Privacy Notice
Last Updated: 23 November 2025
1. Introduction
1.1 Our Commitment to Your Privacy
At Quidsy, we're serious about protecting your privacy. We believe you should know exactly what data we collect, why we collect it, and how we use it. This notice explains everything in plain English—no legal jargon, no hidden surprises.
1.2 About This Notice
This privacy notice covers:
- What personal data we collect
- Why we collect it and how we use it
- Who we share it with (and why)
- How we keep it secure
- Your rights and how to exercise them
1.3 Data Controller Information
The data controller responsible for your personal data is:
Brithers Ltd
Company Registration Number: 16779521
Registered Office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Email: support@quidsy.com
2. What Personal Data We Collect
2.1 Information You Provide to Us Directly
Account Registration: When you create an account, we collect:
- Email address
- Password (encrypted and never stored in plain text)
Communications with Us: When you contact our support team, we collect:
- Your name (if you provide it)
- Email address
- Message content and any information you choose to share
2.2 Information We Collect Automatically
Device & Usage Information: When you use Quidsy, we automatically collect:
- IP address
- Browser type and version
- Device type (mobile, desktop, tablet)
- Operating system
- Pages visited and time spent on pages
- Referral source (how you found us)
Cookies and Tracking Technologies: We use cookies to improve your experience and understand how you use our service. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.
2.3 Information From Third Parties
We may receive data from our service providers (Supabase for authentication, Sanity for content management, and Vercel for hosting) to help us deliver and improve our service.
3. How and Why We Use Your Personal Data (Legal Basis for Processing)
3.1 To Provide and Manage Your Account (Performance of a Contract)
We use your data to:
- Create and maintain your account
- Allow you to track offers and earnings
- Process your referral code and track referrals
- Provide customer support when you need help
- Send you essential service communications (e.g., password resets, account updates)
3.2 For Legal, Compliance, and Security Purposes (Legal Obligation)
We use your data to:
- Prevent fraud and abuse of our platform
- Protect our users, systems, and services
- Comply with legal obligations (e.g., responding to valid legal requests)
- Enforce our Terms & Conditions
3.3 To Improve Our Services and for Analytics (Legitimate Interest)
We use your data to:
- Understand how users interact with Quidsy
- Develop new features and improve existing ones
- Personalize your experience (e.g., showing relevant offers)
- Fix bugs and resolve technical issues
- Conduct analytics to understand user behavior and preferences
3.4 For Marketing and Communications (Consent / Legitimate Interest)
With your consent, we may use your email address to:
- Send you updates about new offers and features
- Share helpful guides and tips
- Notify you about promotions or special opportunities
You can opt out at any time by clicking the unsubscribe link in any marketing email or contacting us at support@quidsy.com.
4. Who We Share Your Personal Data With
4.1 Service Providers and Partners
We work with trusted service providers to help us run Quidsy. These providers only access the data they need to perform their services and are contractually obligated to protect your data:
- Supabase: Database hosting and user authentication
- Sanity: Content management system for offers and guides
- Vercel: Website hosting and infrastructure
- PostHog: Analytics and user behavior tracking (when implemented)
4.2 Legal and Regulatory Bodies
We may share your data with law enforcement, regulatory authorities, or other third parties when we're legally required to do so or to protect our rights, your safety, or the safety of others.
4.3 Business Transfers
If Quidsy is acquired by or merged with another company, your personal data may be transferred to the new owners so they can continue to provide the service to you.
5. Data Storage and International Transfers
5.1 How We Secure Your Data
We take security seriously and implement industry-standard measures to protect your data:
- Encryption in transit (HTTPS/TLS)
- Encryption at rest for sensitive data
- Access controls and authentication
- Regular security assessments
- Secure password hashing (never stored in plain text)
5.2 How Long We Keep Your Data (Data Retention)
We keep your personal data only as long as necessary for the purposes outlined in this notice:
- Active accounts: We retain your data for as long as your account is active
- Closed accounts: After you close your account, we delete your personal data within 90 days, except where we need to retain it for legal or regulatory compliance
- Legal retention: Some data may be retained for up to 7 years to comply with UK tax and accounting requirements
- Analytics data: Aggregated, anonymized analytics data may be retained indefinitely as it cannot identify you
5.3 International Data Transfers
Some of our service providers may process data outside the UK. When this happens, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO), to protect your data in accordance with UK GDPR standards.
6. Your Data Protection Rights
Under UK GDPR, you have the following rights regarding your personal data:
Right to be Informed
You have the right to know how your data is used—this privacy notice fulfills that right.
Right of Access
You can request a copy of the personal data we hold about you at any time.
Right to Rectification
If your data is inaccurate or incomplete, you can ask us to correct it.
Right to Erasure (the 'right to be forgotten')
You can request that we delete your personal data in certain circumstances (e.g., if it's no longer needed for the purposes it was collected).
Right to Restrict Processing
You can ask us to limit how we use your data in certain situations (e.g., if you contest the accuracy of the data).
Right to Data Portability
You can request a copy of your data in a machine-readable format to transfer to another service.
Right to Object
You can object to processing based on legitimate interests, including for direct marketing purposes.
Right to Withdraw Consent
Where we rely on your consent to process your data, you can withdraw it at any time. This won't affect the lawfulness of processing before you withdrew consent.
How to Exercise Your Rights
To exercise any of these rights, please contact us at support@quidsy.com. We'll respond to your request within one month.
7. Cookies
We use cookies and similar technologies to improve your experience on our website, understand how you use it, and personalize content. For detailed information on the cookies we use and how to manage them, please see our Cookie Policy.
8. How to Complain
If you're not happy with how we've handled your personal data, please contact us first at support@quidsy.com. We'll do our best to resolve your concern.
You also have the right to complain to the UK's data protection authority, the Information Commissioner's Office (ICO):
9. Changes to This Privacy Notice
We may update this privacy notice from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make significant changes, we'll notify you by email or through a prominent notice on our website. The "Last Updated" date at the top of this notice shows when it was last revised.
10. Contact Us
If you have any questions about this privacy notice or how we handle your personal data, please get in touch:
Privacy Enquiries
Email: support@quidsy.com
We aim to respond to all privacy-related enquiries within 48 hours.