use our services, or communicate with us, we collect information you voluntarily provide:

• Account Information: Name, email address, password, username, and profile picture
• Booking Information: Event types, meeting details, attendee names and email addresses, meeting notes, and custom form responses
• Calendar Data: Calendar events, availability schedules, and timezone preferences when you connect external calendars
• Payment Information: Billing address and payment details (processed securely through Stripe; we do not store full card numbers)
• Communication Data: Messages you send through our platform, support requests, and feedback
• Team Information: Team names, member roles, and organisational details for Team plan users

1.2 Information Collected Automatically

When you access or use TimeTide, we automatically collect certain technical information:

• Device Information: Browser type and version, operating system, device type, and screen resolution
• Network Information: IP address, approximate location (city/country level), and internet service provider
• Usage Data: Pages visited, features used, clicks, time spent on pages, booking page views, and conversion rates
• Log Data: Access times, error logs, referring URLs, and pages viewed before and after using our Service

1.3 Information from Third Parties

We may receive information about you from third-party sources:

• Calendar Providers: Event data from Google Calendar or Microsoft Outlook when you connect them
• Video Conferencing: Meeting links and metadata from Zoom, Google Meet, or Microsoft Teams
• Payment Processors: Transaction confirmations and billing status from Stripe

2. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data based on the following legal grounds:

• Performance of Contract (Article 6(1)(b)): Processing necessary to provide the TimeTide Service, manage your account, process bookings, and handle subscriptions
• Legitimate Interests (Article 6(1)(f)): Processing for analytics, fraud prevention, service improvement, and direct marketing to existing customers
• Consent (Article 6(1)(a)): Processing based on your explicit consent, such as marketing communications and non-essential cookies
• Legal Obligation (Article 6(1)(c)): Processing required to comply with tax, accounting, or other legal requirements

3. How We Use Your Information

We use the information we collect for service delivery, improvement and analytics, communication, and security and compliance. Full details are available in our comprehensive privacy documentation.

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your data with booking participants, team members, service providers, calendar and conferencing providers, for legal reasons, and in connection with business transfers.

5. Cookies and Tracking Technologies

We use essential, functional, analytics, and marketing cookies. You can manage your cookie preferences through your browser settings or our cookie consent banner.

6. Data Security

We implement robust technical and organisational measures including encryption (TLS 1.2+, AES-256), secure authentication, role-based access controls, SOC 2 compliant infrastructure, and continuous monitoring.

7. Data Retention

Account data is retained while your account is active (deleted within 30 days of account deletion). Booking data is retained for 12 months. Payment records are retained for 7 years per UK tax regulations. Log data is retained for 90 days.

8. Your Rights and Choices

Depending on your location, you have rights including access, rectification, erasure, data portability, objection, restriction of processing, withdrawal of consent, and the right to lodge a complaint. Contact hello@timetide.app to exercise these rights.

9. California Residents (CCPA/CPRA)

California residents have additional rights including the right to know, delete, opt-out of sale (we do not sell personal information), non-discrimination, correction, and limiting use of sensitive information.

10. International Data Transfers

When we transfer personal data outside the UK or EEA, we ensure appropriate safeguards through adequacy decisions, standard contractual clauses, and data processing agreements.

11. Third-Party Services and Integrations

TimeTide integrates with Google Calendar, Microsoft Outlook, Zoom, Google Meet, and Stripe. Each has its own privacy policy. You can disconnect integrations at any time through your settings.

12. Data Processing Agreement

We offer a Data Processing Agreement (DPA) for users acting as data controllers. Contact hello@timetide.app to request a copy.

13. Children's Privacy

TimeTide is not directed at children under the age of 16. We do not knowingly collect personal information from children.

14. Automated Decision-Making

TimeTide does not use automated decision-making or profiling that produces legal effects or significantly affects you.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or prominent notice on our platform.

16. Contact Us