Privacy Policy — Tidal Software Inc.

Last updated: 22 June 2026 · Tidal Software Inc. · Governing law: India (DPDPA 2023)

1. Who We Are

Tidal Software Inc. ("Tidal", "we", "us", or "our") is an AI-native RFQ automation platform purpose-built for maritime ship chandlers. Our registered office is in India. We operate the website at tidal.supply and the Tidal platform.

This Privacy Policy explains how we collect, use, store, and share personal data when you interact with our website or use our services, in accordance with India's Digital Personal Data Protection Act 2023 (DPDPA 2023).

2. Data We Collect

2.1 Information you provide directly

When you submit a demo request or contact us, we collect:

Full name
Work email address
Phone number
Company name and industry
Monthly RFQ volume and current systems in use
Any additional information you choose to share in free-text fields

2.2 Platform data (customers only)

If you are a Tidal customer, we process data you provide through the platform, including:

RFQ email content (processed solely to generate quotes on your behalf)
Product catalogues, pricing data, and margin rules you configure
Vendor and client contact information you upload
Order, invoice, and transaction records

This data remains yours. We act as a data processor on your behalf and do not use it for any purpose other than providing the Tidal service.

2.3 Technical data

When you visit our website, we may automatically collect:

Browser type and version
Device type and operating system
IP address (not stored beyond session)
Pages visited and time spent on pages

We do not use third-party advertising trackers or behavioural analytics cookies.

3. How We Use Your Data

We use the data we collect for the following purposes:

Demo requests: To respond to your enquiry, schedule a demonstration, and follow up on your interest in Tidal.
Service delivery: To operate, maintain, and improve the Tidal platform for customers.
Communication: To send you service-related messages (onboarding, support, product updates). We do not send unsolicited marketing emails.
Security and compliance: To detect fraud, enforce our Terms of Service, and comply with applicable law.

4. Data Processors We Use

We share data with the following trusted third-party processors, solely to operate our services:

Supabase — Database hosting and storage. Data is encrypted at rest and in transit.
Resend — Transactional email delivery (demo confirmations, notifications).
Render — Cloud hosting for the Tidal application.
Anthropic / Mistral AI — AI processing of RFQ content for customers, under strict data processing agreements.

We do not sell your data to any third party. We do not share your pricing, catalogue, or customer data with anyone.

5. Your Rights Under DPDPA 2023

Under India's Digital Personal Data Protection Act 2023, you have the following rights regarding your personal data:

Right to access: Request a copy of the personal data we hold about you.
Right to correction: Request that inaccurate or incomplete data be corrected.
Right to erasure: Request deletion of your personal data, subject to legal retention obligations.
Right to grievance redressal: Lodge a complaint with our Grievance Officer (see Section 8).
Right to nominate: Nominate another individual to exercise your rights in the event of your death or incapacity.

To exercise any of these rights, contact us at sarah@tidal.supply. We will respond within 30 days.

6. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy:

Demo enquiries: 24 months from the date of submission, or until you request deletion.
Customer platform data: For the duration of the customer relationship plus 12 months, unless a longer period is required by law.
Technical logs: 90 days, then permanently deleted.

7. Cookies

Our website uses only essential session cookies required for the site to function. We do not use advertising, tracking, or analytics cookies. No cookie consent banner is shown because no non-essential cookies are set.

8. Grievance Officer

In accordance with the DPDPA 2023, we have designated a Grievance Officer to address data-related concerns:

Name: Sarah (Data Officer, Tidal Software Inc.)
Email: sarah@tidal.supply
Response time: We aim to acknowledge grievances within 48 hours and resolve them within 30 days.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include encryption in transit (TLS) and at rest, role-based access controls, and regular security reviews. SOC 2 compliance is currently in progress.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this page periodically. Continued use of our website or services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your data, contact us at:

Email: sarah@tidal.supply
Company: Tidal Software Inc., India