Privacy Notice

Privacy Notice

Table of Contents

Privacy Notice

At The Tribe we understand that your privacy is important to you and that you care about how your personal data is used. This Privacy Notice sets out how The Tribe uses the personal information, when you use our website, mobile application and related online platform that connects end users with participating affiliate retail stores and commercial businesses (the “Platform”) we are in the process of helping you find a job, continuing our relationship with you once we have found you a role, providing you with a service, receiving a service from you, using your data to ask for your assistance in relation to one of our candidates, or you are visiting our website ("you" and "your'').

 

The Tribe, is a brand name operated by Startribe Ltd is a company based in Cyprus (“Company”, “we” or “us”) that provides customer support services to reputable firms who are active across the world.

 

This Privacy Notice is intended to help you understand why and how we may use your information. Please note that this Privacy Notice does not form part of any contract of employment or another contract to provide services.

 

This Privacy Notice should be read alongside The Tribe’s website TERMS AND CONDITIONS and COOKIES NOTICE.

 

Your acceptance of this Privacy Notice is deemed to occur upon your first use of our Platform as an end user of offers and discounts (“User”) or as a participating retail store or commercial business (“Affiliate”) Users and Affiliates, as applicable, and together the “Platform Users”)..

 

In the event of any discrepancy or inconsistency between the English version of this Privacy Notice and any translation thereof in another language, the English version shall prevail.

For the purposes of this Privacy Notice:

“User” means a natural person who accesses and/or uses the Platform to view, access and/or redeem offers and discounts made available by Affiliates and, where applicable, to purchase goods or services from Affiliates.

“Affiliate” means a retail store or other commercial business that participates in the Platform in order to promote its goods or services, publish offers and discounts and receive related statistics and analytics regarding User engagement.

“QR Code” means the unique quick response code generated by the Platform, which enables Users to access and redeem the applicable discounts offered by Affiliates.

 

1. DATA PROTECTION PRINCIPLES

We will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the applicable local data protection legislation, the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003 and the- EU Regulation No. 2016/679 the General Data Protection Regulation (collectively “GDPR”). Where an obligation imposed by the applicable local data protection legislation and the GDPR are the same, but the terminology is different, The Tribe will comply with the terminology and wording used in the applicable local data protection legislation, and this will constitute The Tribe’s compliance with the equivalent obligations in the GDPR. If the GDPR imposes an obligation on The Tribe that is not imposed by the applicable local data protection legislation, or the GDPR obligation is more onerous than the equivalent obligation in the applicable local data protection legislation, The Tribe will comply with the GDPR.This means that the personal data we hold about you must be:

●     Used lawfully, fairly and in a transparent way;

●     Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;

●     Relevant to the purposes we have told you about and limited only to those purposes;

●     Accurate and kept up to date;

●     Kept only as long as necessary for the purposes we have conveyed to you;

●     Kept securely at all times.

 

2. THE KIND OF INFORMATION WE HOLD ABOUT YOU

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We use your personal data to provide and improve our services, acting as a licensed HR agency,  to operate the Platform as an intermediary digital marketplace between Users and Affiliates, to enable Users to access and redeem offers and discounts, to enable Affiliates to publish and manage such offers and to receive related statistics and analytics, and for security purposes, among other reasons.

 

Please see below the type of personal information and examples which are illustrative and non-exhaustive:

●     Information about you: Name, address, date of birth, marital status, nationality, gender, photo, and preferred language, biometric data, details of any disabilities, work restrictions, and/or required accommodations;

●     Information relating to your Identify: ID, photographs, passport and/or driving license details, electronic signatures;

●     Information relating to your contact data: Name, address, telephone, and email address;

●     Information about your special Categories of Data/ ‘Sensitive’ Data: includes details about your religious, annual income, biometric data, and/or criminal convictions and offences;

●     Information about your suitability to work for us and/or our clients: References, interview notes, work visas ID information such as passport details and driving license information, records/results of pre-employment checks, including criminal record checks, credit and fraud checks;

●     Information relating to your skills and experience: CVs, resumes and/or application forms, references, records of qualifications, skills, training, and other compliance requirements;

●     Information relating to the terms of employment with us: Letters of offer and acceptance of employment, your employment contract, location, billing, and subscription information;

●     Information that we need to pay you: Bank account details, certificate of non-bankruptcy, national insurance or social security numbers (where applicable), salary and benefits, and expense allowances;

