Building Tide

Privacy Policy

Building Tide – Privacy Policy

Last Updated: October 2025

This Privacy Policy explains how Building Tide Ltd. (“Building Tide,” “we,” “us,” or “our”) collects, uses, shares, and protects your information when you use buildingtide.com, our mobile apps, and any related services (collectively, the “Platform”).

By using the Platform, you agree to this Privacy Policy and our Terms of Service. If you do not agree, please do not use the Platform.

  1. Who We Are & How to Reach Us

Controller: Building Tide Ltd., Nassau, The Bahamas Email: privacy@buildingtide.com Postal: Building Tide Ltd., P.O. Box [___], Nassau, Bahamas

If you are in the EU/UK and wish to contact our EU/UK representative (if appointed) or exercise GDPR/UK-GDPR rights, email privacy@buildingtide.com with “GDPR Request” in the subject.

  1. Scope

This Policy applies to: • Visitors to our site, • Registered users (buyers, sellers, and organizations), • Communications and transactions that occur on or through the Platform.

It does not cover third-party websites or services we do not control. See Third-Party Links & Services below.

  1. Information We Collect

A. Information you provide • Account data: name, email, phone, password, profile details, company name, role, island/location. • Marketplace content: listings, item photos, prices, descriptions, quantity, messages, reviews, ratings, dispute submissions. • Identity & verification (optional/where required): government ID, contractor license, business documents, profile photos, delivery address. • Transactions: order details, delivery preferences, invoices/receipts, payment status (via our processor). • Support: inquiries, feedback, survey responses, issue reports. • Marketing preferences: newsletter opt-ins, categories of interest.

B. Information we collect automatically • Usage data: pages viewed, features used, referring/exit pages, timestamps, clicks, search queries. • Device & log data: IP address, browser type, device identifiers, operating system, language. • Cookies & similar tech: session cookies, analytics cookies, preference cookies, and (if used) advertising cookies. See Cookies.

C. Information from third parties • Payments: limited payment status/metadata from processors (e.g., Stripe/PayPal); we do not store full card numbers. • Identity/verification services: pass/fail results, risk scores. • Logistics partners: delivery events, tracking references. • Security & fraud partners: signals to detect spam, fraud, or abuse. • Public sources: company registries, professional directories, publicly available web data related to your business.

  1. How We Use Your Information (Purposes & Legal Bases)

We process data to: 1. Provide the Platform (create accounts, enable listings, search, chat, checkout). • Legal bases: Contract; Legitimate Interests. 2. Process payments and transactions (through third-party processors), issue receipts, and maintain records. • Legal bases: Contract; Legal Obligation. 3. Facilitate communications between users and with Building Tide (support, notifications). • Legal bases: Contract; Legitimate Interests. 4. Safety, trust, and integrity (verify users, prevent fraud, moderate content, enforce Terms, resolve disputes). • Legal bases: Legitimate Interests; Legal Obligation. 5. Improve and personalize the Platform (analytics, A/B testing, feature development). • Legal bases: Legitimate Interests; Consent where required (e.g., non-essential cookies). 6. Marketing & engagement (newsletters, promotions, category alerts) if you opt in; you can unsubscribe any time. • Legal bases: Consent; Legitimate Interests for transactional/service emails. 7. Legal compliance (tax, accounting, regulatory requests). • Legal bases: Legal Obligation; Legitimate Interests. 8. Vital interests (security incidents that could risk personal safety). • Legal bases: Vital Interests.

  1. Sharing Your Information

We share only as needed to operate and secure the Platform: • Payment processors (e.g., Stripe, PayPal): to handle payments, refunds, disputes. • Hosting & infrastructure (e.g., Sharetribe, AWS/Cloud provider): to run our marketplace and store data. • Analytics & monitoring (e.g., privacy-respecting analytics, log monitoring tools). • Verification & trust (optional KYC/contractor verification vendors, anti-fraud tools). • Messaging & notifications (email/SMS service providers). • Logistics/Delivery partners (if you request delivery; we share pickup/dropoff details). • Professional advisors (lawyers, accountants) under confidentiality. • Corporate events (merger, acquisition) where data may transfer subject to this Policy. • Legal requests (subpoenas, court orders) where we are legally required to respond.

