Published September 1st, 2025
TINES GENERAL PRIVACY POLICY
This General Privacy Policy explains how Tines and our affiliates (“Tines,” “we,” “us,” or “our”) collect, use, and share information that identifies you or could reasonably be linked to you (referred to here as “Personal Data”). We take your privacy seriously and are committed to handling your Personal Data responsibly. This Notice outlines the ways we, or third parties acting on our behalf, collect, use, store, disclose, and otherwise process your personal information. We collect and use your Personal Data when:
When you visit or browse our website (www.tines.com) or check out our social media pages, we may collect certain information using cookies and similar technologies. For more details on how we use these technologies and your choices, please see our Cookies Policy.
You or the company you're connected with use or are interested in Tines products and services (we call these the “Tines Offerings”).
You sign up for or attend one of our events.
You join and take part in our online community spaces (like our Slack workspace).
You visit one of our offices
You subscribe to or engage with our newsletters, marketing emails, or other updates we’re sharing.
We’re sharing this Notice to explain how Tines handles your Personal Data and what your rights are under data protection laws, including:
The General Data Protection Regulation (GDPR)
The UK GDPR and the UK Data Protection Act 2018
The California Consumer Privacy Act (CCPA)
Any other laws that may apply depending on where you’re located (together, the “Applicable Data Protection Laws”)
Just a heads up: some of the rights and protections under these laws only apply if you live in certain places, such as the EU, the EEA, the UK, or California.
This Notice doesn’t apply in the following situations:
If you’re applying for a job at Tines. In that case, please check out our Recruitment Privacy Notice. This Notice also applies if you provide referee details in your CV. We will only contact referees with your explicit consent.
If you are using our products, even our Community Edition, and we are processing Personal Data on your behalf, please see our Tines Data Processing Addendum and related terms of service for details, in addition to the Tines Product Privacy Policy, set forth below.
If you have any questions about how we use your Personal Data, or if you want to exercise your privacy rights, feel complete this form or else feel free to reach out to us at legal@tines.io.
WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU?
We collect Personal Data either directly from you when you provide it to us (e.g. Marketing Data, Event Data, Relationship Data, Query and Contact Data) and or indirectly when we generate it from engaging with you (e.g. Site and Device Data). The Personal Data we will process about you is as follows:
Identification Data. This includes basic identifiers such as name, email address, job title, company details, phone number, and account credentials where applicable.
Site and Device Data. When you visit the Sites or use services related to the Sites, we collect Personal Data about your visits and interactions, such as which webpages you visit, the time and date of access, what you click on, and when you perform these actions. We also collect device data including your IP address, location, device type and language, browser type, and other related information. Additionally, we may collect data about linked websites you access through the Sites. Most of this Personal Data is collected indirectly through cookies on our Sites. For more details on how our Sites use cookies, please see our Cookies Policy.
Contact & Query Data. When you reach out to us \-whether through our Sites, by email, Zoom, or any other way \- we may collect Personal Data such as your name, email address, job title, company details, and other information depending on the nature of your communication.
Marketing Data. When we carry out marketing activities or you engage with such activities, we process the following Personal Data about you: name, e-mail address, phone number, company name, job title and marketing preferences. In some jurisdictions, including Germany, we require a double opt-in confirmation before sending marketing communications.
Event Data. We will collect the following Personal Data about you directly or indirectly (via an event organiser or partner) when you register for and/or attend one of our events (e.g. on-site, at dedicated locations or webinars, etc.): name, e-mail address, phone number, company name, job title, and photo image.
Office Visits Data. We collect the following types of Personal Data about you when you visit one of our offices: name, e-mail address, phone number, job title/role, signature, photo or video image.
Tines Offerings. Tines may automatically collect information when your organization uses certain products. For more details, check out our Product Privacy Policy Supplement.
Third Parties. We might also get data from other sources like our affiliates, partners, resellers, marketing and event partners, technology alliance partners, or other trusted third parties we work with to help improve the information we have. For example, we may match location data from commercial sources with your IP address collected through our automatic tools (see our Cookies Policy) to figure out your general area. Sometimes, we link information using unique IDs like cookies or account numbers.
Communication Data. This includes records of your communications with us (e.g. emails, chat messages, support tickets, call recordings where permitted by law).
