Privacy Policy
Effective June 1, 2026
This Privacy Policy explains how Tidbok (“tidbok”, “we”, “us”, or “our”) collects, uses, discloses, and protects information when you use our website, mobile applications, and related services (collectively, the “Service”).
1. Information We Collect
1.1 Information you provide
- Account information: email address, phone number, display name, profile photo, time zone, and the password you create (stored only by our identity provider, Microsoft Entra External ID, never in plain text by us).
- Profile content: bio, saved locations, contact groups, event details, RSVPs, and any other content you submit.
- Contacts: only contacts you explicitly select to import from your device or connected social accounts.
- Payment information: processed by Stripe, Apple App Store, or Google Play. We never store full card numbers.
1.2 Information collected automatically
- Device identifiers, OS version, app version, IP address.
- Approximate location (city / ZIP) when you opt in.
- Usage events (pages viewed, events created, interactions with recommendations) for product improvement.
- Crash and diagnostic logs.
1.3 Information from third parties
- Identity claims from Google, Apple, Facebook, and Microsoft when you sign in with those providers (name, email, and profile photo).
- Calendar events from Google Calendar, Apple iCloud, or Outlook if you connect them.
2. How We Use Information
- To create and operate your account and provide the Service.
- To deliver event invitations, notifications, and reminders.
- To personalize event recommendations using machine-learned preference signals.
- To process payments and manage subscriptions.
- To detect and prevent fraud, abuse, and security incidents.
- To comply with legal obligations.
3. How We Share Information
We do not sell your personal information. We share information only:
- With other users as you direct (e.g. inviting friends to an event, joining a public event).
- With service providers under contract (Microsoft Azure, Stripe, Google Maps Platform, Apple Push Notification service, Twilio / Azure Communication Services for email and SMS).
- To comply with legal process or protect rights, safety, and property.
- In connection with a merger, acquisition, or sale of assets, subject to the same protections in this Policy.
4. Your Rights and Choices
- Access & portability: request a copy of your data from Settings → Privacy.
- Correction: edit your profile at any time.
- Deletion: permanently delete your account from Settings → Delete Account or the mobile app. Deletion is irreversible and removes all personal data within 30 days.
- Marketing: opt out of promotional email from any message footer.
- EU/UK (GDPR): you have the right to object, restrict, or lodge a complaint with your supervisory authority.
- California (CCPA/CPRA):right to know, delete, correct, and opt out of “sharing”. We do not sell or share personal information for cross-context behavioral advertising.
5. Children
The Service is not directed to children under 13 (or under 16 in the EU/UK). We do not knowingly collect personal information from children. If you believe a child has provided us information, please email privacy@tidbok.com.
6. Security
We use industry-standard safeguards including encryption in transit (TLS 1.2+) and at rest, application-level envelope encryption for sensitive PII, and managed-identity-based access controls. No system is perfectly secure; please use a strong, unique password.
7. Retention
We retain personal information for as long as your account is active and as needed to provide the Service. Backups are purged within 35 days after account deletion. Aggregate, de-identified analytics may be retained indefinitely.
8. International Transfers
tidbok is operated from the United States. By using the Service you consent to the transfer of your information to the U.S. and other countries where our service providers operate, subject to appropriate safeguards (e.g. Standard Contractual Clauses).
9. Changes
We may update this Policy from time to time. Material changes will be announced in-app and by email at least 30 days before they take effect.
10. Contact
Email: privacy@tidbok.com
Postal mail: Tidbok, Privacy Office, United States.