Privacy Policy

Last updated: June 2025

1. Introduction

Tride Mediation Technologies Limited ("TRIDEMT," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our B2B financial services platform.

This policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws. We are registered in Malta (Company Registration Number: C 112321) and operate throughout the European Union.

2. Data Controller Information

Identity: Tride Mediation Technologies Limited

Registration: C 112321 (Malta)

Address: Malta, EU

Contact: Contact our DPO

Website: tride.mt

3. What Data We Collect

3.1 Business Information

• Company name and registration details
• Business address and contact information
• VAT number and other tax identifiers
• Financial institution details for payment processing

3.2 Personal Data of Business Representatives

• Name and professional title
• Business email address
• Business phone number
• Role within the organization

3.3 Transaction and Financial Data

• Invoice and payment information
• Transaction history and patterns
• Credit and liquidity data
• Dispute resolution records

3.4 Technical Data

• IP address and device information
• Browser type and version
• Time zone and location settings
• Platform usage data and analytics
• Login and authentication data

4. Legal Basis for Processing

We process your personal data under the following legal bases:

Purpose	Legal Basis
Providing our SaaS services	Contract performance (Article 6(1)(b) GDPR)
Account management and support	Contract performance (Article 6(1)(b) GDPR)
Billing and payment processing	Contract performance (Article 6(1)(b) GDPR)
Legal and regulatory compliance	Legal obligation (Article 6(1)(c) GDPR)
Fraud prevention and security	Legitimate interests (Article 6(1)(f) GDPR)
Service improvements and analytics	Legitimate interests (Article 6(1)(f) GDPR)
Marketing communications	Consent (Article 6(1)(a) GDPR) or Legitimate interests

5. How We Use Your Data

5.1 Service Delivery

• Process B2B payments and transactions
• Manage liquidity and funding cycles
• Resolve invoice disputes through AI-powered reconciliation
• Provide analytics and reporting features
• Enable integration with financial institutions via Linkcy.io

5.2 Account Management

• Create and manage user accounts
• Authenticate users and manage access controls
• Provide customer support and respond to inquiries
• Send service-related notifications

5.3 Business Operations

• Process payments and manage subscriptions
• Comply with legal and regulatory requirements
• Prevent fraud and ensure platform security
• Analyze usage patterns to improve our services
• Conduct business intelligence and reporting

6. Data Sharing and Disclosure

We may share your data with:

6.1 Service Providers

• Linkcy.io: Our embedded finance partner for payment processing and financial services
• Cloud Infrastructure Providers: EU-based data centers for hosting
• Analytics Providers: For service improvement and performance monitoring
• Support Tools: Customer service and ticketing systems

6.2 Legal Requirements

We may disclose data when required by:

• Court orders or legal proceedings
• Regulatory authorities (financial regulators, tax authorities)
• Law enforcement agencies
• To protect our rights, property, or safety

6.3 Business Transfers

In case of merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to the same privacy protections.

7. Data Retention

We retain your data for as long as necessary to:

• Provide our services during your active subscription
• Comply with legal obligations (typically 7 years for financial records)
• Resolve disputes and enforce agreements
• Maintain business records for legitimate purposes

Upon account termination, we will delete or anonymize your data within 90 days, except where longer retention is required by law.

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
• Access Controls: Role-based access, multi-factor authentication
• Infrastructure: EU-based secure data centers with 24/7 monitoring
• Regular Audits: Security assessments and penetration testing
• Incident Response: Documented procedures for data breach management
• Employee Training: Regular data protection and security training

9. Your Rights Under GDPR

As a data subject, you have the following rights:

9.1 Right to Access (Article 15)

Request a copy of your personal data and information about how we process it.

9.2 Right to Rectification (Article 16)

Request correction of inaccurate or incomplete personal data.

9.3 Right to Erasure (Article 17)

Request deletion of your personal data ("right to be forgotten") in certain circumstances.

9.4 Right to Restriction (Article 18)

Request limitation of processing in specific situations.

9.5 Right to Data Portability (Article 20)

Receive your data in a structured, machine-readable format.

9.6 Right to Object (Article 21)

Object to processing based on legitimate interests or for direct marketing.

9.7 Right to Withdraw Consent

Where processing is based on consent, you may withdraw it at any time.

9.8 Right to Complain

Lodge a complaint with the Malta Information and Data Protection Commissioner or your local supervisory authority.

To exercise these rights, contact us at privacy@tride.mt. We will respond within one month of receipt.

10. International Data Transfers

We store and process all data within the European Union. We do not transfer personal data outside the EU/EEA unless:

• The destination country has an adequacy decision from the European Commission
• Appropriate safeguards are in place (Standard Contractual Clauses)
• You have explicitly consented to the transfer

11. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain session state and authentication
• Remember user preferences
• Analyze platform usage and performance
• Ensure security and prevent fraud

For detailed information, please see our Cookie Policy.

12. Children's Privacy

Our services are designed for business use only. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware of such collection, we will delete the data immediately.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes via:

• Email notification to registered users
• Prominent notice on our platform
• Update of the "Last updated" date

Continued use of our services after changes indicates acceptance of the updated policy.

14. Contact Us

For privacy-related questions, requests, or concerns:

Data Protection Officer
Tride Mediation Technologies Limited
Malta, EU
Email: privacy@tride.mt
Website: tride.mt

15. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is:

Office of the Information and Data Protection Commissioner (IDPC)
Floor 2, Airways House
Triq Il-Kbira
Luqa LQA 1549
Malta
Website: idpc.org.mt