Preference and Feedback Data. We may collect information you provide about your preferences, interests or feedback \- for example, responses to surveys, satisfaction scores or product improvement suggestions.
HOW DO WE PROCESS SENSITIVE DATA?
We do not intentionally collect or process Sensitive Personal Data (also known as Special Categories of Personal Data under applicable law) unless required or permitted by law, or unless you choose to provide such data to us voluntarily. Sensitive Data may include information such as:
Racial or ethnic origin
Political opinions or religious beliefs
Trade union membership
Genetic or biometric data
Health-related information
Sexual orientation or sex life
Government-issued identifiers (such as Social Security numbers, passport numbers)
If you choose to submit any Sensitive Data to us (for example, through support channels or free-form text fields), you do so voluntarily and with your explicit consent where required by law. We encourage you to avoid sharing such information unless it is necessary for your interaction with us. If we do process Sensitive Data, we will ensure it is:
Collected and processed only where legally permitted or with your explicit consent;
Used solely for the purposes for which it was collected;
Protected with appropriate technical and organizational safeguards to ensure its confidentiality and integrity.
If you have questions about how we handle Sensitive Data or wish to withdraw your consent, please complete this form or contact us at legal@tines.io
HOW & WHY DO WE USE YOUR PERSONAL DATA?
Sometimes we need to process your Personal Data because it’s necessary for our legitimate business interests. The legal basis for this processing, along with the purposes for which we use your data, are explained below. Protecting your data is important to us, so before we process it, we carefully assess whether it’s necessary and consider how it might impact your rights and freedoms.
We always handle your Personal Data in a lawful, transparent, and fair way. Depending on the type of data and the context, we rely on one or more of the following legal bases:
When it’s necessary to prepare or enter into a contract with you;
Based on your specific, revocable consent;
To meet our legal obligations;
To protect your vital interests or those of others;
For our legitimate interests (or those of others), as long as those interests don’t override your rights and freedoms.
We use your Personal Data only for the purposes outlined here unless we have a valid reason to use it for something compatible with the original purpose. If we ever need to use your data for a completely different reason, we’ll notify you and explain the legal basis for doing so.
Manage and Respond to Queries and Questions: We will process your Personal Data to assess and respond to any requests or queries you send us. For example, this includes when you email a question to hello@tines.io, use the chatbot on our site, reach out to talk to our sales team, or request a demo of the Tines Offerings.
Outreach and Marketing. We will process your Personal Data for marketing purposes when you choose to receive our marketing communications, such as our newsletter, or subscribe to our mailing lists. This also applies when you listen to our podcast, read our blog, join and participate in our Slack community, or express interest in receiving any of our publications or reports.
Events. We use your Personal Data to invite and register you for events, follow up afterward, share attendance info with sponsors or your company when allowed, and use photos for media campaigns. Partners handle your data under their own privacy policies.
Account Management: To deliver our products, manage your account, handle downloads, updates, support, and send important account-related messages.
Customer Experience: To keep your contact info up to date, offer support, recommend products or features, and personalize communications based on how you use Tines.
Online Experience: To run and improve our websites and platforms, make navigation easy, secure your login, and personalize content.
Internal Business Operations: For internal business needs like research, analytics, reporting, staff training, and outreach.
Security and Legal Proceedings: We process your Personal Data to protect our products, services, and websites from threats, fraud, and other malicious activity. We also use your data to file legal proceedings, investigate, establish, defend, or settle legal claims.
Social Media: To interact with you on social networks (following their rules).
Education & Training: To deliver any training or certification courses you sign up for.
Research & Innovation: To develop new products and features using research and data analysis.
Compliance: To comply with laws, regulations, court orders, or government requests.
Sensitive Data Handling: In limited cases, and only where legally required or permitted, we may process special categories of Personal Data (e.g. health or biometric information) subject to appropriate safeguards.
Other Legitimate Purposes: To protect Tines’ confidential info or for other valid business reasons.
SHARING OF YOUR PERSONAL DATA
Depending on our reasons for processing your Personal Data, we will share it with all or some of the following recipients (“Recipients”):
Affiliates. We may transfer your Personal Data to other Tines group companies worldwide, including internal business units such as sales, marketing, legal, product, IT, managers, system administrators, and support staff. This also includes our shareholders, Board of Directors, and any other group companies that become part of Tines over time. We protect your data wherever it is processed and take appropriate measures to comply with applicable laws.
