GDPR Compliance

Last updated: April 8, 2026

If you live in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) gives you specific rights over your personal data. This page explains what those rights are and how to exercise them on tid.

tid is operated by Bitzag LLC, a company based in Kentucky, USA. For the broader picture of what data we collect and why, see our Privacy Policy.

Your rights under GDPR

  • Right of access — You can ask us for a copy of the personal data we hold about you. Most of it is already visible in your Account and Setup pages.
  • Right of rectification — You can correct inaccurate or incomplete data directly in your Account page, or by emailing us.
  • Right of erasure (right to be forgotten) — You can delete your account and all associated content from your Account page. Soft-deleted data is purged within 30 days.
  • Right to restrict processing — You can ask us to limit how we use your data, for example while a complaint is being investigated.
  • Right to object — You can object to specific kinds of processing (e.g., automated content moderation).
  • Right to data portability — You can request a structured, machine-readable export of your posts and account data. Email support@tid.so and we'll send a JSON export.
  • Right to withdraw consent — Where we process data based on your consent, you can withdraw it at any time.

To exercise any of these rights, email support@tid.so. We'll respond within 30 days. We may need to verify your identity before processing the request to protect your account.

Legal basis for processing

We process your personal data on these grounds:

  • Contract — to provide tid as you've requested (running your blog, sending notifications you've opted into, processing your Pro subscription)
  • Legitimate interests — to keep tid secure, prevent abuse, and improve the service in ways that don't override your rights
  • Consent — for anything optional you've opted into (e.g., specific email notification types)
  • Legal obligation — to comply with tax law, fraud reporting, court orders, etc.

How long we keep your data

We keep your data while your account is active. Deleted accounts are purged within 30 days. Server logs are kept up to 90 days for security and abuse monitoring. We may retain limited records longer where required by tax or legal obligations.

Sharing data with third parties

We don't sell your data and we don't share it for marketing purposes. We use a small number of vetted processors (Stripe, MailerSend, Google Analytics, Vultr, ClouDNS) to operate tid — see the Privacy Policy for the full list and what each receives. Each processor is bound by its own GDPR-compliant terms.

International data transfers

tid's servers are in the United States. When you use tid from the EEA, UK, or Switzerland, your data is transferred to the US. Where applicable, we rely on the EU Standard Contractual Clauses or equivalent safeguards through our processors.

Cookies and tracking

For details on what cookies tid sets and how to control them, see the Cookie Policy.

Data breach notification

If we discover a breach affecting your personal data, we'll notify you and the relevant supervisory authority within 72 hours, as required by GDPR.

Children

tid is not intended for anyone under 16, and we don't knowingly collect personal data from children. If you believe a child has signed up, contact us and we'll remove the account immediately.

Complaints

If you believe we've mishandled your personal data and we haven't resolved your concern, you have the right to lodge a complaint with your local data protection authority (in the EEA, the UK, or Switzerland).

Contact

Questions or requests under GDPR? Email support@tid.so.

Bitzag LLC
6844 Bardstown Rd #504
Louisville, KY 40291