●     Information that we need to provide you with benefits and other entitlements: Length of service information, health information, leave requests;

●     Information relating to your pension entitlements: Pensionable salary, pension base, annual pension accrual, pension benefits;

●     Information to allow you to access our buildings and systems: Computer or facilities access and authentication information, identification codes, passwords, answers to security questions, photographs, and video images (including those captured via CCTV);

●     Information relating to your performance at work: Performance assessments and ratings, leadership ratings, financial interests, directorships, targets, objectives, records of performance reviews, development records and/or notes of one-to-ones and other meetings, personal development plans, training recommended and completed, personal improvement plans, secondments, correspondence, reports;

●     Information relating to sickness and absence management: Absence and time-keeping records, start and end date of reporting in sick, sick certificates, percentage of sickness and absence per employee, address where an employee is being treated (when different than home address);

●     Information relating to discipline, grievance, and other employment-related processes: Interview/meeting notes or recordings, correspondence;

●     Information required to ensure your independence and the independence of our Company: Financial interests, including publicly available debt, equity securities, tradable financial notes issued by banks, mutual funds, hedge funds, money market funds, unit investment trusts and other investment vehicles;

●     Information relating to technical data: includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in type and versions, operating system and platform, and other technologies on the devices you use to access the Website and use of cookies stored on your device;

●     Information relating to usage data: includes information about how you use Website, products and Services and IP history;

●     Information relating to location data: includes details on your actual location when interacting with our Website (for example, a set of parameters that determine regional settings of your interface, namely residency country, time zone, and the interface language);

●     Information relating to marketing and communications data: includes your preferences in receiving marketing from us and our third parties and your communication preferences;

●     Information about your audio data: includes full voice recordings of calls that you receive from us or make to us;

●     Information about aggregated data: includes statistical or demographic data for any purpose. Such data may be derived from your personal data but are not considered personal data under the law, as they do not directly or indirectly reveal your identity. An example of such data is the aggregation of usage data to calculate the percentage of users accessing a specific website feature or showing preference for products/services. Without limiting the above, if Tribe combines Aggregated Data with other data in a way that makes it possible to identify the data subject, then Tribe will treat such combined data as personal data in accordance with the provisions of this policy.

●     Information specific to Users of the Platform: this may include your unique verification code, details of offers and discounts you view or redeem, details of your interactions with particular Affiliates via the Platform, and, where made available to us, information relating to your purchases from Affiliates (such as transaction value, date and time, and store or offer identifier) for the purposes described in this Privacy Notice.

●     Information specific to Affiliates using the Platform: this may include your business contact details, store details, information about the offers and discounts you publish, and statistics and analytics regarding User engagement with your store and offers (for example, views, clicks, redemptions and related aggregated transaction data).

 

3. HOW WE USE PARTICULARLY SENSITIVE PERSONAL INFORMATION

Some types of information are classified as ‘sensitive’ for the purposes of the GDPR and there are additional restrictions on how we may use and hold this information. Sensitive personal information is information that relates to a person’s:

▶ Racial and ethnic origin;

▶ Physical or mental health;

▶ Genetic or biometric data;

▶ Alleged or actual criminal convictions and proceedings.

 

The above are merely illustrations and we do not collect all of the above information. However, we may, if absolutely necessary, be required to collect some information that may be classified as “sensitive”. Generally, it is necessary to obtain your consent before we can hold and use such information. However, we may hold and use such information without consent for limited statutory purposes such as monitoring compliance with our equal opportunities policies and health and safety rules, or if necessary to protect your vital interests, for legal claims, or in the public interest.

 

In any case, we will make clear the purposes for which we wish to use your sensitive information when it is being collected, and, if necessary, obtain your consent at that time.

 

4. INFORMATION ABOUT CRIMINAL RECORD

 

We collect and maintain information as to whether you have a clean criminal record for purposes of complying with our legal and regulatory obligations as your employer. In doing so we have in place an appropriate policy and safeguards to maintain such information.

 

5. HOW IS YOUR PERSONAL INFORMATION COLLECTED

 

We collect personal data about you through the information you provide to us either directly from your or sometimes from a third party contractor and/or other recommendations. We may also collect additional personal information in the course of job-related activities.