Third Party Service Providers. We may share your information with trusted third parties who help us with services like IT, payments, advertising & marketing, support, and data analysis. They’re contractually required to protect your data and use it only as we instruct. These providers are primarily based in the US or EMEA.
Third Party Advisors/Professionals. We may share your data with external advisors like tax and legal consultants, insurers, accountants, and auditors when needed to protect our legitimate and legal interests.
Partners. We may share your information with trusted third parties like partners, distributors, and resellers to help fulfill your product and information requests, provide seamless support, keep you informed about Tines, and organize events. Sometimes, we team up with selected business partners for joint sales, product promotions, or events. If you buy or show interest in something we’re offering together, we might share relevant Personal Data with those partners to make sure you get the best experience. It’s important to know that these partners handle your data on their own terms, including how they use it and what they tell you about it. So, we recommend taking a look at their privacy policies to understand how they manage your personal information.
Business Transactions. We may disclose your information in connection with a sale, purchase, merger, or reorganization of Tines or its business units for strategic or other business purposes. In such transactions, Personal Data may be transferred to prospective or actual buyers, or received from sellers. We endeavor to ensure that appropriate safeguards are in place to protect your Personal Data throughout these processes.
Legal/Regulatory Bodies. We might share your Personal Data if we genuinely believe it’s necessary to respond to legitimate requests from law enforcement, regulators, courts, or other authorities.
Emergency Situations. In rare cases, we may share your data to protect your vital interests or those of others (e.g., in a medical or safety emergency).
TRANSFERS OF YOUR PERSONAL DATA
To facilitate the global nature of our business, our operations will be carried out within Europe and outside Europe (e.g. in the USA, Australia and other countries). If you are resident in Europe, we may share, transfer or store your Personal Data outside your country of residence to certain Recipients (mainly our external service providers and partners). The laws and practices in the countries may not have equivalent data protection and privacy rules to those that apply under Applicable Data Protection Laws in Europe.
Where these transfers occur, we ensure that a transfer mechanism is in place and appropriate safeguards protect your Personal Data:
For transfers (including, onwards transfers) of your Personal Data to Recipients within Tines, we rely on the EU Standard Contractual Clauses ("SCCs") (e.g. USA and Australia).
For transfers (including, onward transfers) of your Personal Data to other Recipients, we rely on the SCCs, adequacy decisions of the European Commission (e.g. for transfers to Japan and the UK) or other transfer mechanisms under the GDPR.
Where applicable, we also ensure that additional technical and organisational safeguards (such as encryption or pseudonymisation) are in place to mitigate risks.
If you would like to find out about the transfer of your Personal Data, you can contact us via e-mail at legal@tines.io.
THIRD PARTY SITES. This Notice applies to your use of the Tines Sites. We are not responsible for the content or privacy practices of other websites. Our Sites may include links to third-party websites (“Linked Website”), provided for your convenience and information. Tines is not responsible for how those Linked Websites handle privacy or data. This Notice only covers Personal Data collected by Tines on our Sites and does not apply to Linked Websites. When you visit Linked Websites, we recommend reviewing their own privacy policies. We do not control what’s on those sites and cannot be held responsible for any loss or issues that arise from using them.
HOW LONG DO WE KEEP YOUR PERSONAL DATA? Generally, your Personal Data Data is retained only as long as needed to fulfill the purposes described in this Notice or to meet ongoing legitimate business needs.
YOUR DATA PROTECTION RIGHTS. Depending on where you live, you may have certain rights when it comes to your Personal Data. You can exercise these rights by e-mailing legal@tines.io. Here’s a quick overview of what those might include:
Access: You can ask us for a copy of the Personal Data we have about you.
Correction: If any of your information is wrong or outdated, just let us know—we’ll fix it.
Deletion: You can ask us to delete your data, unless we need to keep it for legal or other valid reasons.
Restrict Use: In some cases, you can ask us to stop using your data—for example, if you’re unsure it’s correct or if we no longer need it but you do.
Object: You can object to how we’re using your data, especially when we’re relying on our business interests as the reason.
