Privacy Policy

1. Introduction

TyneBase Ltd, registered in the United Kingdom (Company No. 12345678), with registered office at London, United Kingdom ("we", "our", or "us") is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our knowledge management platform and related services (collectively, the "Services"). Please read this policy carefully to understand our practices regarding your personal data and how we will treat it.

2. Data Controller

TyneBase Ltd is the data controller responsible for your personal data. Our Data Protection Officer can be reached at:

• Email: privacy@tynebase.com
• Address: TyneBase Ltd, London, United Kingdom

3. Information We Collect

3.1 Information You Provide

We collect information you provide directly to us:

• Account Information: Name, email address, password, company name, job title
• Profile Information: Profile photo, bio, preferences, notification settings
• Content: Documents, comments, messages, files you upload or create
• Payment Information: Billing address, payment method details (processed securely by our payment processor)
• Communications: Information you provide when contacting support or participating in surveys

3.2 Automatically Collected Information

When you use our Services, we automatically collect:

• Usage Data: Pages viewed, features used, time spent, search queries
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Access times, error logs, performance data
• Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies (see Section 8)

3.3 Information from Third Parties

We may receive information from:

• Single Sign-On (SSO) providers (Google, Microsoft, Okta)
• Payment processors for transaction verification
• Analytics providers for service improvement

4. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

• Contract Performance: Processing necessary to provide Services you've subscribed to
• Legitimate Interests: Improving our Services, preventing fraud, ensuring security
• Consent: Marketing communications, optional features (you may withdraw consent anytime)
• Legal Obligation: Compliance with applicable laws and regulations

5. How We Use Your Information

We use collected information for:

• Service Provision: Creating and managing accounts, providing platform features, processing payments
• Communication: Sending service updates, technical notices, security alerts, support responses
• Improvement: Analyzing usage patterns, developing new features, enhancing user experience
• Security: Detecting and preventing fraud, abuse, and security incidents
• Legal Compliance: Responding to legal requests, enforcing our terms, protecting rights
• Marketing: Sending promotional materials (with your consent, opt-out available)

6. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

6.1 Service Providers

Third-party vendors who perform services on our behalf:

• Cloud hosting providers (AWS, Google Cloud - EU regions)
• Payment processors (Stripe)
• Email service providers
• Analytics providers (with data processing agreements)

6.2 Legal Requirements

We may disclose information if required by law, court order, or to:

• Comply with legal processes
• Protect rights, property, or safety of TyneBase, users, or public
• Detect, prevent, or address fraud or security issues

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

7. Data Storage and Security

7.1 Data Location

All data is stored in European Union data centers, ensuring GDPR compliance and data sovereignty. We do not transfer personal data outside the EU/EEA without appropriate safeguards.

7.2 Security Measures

We implement industry-standard security measures:

• Encryption: AES-256 encryption at rest, TLS 1.3 in transit
• Access Controls: Role-based access, multi-factor authentication, SSO
• Monitoring: 24/7 security monitoring, intrusion detection systems
• Compliance: SOC 2 Type II certified, regular security audits
• Backups: Automated daily backups with 30-day retention

7.3 Data Retention

We retain personal data for as long as necessary to provide Services and comply with legal obligations. Account data is deleted within 90 days of account closure, unless retention is required by law.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Essential Cookies: Required for platform functionality, authentication, security
• Performance Cookies: Analytics to understand usage and improve Services
• Functional Cookies: Remember preferences and settings
• Marketing Cookies: Track campaign effectiveness (with consent)

You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for marketing
• Right to Withdraw Consent: Withdraw consent for processing at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at privacy@tynebase.com. We will respond within 30 days.

10. Children's Privacy

Our Services are not directed to individuals under 16. We do not knowingly collect personal data from children. If we become aware of such collection, we will delete the information immediately.

11. International Data Transfers

While we primarily store data in the EU, if transfers outside the EU/EEA are necessary, we ensure appropriate safeguards through Standard Contractual Clauses (SCCs) approved by the European Commission.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or platform notification. Continued use of Services after changes constitutes acceptance of the updated policy.

13. Contact Us

For questions, concerns, or to exercise your rights, contact us:

• Email: privacy@tynebase.com
• Data Protection Officer: dpo@tynebase.com
• Address: TyneBase Ltd, London, United Kingdom
• Contact Form: tynebase.com/contact