Privacy Policy
Effective date: January 1, 2026. Tidesrokus Consulting LLC ("we", "us", "our") is committed to protecting personal data we collect while delivering negotiation advisory services to businesses. This Privacy Policy explains what personal data we collect, why we process it, how we protect it, and the rights available to individuals. We operate from the United States and our primary office is at 150 Federal St, Suite 100, Boston, MA 02110, USA. Our primary contact for data protection matters is [email protected] or via the postal address above. This policy applies to all visitors, clients, and partners who interact with our website, communications, or services. We collect and process personal data strictly for legitimate business purposes such as delivering services, communicating with clients, improving our offerings, complying with legal obligations, and protecting our business interests. We limit the amount and retention of data to what is necessary for those purposes and apply appropriate technical and organizational measures to keep information secure. If you represent a company and provide contact details, we treat those details as business contact data, not as special categories of personal data, unless you explicitly provide other sensitive information in a secure, documented context.
Contact
Tidesrokus Consulting LLC150 Federal St, Suite 100
Boston, MA 02110, USA
Data we collect
We collect personal data that is necessary to provide our services and operate our website. This includes contact details (name, work email, business phone, job title, company), transactional information (service agreements, invoices), communications (email correspondence, meeting notes when authorized), and technical data collected automatically when you visit our website (IP address, browser type, device information, pages viewed, and consent choices). When you share information about specific deals, we may process contextual details such as deal size, stakeholders, timelines, and commercial constraints; we do not seek or require special category personal data. We also collect anonymous analytics and aggregated performance data to measure service outcomes and improve our playbooks. We avoid collecting more personal data than necessary and we restrict access internally to those team members who need data to perform their roles. Where we rely on third-party tools for email, scheduling, or analytics, those vendors process data on our behalf under contract and with controls in place to protect the information they handle.
How we use data
We use personal data to provide and improve our negotiation advisory services, to communicate about engagements and appointments, to perform contractual obligations, and to comply with applicable laws. Examples include: scheduling and conducting strategy calls, preparing diagnostic briefs and playbooks, invoicing and receiving payments, administering user accounts and access, detecting and preventing fraud, and maintaining audit trails for service delivery. We may aggregate data to produce anonymized insights that inform playbook improvements and case studies; aggregated data cannot be used to re-identify individuals. We do not sell personal data. When we send marketing communications, we rely on consent or legitimate interest where permitted; each marketing message includes an easy way to opt out. We retain personal data as long as necessary to fulfill the purpose for which it was collected and to meet legal, tax, and regulatory obligations, then securely delete or anonymize the data unless retention is required for a legitimate business purpose documented in our records retention schedule.
Legal bases and sharing
For individuals in jurisdictions that require a legal basis, we rely on the following: (1) performance of a contract when processing is necessary to deliver services; (2) legitimate interests to operate and improve our business (balanced against individual rights); and (3) consent for optional marketing communications. We share personal data with service providers who perform functions on our behalf, such as scheduling platforms, email delivery services, cloud hosting, analytics providers, and payment processors. All third-party processors are selected carefully and operate under written contracts that require appropriate data protections. We may disclose personal data if required by law, to respond to lawful requests by public authorities, or to protect our legal rights and safety. When we transfer data across borders, we ensure adequate safeguards such as standard contractual clauses, binding corporate rules, or other lawful transfer mechanisms appropriate to the jurisdiction. We keep a record of our processors and transfers to ensure compliance with applicable law.
Cookies and tracking
Our website uses cookies and similar technologies to enable essential site functionality, maintain session state, and collect analytics that help us understand site performance and user behavior. We use strictly necessary cookies to support navigation and security. Performance and analytics cookies are used to measure site usage and improve content. We also use optional preferences cookies to remember consent choices. The cookie consent control visible on the site allows you to accept or reject non-essential cookies; your choice is stored locally and respected on subsequent visits. If you disable analytics cookies, we will limit tracking to essential site operations only. We do not combine analytics data with personal data for marketing unless you have provided consent. Third-party widgets or embedded content may set their own cookies; we encourage users to review those providers' policies for further details. For enterprises that require more control, we will implement contractually agreed boundary settings for data processing during engagements where required.
Data retention and security
We retain personal data for the period necessary to fulfill the purposes described above, to satisfy contractual obligations, and to meet legal and regulatory requirements. Typical retention periods include active engagement data for the duration of the engagement plus a defined archival period to meet accounting and dispute resolution needs. We apply administrative, technical, and physical safeguards to protect data against unauthorized access, disclosure, alteration, and destruction. These safeguards include access controls, encryption at rest and in transit where appropriate, regular reviews of third-party processors, and internal security policies and training. While we take reasonable measures to protect data, no system is completely secure; if we discover a security incident affecting personal data, we will follow our incident response procedures and notify affected parties and authorities where required by law.
Your rights and choices
Depending on your jurisdiction, you may have rights regarding your personal data, including the right to access, correct, port, restrict processing, object to processing, and request deletion of your personal data. To exercise these rights, please contact us at [email protected] or by postal mail to the address above. We will verify your identity before responding to requests. If you receive marketing communications you do not wish to receive, use the unsubscribe link in the message or contact us and we will remove you from marketing lists. If you are a business contact and prefer limited processing for marketing, notify us and we will respect your preferences to the extent permitted by applicable law and contractual obligations. You may also lodge a complaint with a supervisory authority in your jurisdiction if you are not satisfied with our response to a privacy request.
Children and protected data
Our services are designed for business-to-business engagements and are not intended for children. We do not knowingly collect personal data from minors under applicable minimum ages. We do not seek or process special categories of personal data, such as health data or religious information. If you believe we have collected such information in error, please contact us immediately so we can take appropriate action to remove it where required.
Changes to this policy
We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or service features. Material changes will be posted to this page with an updated effective date. We encourage you to review this policy regularly. Continued use of our services after such changes constitutes acceptance of the updated terms. For material changes that affect previously collected personal data or use cases, we will provide additional notice by email to known contacts where required by law.
Contacting us
If you have questions, requests, or concerns about this Privacy Policy or our handling of personal data, contact our privacy team at [email protected] or by mail at: Tidesrokus Consulting LLC, Attn: Privacy, 150 Federal St, Suite 100, Boston, MA 02110, USA. We aim to respond to privacy inquiries within a reasonable timeframe and in accordance with applicable legal requirements. If you are a resident of the European Economic Area or another region with specific privacy protections, we will follow the rules and timeframes required by local law when responding to your request.