Data Portability: You can ask us to send you your data in a format you can use and take elsewhere.
Withdraw Consent: If you’ve given us consent (like for marketing emails or cookies), you can change your mind at any time.
CHANGES TO THIS NOTICE. This Notice will be regularly reviewed and may be amended and updated from time to time as necessary. Any updates to this Notice will be posted to www.tines.com/legal.
CONTACT US. If you have a data subject request, please submit your request via this form. If you have any questions, comments or concerns about the way your Personal Data is being used or processed by Tines, please submit your question, comment or concern by e-mailing legal@tines.io.
CALIFORNIA PRIVACY NOTICE SUPPLEMENT
This California Privacy Notice Supplement (“Supplement”) explains how Tines collects, uses, and shares personal information about California residents, as required under the California Consumer Privacy Act of 2018 (CCPA), as updated by the California Privacy Rights Act of 2021, and California’s “Shine the Light” law (Civil Code section 1798.83). This Supplement expands on Tines’ Privacy Notice set forth above.
This Supplement gives you a quick look at how we’ve handled your personal information over the past 12 months, including:
What types of personal info we collected
Where we got it from
Who we may have shared it with
Why we used or shared it
Confirmation that we haven’t “sold” or “shared” your personal info
A summary of your privacy rights
What We Collect. In the past year, we may have collected info like:
Name, contact info, IP address, or location data
Purchase or account activity
Info from your device or browser when you visit our site
Job or education info you’ve shared with us
We collect this data directly from you, through our site or services, or from third parties like advertising providers or social platforms.
What Doesn’t Count as Personal Information. For the purposes of this notice, “Personal Information” doesn’t include:
Public information from government records
De-identified or aggregated data that can’t be linked back to you
Data covered by other privacy laws, like:
Medical info protected under HIPAA or CMIA
Financial data under laws like FCRA, GLBA, or FIPA
Driver data under the Driver’s Privacy Protection Act
Also, this notice doesn’t apply to any personal information we handle as a service provider on behalf of our business customers. That’s covered by our customer agreements.
How We Use It. We use your data to:
Provide and improve our services
Handle your support requests
Send marketing (if you’ve agreed to it)
Comply with legal requirements
Keep our platform secure
We don’t sell or share your personal info for advertising purposes.
Who We Share It With. We may share data with:
Our service providers
Legal or regulatory authorities (if needed)
Affiliates or partners helping us run the business
Parties involved in a merger or acquisition
Anyone you’ve allowed us to share with
Your Rights. If you’re a California resident, you can:
Ask for a copy of the data we’ve collected about you
Request corrections or deletions
Ask us not to use or share your data for certain purposes
Say no to any future “sales” or “sharing” (though we don’t do this now)
Not be treated unfairly for exercising your privacy rights
To make a request, please submit this form or email us at legal@tines.io. We’ll respond within 45 days and let you know if we need more time or can’t fulfill your request for legal or security reasons.
TINES PRODUCT PRIVACY POLICY SUPPLEMENT
This Product Privacy Policy Supplement (the “Product Privacy Policy” or “Policy”) supplements the Tines General Privacy Notice and explains how Tines and its affiliates (“Tines,” “we,” “us,” or “our”) collect, use, and share information, including information relating to an identified or identifiable natural person or otherwise considered sensitive data (“Personal Data”), from customers and users (“you” or “your”) when you use Tines’ products. This includes the Tines automation platform (whether deployed via cloud or self-hosted options, and including our Community Edition offering), as well as any related services we provide, such as support or onboarding services (collectively, the “Tines Offerings”).
What This Policy Covers. This Policy applies only to the information Tines collects automatically when you use the Tines Offerings, and only where we decide how and why that information is processed (in legal terms, when we act as a “controller”). If you're located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, our legal basis for collecting and using this information is our legitimate interests in running and improving the Tines Offerings, keeping them secure, supporting our users, and operating our business effectively.
What This Statement Doesn’t Cover. This Product Privacy Statement doesn’t apply to:
Other Personal Data we collect through our website or marketing efforts, which is covered under our General Privacy Notice.
Data we process on behalf of customers. When customers use the Tines Offerings, they decide what data goes through the platform and how it’s used. In those cases, Tines acts as a processor or service provider, and the customer’s privacy notice governs.