In relation to the Platform, we collect personal data about Users when you register and/or log in using your unique verification code or the QR code, when you browse, view or redeem offers and discounts, and when you interact with Affiliates via the Platform. We collect personal data about Affiliates when you register to participate in the Platform, when you access your Affiliate account via a secure link sent to your registered email address, and when you create, publish or manage offers and discounts and view related statistics and analytics. We may also receive limited transactional data from Affiliates or their service providers (for example, that a particular offer was redeemed, at which store and on which date and time, and the value of the transaction), to enable us to track the use of offers and discounts, to prevent fraud and abuse and to provide reporting and analytics to Affiliates, as described in this Privacy Notice.

 

6. HOW WE WILL USE INFORMATION ABOUT YOU

 

We will process your personal data in order to allow us to efficiently perform our contract with you and to enable us to comply with our legal obligations. In some cases we may use your personal data to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests. We are using Legitimate Interest as our legal basis for processing the following data:

Legitimate Interest – Article 6(1)(f) says: “processing is necessary for the purpose of the legitimate interest pursued by the controller or by the third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data”

The situations in which we will process your personal information are listed below (Permitted Purposes).

Please see below the purposes for which we need your personal data and examples which are illustrative and non-exhaustive.

In addition, in relation to Users and Affiliates of the Platform, we will process your personal data for the following Permitted Purposes:

 

Operation of the Platform and provision of services to Platform Users:

●    To register Users and provide access to the Platform, including via unique verification code login, and to manage your account and preferences.

●    To enable Users to browse, view and redeem offers and discounts made available by Affiliates and, where applicable, to be redirected to Affiliates’ own channels to complete purchases.

●    To track the use and redemption of offers and discounts, to prevent and detect fraud and abuse, and to verify that eligibility and redemption conditions are met.

●    To provide Users with information about relevant offers and discounts on the basis of your use of the Platform, where permitted by applicable law and, where required, with your consent.

 

Operation of the Platform and provision of services to Affiliates:

●    To register Affiliates to participate in the Platform, to create and manage Affiliate profiles, and to provide access to the Affiliate dashboard via secure email links.

●    To enable Affiliates to create, publish, manage and withdraw offers and discounts and to monitor User engagement in relation to their store and offers.

●    To generate and provide Affiliates with statistics and analytics about User engagement and activity in relation to their store and offers (for example, number of views, clicks, redemptions and related aggregated transaction values), in order to measure campaign performance and optimise offers.

 

Analytics and improvement of the Platform:

●    To carry out analytics, reporting and statistical analysis on an aggregated and/or pseudonymised basis regarding the use of the Platform by Users and Affiliates, in order to understand performance, improve the design and functionality of the Platform, and develop new features and services.

 

Marketing and communication (Platform context):

●    To send Users and Affiliates communications about Platform updates, new features, and relevant offers or campaigns, where allowed under applicable law and, where required, on the basis of your consent. You may opt out of such marketing at any time by following the unsubscribe instructions in our communications or by contacting us.Legal purposes:

●        To comply with our legal obligations, including anti-bribery and corruption, conflicts of interest and money laundering;

●        To keep a register of violations, incidents or personal data breaches.;

●        In a take-over or merger, providing information to a future purchaser of the Company or any part of the Company’s business.

Some of the above grounds for processing will overlap and there may be several grounds that justify our use of your personal information.

 

7. IF YOU FAIL TO PROVIDE PERSONAL INFORMATION

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as paying you or providing a benefit), or we may be prevented from complying with our legal obligations (such as to ensure the health and safety of our workers).

 

8. CHANGE OF PURPOSE

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the purpose for which it has been collected. In such a case we shall notify you and we will explain the legal basis which allows us to do so.

 

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

 

9. AUTOMATED DECISION-MAKING

We generally do not use automated decision-making. If we use this procedure in individual cases, we will inform you of this separately.

