We’re Reward Cloud Limited (CRN: 10051136) trading as Tillo. You can find us at Unit 14 Hove Business Centre, Fonthill Road, Hove, England BN3 6HA.
We provide on-demand access to gift cards from the broadest selection of the world’s favourite brands and always strive to deliver more rewarding experiences for customers everywhere. As a result, we collect personal data about you to provide our service, and we want to be clear and transparent as to what we do with it.
- How do we use your data?
- When you sign up to Tillo we will collect your name, company details, phone number and email address. We do this in order to perform our obligations under the contract we enter with you and allow for you to use and access Tillo.
- When you use Tillo to redeem a gift we collect your name, address details, phone number and email address. We do this in order to provide the service and allow for you to use and access Tillo.
- When you request a demo, report or white paper via our Platform we will collect your name, company name, email address and contact number. We do this under our legitimate interest to respond to your request quickly and efficiently.
- When you contact us either by phone, email or via social media with general queries, we will usually collect your name, social media handle and contact details, because it’s in our legitimate interest to make sure we can properly respond to your query.
- When you receive our news updates. We use your name and email address to provide you with our news updates in line with any preferences you’ve told us about including to provide you with white papers and other reports.
If we send you our news updates because you have opted-in to receive them, we rely on your consent to do so. If you have not opted-in and we send you our news updates, we do this because of our legitimate interest to promote our business.
You can unsubscribe at any time by clicking the unsubscribe link at the bottom of any of our emails, or by emailing firstname.lastname@example.org.
- When you attend one of our events or a third party event we also attend (including virtual events via video conferencing providers including Zoom), we will usually collect your name, company details, phone number and email address (we may also collect your address to send you goodies depending on the event!). At our own events we collect this information because it’s in our legitimate interests to know who’s attending our events; and at third party events, we collect this information because it is in our legitimate interests to promote our business.
- When you apply for a job with us. When you enter into the recruitment process with us we may collect your name, contact details, recruitment information (e.g. right to work documentation and references), qualifications, accreditations, test results (inc. technical tests and coding exercises) and any additional information we may receive from our recruitment partners. We will also undertake background screening checks via our third party provider Vero Screening, we do this in order to take steps to enter into an employment contract with you and assess your suitability for a role with us.
- If our business is sold. We process your personal information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your personal information in this way, the buyer of our business may not be able to provide services to you.
- Who do we share your data with?
- Business partners, suppliers and subcontractors where you have provided us with your consent to do so including with our third party lead generation platform provider.
- Promotional events and marketing organisations, we do not sell data for marketing purposes, but may share your data with an event organiser including where we run workshops with co-presenters. We will always tell you before (usually on the event registration form) and you will be given the chance to opt-out before we do this.
- Prospective buyers of our business under our legitimate interest to ensure our business can be continued by the buyer.
- Where is my data stored?
We store your data in the European Union, primarily in the Republic of Ireland.
Whenever we transfer your personal information outside of the UK and the EU, we ensure it receives additional protection as required by law. You can contact us at email@example.com for more detail on this.
- How long do we keep your data for?
We will only retain your personal information for as long as we need it unless we are required to keep it for longer to comply with our legal, accounting or regulatory requirements.
In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We use this anonymised information to analyse our programmes and support other similar programmes around the world.
- What are your rights under data protection laws?
- Access your personal data (also known as a “subject access request”);
- Correct incomplete or inaccurate data we hold about you;
- ask us to erase the personal data we hold about you;
- ask us to restrict our handling of your personal data;
- ask us to transfer your personal data to a third party;
- Object to how we are using your personal data; and
- Withdraw your consent to us handling your personal data.
You also have the right to lodge a complaint with your relevant supervisory authority, you can find which one applies to you here.
We will always aim to comply with these requests unless there is a legal reason why we cannot do so.
Questions, Comments and More Detail
Your feedback and suggestions on this policy are welcome.
We’ve worked hard to create a policy that’s easy to read and clear. But if you feel that we have overlooked an important perspective or used language which you think we could improve, please let us know by email at firstname.lastname@example.org.
Our Information Security Policy is available on request - If you require a copy, please email email@example.com.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all orparts of our site.
|| Google Analytics
|| 24 months
| __hstc & hubspotuk
|| 13 months
| __hssrc & __cfruid
|| Session tracking
|| Heap - User cookie (stores user_id, identity, other ids)
|| 13 months
||Session properties cookie (stores timestamp and cookie domain/path)
|| 30 minutes
|| Event properties cookie (stores properties set by addEventProperties API)
|| 13 months
|| Used to determine which domain a cookie can be set on (since public suffix domains block setting cookies on the top level)
|| Should not persist