Any use of customer data within the Tines Offerings is also governed by the terms of the applicable agreement between the customer and Tines, including any applicable Data Processing Addendum (DPA).
Organizational users. If you're using Tines as part of an organization (like your employer), your organization controls access and sets its own data practices. Questions about how your data is handled should be directed to your organization’s admin or privacy team.
What We Collect From the Offerings: When you use the Tines Offerings, we automatically collect information about how the platform is being used (“Usage Data”). Most of this data doesn’t identify you directly, but some of it may be considered Personal Data depending on how it’s used or combined. Here's a breakdown of what we collect:
System and Environment Info: We collect basic technical details about the Tines Offering you're using and the environment you're running it in. This might include your browser type, device type, IP address, operating system, network connection type, deployment ID, and license information.
Performance Metrics: We track how well Tines is performing so we can make things faster and more reliable. This includes things like response times, workflow execution speeds, and system load.
Usage: We look at how different parts of Tines are being used \-like which features are most popular, how often certain functions are run, and basic interaction patterns in the user interface. This helps us improve the experience and understand what’s working (and what’s not).
Security-Related Data: To keep everything secure, we may collect data about login attempts, access patterns, and other security signals. This can include IP addresses or other network data needed to detect and prevent threats.
Data Protection of Personal or Sensitive Data. Tines is designed to give customers flexibility in how they use and configure the Tines Offerings, including the ability to process sensitive data where appropriate. You are responsible for determining whether your use of the Tines Offerings involves sensitive or special categories of personal data (as defined under applicable data protection laws) and ensuring appropriate measures are taken. When sensitive data is processed, Tines implements a range of technical and organizational safeguards to help protect it. These include:
Encryption in transit and at rest
Granular access controls and audit logs
Secure infrastructure and regular security assessments
Strict role-based access for Tines personnel
In addition, when using the Tines Offerings, the Tines Information Security Addendum applies and outlines our security practices in more detail. We also encourage customers to use encryption or tokenization for any sensitive information included in workflow automation and to follow security best practices when configuring and using Tines.
How We Share Usage Data. We take care to ensure that the Usage Data, including any Personal Data that may be contained therein, is accessed internally only by individuals that require access to perform their tasks and duties, and externally only by service providers with a legitimate purpose for accessing it. We contractually require such service providers to safeguard any Personal Data or sensitive data they may receive from us. We will not sell your Personal Data or allow a third party to use your Personal Data for its own commercial purpose.
Usage Data, Salesforce data, and any information referenced in order forms relating to end customers remain the property of Tines. Partners, resellers, and other third parties processing this data do so strictly on Tines’ instructions and as Tines’ processors under applicable data protection law.
How We Use Usage Data. We use information automatically collected through your use of the Tines Offerings to support you, keep things running smoothly, and make Tines better over time. We aim to collect only the minimum amount of data needed to achieve these goals. Here are the main ways we use Product Usage Data:
Improving the product. We use this data to understand how people are using Tines, what’s working well, and where we can improve. This helps us prioritize new features, improve performance and stability, and make smarter decisions about things like pricing or packaging.
Supporting our users. Usage data helps us offer better support \-both when you reach out and when we proactively identify issues or opportunities. It also helps us personalize your experience, recommend helpful features, and encourage adoption of functionality that could benefit your team.
Managing accounts. We use this data to handle things like updates, release notes, billing communications, and other administrative tasks tied to your Tines account.
Keeping things secure. Product Usage Data helps us detect and prevent fraud, monitor for suspicious activity, and protect against security threats like spam or malware. It also helps us keep the platform stable, fix bugs, and operate our disaster recovery plans if needed.
Meeting our contractual commitments. We may use this data to confirm that usage is aligned with our terms of service or other agreements.
Sales and marketing (when allowed). Where permitted by law, we might use usage insights to suggest other ways Tines can help your organization or to guide sales discussions.
Following the law. Sometimes we’re required to use or disclose data to comply with legal obligations \- like responding to subpoenas or other valid government requests. If that happens, we’ll always do our best to protect your rights and your data.
Other business needs. We may also use Product Usage Data for things like audits, finance and accounting, insurance, legal advice, or mergers and acquisitions—as long as there’s a legitimate reason for doing so.