<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=533048288489659&amp;ev=PageView&amp;noscript=1">

Privacy Policy


We’re Reward Cloud Limited (CRN: 10051136) trading as Tillo. You can find us at Unit 14 Hove Business Centre, Fonthill Road, Hove, England BN3 6HA.

We provide on-demand access to gift cards from the broadest selection of the world’s favourite brands and always strive to deliver more rewarding experiences for customers everywhere. As a result, we collect personal data about you to provide our service, and we want to be clear and transparent as to what we do with it.

If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us at privacy@tillo.io.

  1. How do we use your data?
    1. When you sign up to Tillo we will collect your name, company details, phone number and email address. We do this in order to perform our obligations under the contract we enter with you and allow for you to use and access Tillo.
    2. When you use Tillo to redeem a gift  we collect your name, address details, phone number and email address. We do this in order to provide the service and allow for you to use and access Tillo.
    3. When you request a demo, report or white paper via our Platform we will collect your name, company name, email address and contact number. We do this under our legitimate interest to respond to your request quickly and efficiently. 
    4. When you contact us either by phone, email or via social media with general queries, we will usually collect your name, social media handle and contact details, because it’s in our legitimate interest to make sure we can properly respond to your query.
    5. When you receive our news updates. We use your name and email address to provide you with our news updates in line with any preferences you’ve told us about including to provide you with white papers and other reports.

      If we send you our news updates because you have opted-in to receive them, we rely on your consent to do so. If you have not opted-in and we send you our news updates, we do this because of our legitimate interest to promote our business. 

      You can unsubscribe at any time by clicking the unsubscribe link at the bottom of any of our emails, or by emailing privacy@tillo.io.

    6. Technical information when you use the Tillo Platform. When you consent, we collect information about how you use our Platform. We use this information to improve our Platform and to better understand how people use it. More detail on this is set out in our cookie policy.
    7. When you attend one of our events or a third party event we also attend (including virtual events via video conferencing providers including Zoom), we will usually collect your name, company details, phone number and email address (we may also collect your address to send you goodies depending on the event!). At our own events we collect this information because it’s in our legitimate interests to know who’s attending our events; and at third party events, we collect this information because it is in our legitimate interests to promote our business. 
    8. When you apply for a job with us. When you enter into the recruitment process with us we may collect your name, contact details, recruitment information (e.g. right to work documentation and references), qualifications, accreditations, test results (inc. technical tests and coding exercises) and any additional information we may receive from our recruitment partners. We will also undertake background screening checks via our third party provider Vero Screening, we do this in order to take steps to enter into an employment contract with you and assess your suitability for a role with us.
    9. If our business is sold. We process your personal information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your personal information in this way, the buyer of our business may not be able to provide services to you. 
  2.  Who do we share your data with?
    1. Business partners, suppliers and subcontractors where you have provided us with your consent to do so including with our third party lead generation platform provider.
    2. Regulators/ Authorities/ Enforcement Agencies if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our clients or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
    3. Promotional events and marketing organisations, we do not sell data for marketing purposes, but may share your data with an event organiser including where we run workshops with co-presenters. We will always tell you before (usually on the event registration form) and you will be given the chance to opt-out before we do this.
    4. Prospective buyers of our business under our legitimate interest to ensure our business can be continued by the buyer.
  3. Where is my data stored?
    1. We store your data in the European Union, primarily in the Republic of Ireland.

      Whenever we transfer your personal information outside of the UK and the EU, we ensure it receives additional protection as required by law. You can contact us at privacy@tillo.io for more detail on this.

  4. How long do we keep your data for?
    1. We will only retain your personal information for as long as we need it unless we are required to keep it for longer to comply with our legal, accounting or regulatory requirements. 

      In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We use this anonymised information to analyse our programmes and support other similar programmes around the world.

  5. What are your rights under data protection laws?
    1. Access your personal data (also known as a “subject access request”);
    2. Correct incomplete or inaccurate data we hold about you;
    3. ask us to erase the personal data we hold about you;
    4. ask us to restrict our handling of your personal data;
    5. ask us to transfer your personal data to a third party; 
    6. Object to how we are using your personal data; and
    7. Withdraw your consent to us handling your personal data.

      You also have the right to lodge a complaint with your relevant supervisory authority, you can find which one applies to you here.

      We will always aim to comply with these requests unless there is a legal reason why we cannot do so.


Questions, Comments and More Detail

Your feedback and suggestions on this policy are welcome.

We’ve worked hard to create a policy that’s easy to read and clear. But if you feel that we have overlooked an important perspective or used language which you think we could improve, please let us know by email at privacy@tillo.io.

Our Information Security Policy is available on request - If you require a copy, please email privacy@tillo.io.

This privacy policy was last updated on 31 March 2021.

Cookie Policy

Our site uses cookies to distinguish you from other users of our site. This helps us to provide you with a good experience when you browse our site and also allows us to improve our site. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. We only use (and store) non-essential cookies on your computer's browser or hard drive if you provide your consent.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all orparts of our site.


 Cookie  Purpose  Duration
 _ga  Google Analytics  24 months
 __hstc & hubspotuk  Marketing/Tracking  13 months
 __hssrc &   __cfruid  Session tracking  session
 _hp2_id.APP_ID  Heap - User cookie (stores user_id, identity, other ids)  13 months 
_hp2_ses_props.APP_ID Session properties cookie (stores timestamp and cookie domain/path)  30 minutes
_hp2_props.APP_ID Event properties cookie (stores properties set by addEventProperties API) 13 months
_hp2_hld.* Used to determine which domain a cookie can be set on (since public suffix domains block setting cookies on the top level) Should not persist


User attribution 

365 days


User attribution - ensures data from subsequent visits are attributed to same user ID

365 days


Session tracking - identifies a new user’s first session



User attributes sent through to Hotjar Identify API that are cached



Stores user attributes sent through to Hotjar Identify API whenever not in the sample - collected attributes saved following interaction with Hotjar feedback tool



Stores user viewport details such as size and dimensions



Session data 

30 minutes


Session data - stops collecting if session becomes too large 



Session data - rejected sessions due to server overload



Session data - set when a session is reconnected to Hotjar servers after a break in connection 



Session data - checks if Hotjar Tracking Code can use local storage, which is deleted almost immediately after it is created

Under 100ms 

_hjIncludedInPageviewSample, _hjIncludedInSessionSample

Session data - set to determine if a user is included in data sampling defined by pageview limit or daily session limit

30 minutes


Session data - pageview

30 minutes


Session - determines most generic cookie path to use to share cookies across subdomains where applicable 



Session recordings 



Session recordings - set in session storage as opposed to cookies



Feedback tool - Set when a user interacts with a link survey invitation modal

365 days


Feedback tool - set when a user completes an on-site survey

365 days


Feedback tool - set when a user minimises an on-site survey and ensures the survey stays minimised when navigating through the site

365 days


Feedback tool - set when a user minimises a feedback widget and ensures the widget loads as minimised when navigating to another page

365 days


Customer support widget - stores visitor ID for widget authentication

365 days


Customer support widget - store’s visitor’s decision on CookieLaw Javascript API

365 days