We do not sell your personal information.

  1. International Data Transfers

We are based in The Bahamas, and some service providers may process data in other countries. Where required (e.g., for EU/UK data), we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent mechanisms.

  1. Data Retention

We keep data only as long as necessary for the purposes described: • Account data: retained while your account is active; some records may be kept for legal/accounting obligations (typically 6–7 years). • Listings & transactions: retained for the transaction life cycle and legal record-keeping. • Support & disputes: kept for the duration of the issue plus a reasonable period for audit/compliance. • Marketing data: until you unsubscribe or your consent is withdrawn. • Cookies: see durations in our Cookie Banner/Settings.

We will anonymize or securely delete data when no longer required.

  1. Your Rights

Subject to applicable law (including the Bahamas Data Protection Act and, where applicable, GDPR/UK-GDPR), you may have the right to: • Access your personal data and obtain a copy. • Correct inaccurate or incomplete data. • Delete your data (“erasure”), where applicable. • Restrict or object to certain processing. • Portability of data you provided to us. • Withdraw consent at any time (does not affect prior lawful processing). • Complain to a supervisory authority (see below).

How to exercise: email privacy@buildingtide.com from your account email and specify your request. We may verify your identity before fulfilling it.

Bahamas supervisory authority: Office of the Data Protection Commissioner. EU/UK users may also contact their local data protection authority.

  1. Security

We use administrative, technical, and physical safeguards appropriate to the risk (e.g., encryption in transit, access controls, least-privilege, monitoring). No system is 100% secure; please protect your account credentials and report suspected compromise to security@buildingtide.com.

  1. Cookies & Similar Technologies

We use cookies to: • Keep you signed in and remember preferences (strictly necessary), • Measure usage and performance (analytics), • Improve features (functional), • (If enabled) show relevant promotions (advertising).

You can manage preferences via our Cookie Banner/Settings and your browser/device controls. Some features may not work without certain cookies.

  1. Children’s Privacy

The Platform is not intended for individuals under 18. We do not knowingly collect data from children. If you believe a minor has provided data, contact privacy@buildingtide.com and we will take appropriate steps to delete it.

  1. User Communications & Messaging

Messages sent through our Platform may be scanned or moderated automatically and/or by authorized staff to enforce our Terms (e.g., prevent fraud, prohibited items, harassment). Do not share sensitive personal information in chat.

  1. Verification (KYC) & Contractor Badges (Optional)

Where offered, verification is voluntary unless required for specific features or value thresholds. If you consent to verification, we may share your information with a verification provider and display a “Verified” badge on your profile.

  1. Third-Party Links & Services

Our Platform may link to third-party websites/apps (e.g., manufacturer specs, logistics quotes). Those services have their own privacy policies. We are not responsible for their practices—please review their policies before using them.

  1. Automated Decision-Making / Profiling

We may use limited automated checks for fraud detection, spam prevention, or trust & safety. These processes help us protect users and the Platform. You can contact us to request human review of decisions that significantly affect you.

  1. Changes to This Policy

We may update this Policy periodically. We will post the new version with an updated “Last Updated” date. Material changes may be notified via email or in-app notice. Continued use of the Platform means you accept the updated Policy.

  1. Contact & Complaints

Questions or concerns about privacy? Email: privacy@buildingtide.com If unresolved, you may contact the Office of the Data Protection Commissioner (Bahamas) or your local data protection authority.

  1. Regional Disclosures (Summary) • Bahamas: We aim to comply with the Data Protection (Privacy of Personal Information) Act. • EU/UK: Where GDPR/UK-GDPR applies, our legal bases are described above, and we rely on SCCs or equivalent for transfers. • California/US State Laws: While we do not “sell” personal information, we honor applicable access/deletion/opt-out rights to the extent required by law.