Privacy policy
Last updated: 3 June 2026
This privacy policy explains how InsideData Ltd (company number 07776362), trading as Tandem, collects and uses personal data when you visit our website or use our platform.
Who we are
The data controller for the Tandem website and platform is InsideData Ltd, registered in England and Wales.
For privacy enquiries, contact us at hello@tandemb2b.com.
What we collect
We may collect:
- Account data — name, email address, password (stored securely hashed), and organisation details when you register or are invited.
- Usage data — how you use the supplier workspace, partner portal, and APIs (for example pages viewed, actions taken, and technical logs).
- Billing data — subscription and payment information processed by our payment provider (we do not store full card numbers on our servers).
- Communications — messages you send to us and emails we send in connection with your account.
- Technical data — IP address, browser type, device information, and cookies (see our cookie policy).
Suppliers may upload product and partner data. Suppliers are responsible for ensuring they have a lawful basis to share partner or customer personal data with us.
How we use your data
We use personal data to:
- provide and improve the Tandem platform;
- authenticate users and enforce access controls between suppliers and partners;
- process subscriptions and invoices;
- send service, security, and transactional messages;
- comply with legal obligations and respond to lawful requests;
- protect our rights, users, and the security of the service.
We process data on the grounds of contract, legitimate interests (operating and securing the service), consent where required (for example certain marketing cookies), and legal obligation.
Sharing your data
We may share data with:
- Infrastructure and service providers who host or support the platform (for example cloud hosting, email delivery, and payment processing), under appropriate contracts.
- Suppliers and partners where your account relationship requires it (for example a partner invited by a supplier).
- Authorities when required by law.
We do not sell your personal data.
International transfers
If data is processed outside the UK, we ensure appropriate safeguards are in place (for example UK international data transfer agreements or adequacy regulations).
Retention
We keep personal data only as long as needed for the purposes above, including legal, accounting, and dispute resolution requirements. You may request deletion subject to exceptions (for example active subscriptions or legal holds).
Your rights
Under UK data protection law you may have the right to access, rectify, erase, restrict processing, object, data portability, and withdraw consent where processing is consent-based. You may also lodge a complaint with the Information Commissioner's Office (ICO).
To exercise your rights, contact hello@tandemb2b.com.
Security
We implement appropriate technical and organisational measures to protect personal data. No online service can be guaranteed completely secure.
Changes
We may update this policy from time to time. We will post the current version on this page and update the date above.