 

10. SHARING YOUR DATA

We may share your data on a strictly confidential basis in the following circumstances, the following are examples of where and how your information may be transferred, but please note this is not an exhaustive list and that due to ongoing changes in our IT and operational infrastructure this may change at any time:

●        We may share your data with our clients and clients’ group companies for Recruitment purposes, to increase your chances of finding suitable employment and provide you with working opportunities;

●        We may share your data with third-party partners, including third-party service providers that provide us their services;

●        We may share your data with affiliated, associated entities of the Company and other entities under the same ownership going all the way back to the same ultimate beneficial owner;

●        If the Company merges with or is acquired by another business or company in the future, (or is in meaningful discussions about such a possibility) We may share your personal data with the (prospective) new owners of the Company;

In relation to the Platform, and in addition to the above:

●    We may share limited personal data of Users with the relevant Affiliates where this is necessary to validate and administer the redemption of offers and discounts and to attribute transactions to a particular offer or campaign (for example, your unique verification code or another identifier, together with information that an offer was redeemed at a particular store, on a particular date and time, and the value of the transaction). We do not provide Affiliates with direct access to your full profile or contact details unless this is strictly necessary for the provision of the Affiliate’s goods or services and you have been informed accordingly.

●    We may share aggregated and/or pseudonymised analytics derived from User data with Affiliates (for example, number of Users who viewed or redeemed a particular offer, and aggregated transaction values), so that Affiliates can measure the performance of their campaigns and or various statistical results. Such aggregated data does not directly identify individual Users.

We require third parties to respect the security of your data and to treat it in accordance with the law. We do not allow third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

11.INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

We share your personal data with our partners, affiliated and related companies. This will involve transferring your data outside the European Union. A transfer to a recipient in a third country would only take place where one of the following applies:

1.     The individual has given consent to the transfer of information;

2.    The transfer is necessary for the performance of a contract between the individual and the Company, or the implementation of pre-contractual measures taken in response to the individual’s request;

3.    The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between us and a third party;

4.    The transfer is necessary or legally required on important public interest grounds or for the establishment, exercise or defense of legal claims.;

5.    The transfer is required by law;

6.    The transfer is necessary in order to protect the vital interests of the individual’

7.     The transfer is made under a data transfer agreement;

8.    The transfer is otherwise legitimized by applicable law.

When making transfers between to a third country, we will ensure that they are subject to appropriate security measures and safeguards as deemed appropriate, under GDPR and the relevant national and international laws. This may include entering into the appropriate contractual relationships to regulate any such transfers and safeguard any personal information transferred to them. In such cases, we require that all recipients of your data provide appropriate safeguards to protect your data, when it is transferred to Third Countries, through the adherence to standard data protection clauses adopted by the EU Commission (cf. the GDPR article 46(2) and/or binding corporate rules adopted by the EU Commission (cf. GDPR article 47).

 

In particular, if a data transfer is required to a processor located in third country in order for us to be able to provide you with a working opportunity, we will, prior to proceeding with such transfer, provide you with more information on the particular data protection laws and regulations regulating the collection and processing of data in that particular jurisdiction.

If you want to obtain further information on any data transfers mentioned above please contact us through the points of contact listed in the section OUR CONTACT DETAILS below.

 

12. DATA SECURITY

We have put in place measures to protect the security of your information. Details of these measures are available upon request. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

 

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

 

Details of these measures may be obtained from the DPO in the section OUR CONTACT DETAILS below.

 

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

 

13. DATA RETENTION

How long will we use and keep your information

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

In some circumstances, we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

 

Once you are no longer an employee or third-party contractor we will retain and securely destroy your personal information for a period of 5 years (which may be extended under certain circumstances to 7) in accordance with our data retention policy or as may be required by applicable laws and regulations.

 

14. RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION

Under certain circumstances, by law, you have the right to:

●        Request access to your personal information;

●        Request correction of the personal information that we hold about you;

●        Request the erasure of your personal information;

●        Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;

●        Request the restriction of processing of your personal information;

●        Request the transfer of your personal information to another party.

 

If you want to review, verify, correct or request the erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact the Human Resources Department in writing.

 

15. DATA PROTECTION OFFICER

 

We have appointed a data protection officer (DPO) to oversee compliance with this Privacy Notice. If you have any questions about this Privacy Notice or how we handle your personal information, please contact the DPO. You have the right to make a complaint at any time to the Commissioner for the protection of personal data’s Office, the Cyprus supervisory authority for data protection issues.

 

16. CHANGES TO THIS PRIVACY NOTICE

This Privacy Notice was last updated 30/09/2025. We reserve the right to update this Privacy Notice at any time, and we will provide you with a new Privacy Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

 

17. OUR CONTACT DETAILS

If you have any questions about this Privacy Notice, please contact our DPO officer at [email protected].

 

To enable us to process your request we may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification. This is to ensure that we appropriately protect the personal data we hold from unauthorized access requests and comply with our security obligations.

Return to the table of contents