Privacy Policy

1. Introduction / Who We Are

RemoteTide is a remote job board operated from Canada. We connect employers who post remote job opportunities with job seekers looking for remote work. We are the data controller for the personal information collected through this Service.

As a Canadian operator, we are subject to PIPEDA, which requires that we collect personal information only with consent, use it only for the purposes we disclose, allow you to access and correct it, and be accountable for how it is handled. Our designated privacy officer can be reached at hello@remotetide.com.

This policy applies to everyone who visits or uses remotetide.com, including:

• Job seekers — anyone who browses job listings or signs up for job alert emails.
• Employers — companies or individuals who post job listings on our platform.
• Visitors — anyone who views our website without taking any further action.

2. Information We Collect

2.1 Job Seekers

We do not require job seekers to create an account, log in, or provide any personal information to browse and apply for jobs. Job seekers interact with RemoteTide as anonymous visitors by default.

The only personal data we collect from job seekers is their email address — and only if they voluntarily sign up for our weekly job alert emails. Providing this information is your consent under PIPEDA for us to send you those emails. When signing up, job seekers may optionally provide:

• Email address (required to receive alerts)
• Job category preferences, e.g., “Engineering” or “Design” (optional)
• Keyword filters, e.g., “React” or “senior” (optional)

We store this information to send you the emails you requested. We do not build a profile on you, track your browsing history, or sell your email address. You can unsubscribe at any time using the link in any alert email.

2.2 Employers

When an employer posts a job listing, we collect:

• Company name and website URL
• Job title and description
• Application URL (where candidates apply)
• Contact email address (used to send the listing management link)
• Payment transaction data (processed entirely by Stripe — we never see or store card numbers, expiry dates, or CVV codes)

After payment, we send the employer a management link via email. This link allows the employer to edit or close their listing and expires after 30 days. There are no employer accounts or passwords. We do not store any persistent authentication credentials for employers.

2.3 Technical and Analytics Data

Like all websites, our servers and analytics tools collect certain technical information automatically when you visit:

• Your IP address (used for abuse prevention and geographic analytics)
• Browser type and version
• Operating system
• Pages viewed and time spent on those pages
• Referring URLs (how you arrived at our site)
• Mouse movements, clicks, and scroll behavior (collected for UX improvement — see Section 5)

We do not use tracking cookies for job seekers. We do not serve advertising or retargeting pixels.

3. How We Use Your Information

We use collected data for the following purposes only:

• Delivering job alert emails — to send you the weekly digest you signed up for. Legal basis (GDPR): contract performance. Consent basis (PIPEDA): your opt-in signup.
• Processing job listings — to publish, manage, and tag employer listings on the platform. Legal basis: contract performance.
• Sending transactional emails to employers — to deliver payment confirmations, management links, and listing status updates. Legal basis: contract performance.
• AI-powered job tagging — to automatically categorize job listings by skills and seniority level. Only job description text is processed — no personal information is included. Legal basis: legitimate interests.
• Analytics and site improvement — to understand how visitors use the site and improve the product. Legal basis: legitimate interests.
• Security and fraud prevention — to detect abuse, bot traffic, and spam job postings. Legal basis: legitimate interests.
• Legal compliance — to comply with applicable laws and respond to lawful requests. Legal basis: legal obligation.

4. Legal Bases for Processing (GDPR)

If you are in the EU or EEA, the GDPR requires us to have a lawful basis for processing your personal data. Our bases are:

• Contract performance — processing necessary to deliver the service you requested (job alerts, listing management links, payment confirmation).
• Legitimate interests — analytics, UX improvement, and security, where our interest does not override your rights.
• Legal obligation — where we must process data to comply with applicable law.
• Consent — where we ask for and receive your explicit agreement (e.g., marketing emails). You may withdraw consent at any time without affecting prior processing.

Under PIPEDA, we rely on your informed consent for collection of personal information. Where consent is implied by the context (e.g., providing an email to receive email alerts), we rely on that implied consent. You may withdraw consent at any time, subject to legal or contractual restrictions.

5. Third-Party Services

We do not sell, rent, or trade your personal data to any third party. We share data only with service providers necessary to operate RemoteTide, and only to the extent each service needs it to function. All providers are contractually obligated to keep your data confidential and secure.

We may also disclose data if required by law, court order, or to protect the rights and safety of RemoteTide, our users, or the public.

The following describes the categories of third-party services we use, grouped by function:

6. Cookies and Tracking

RemoteTide does not use advertising cookies, retargeting pixels, or cross-site tracking cookies for job seekers. We do not serve ads.

The following limited cookies or local storage may be used:

• Session recording cookies — used by our session recording tool to maintain recording continuity across page loads within a session.
• Analytics cookies — used to distinguish unique visitors for product analytics. These are first-party cookies stored on remotetide.com.
• Security cookies — our hosting infrastructure may set technical cookies to distinguish human visitors from bots and prevent abuse.

You can control or delete cookies through your browser settings. Disabling cookies will not prevent you from browsing or applying for jobs on RemoteTide, as no core functionality depends on cookies.

7. Data Retention

• Job seeker alert subscriptions — retained until you unsubscribe. After unsubscribing, your email address is deleted from our active list within 30 days. We may retain a suppression record (hashed email) to prevent accidental re-subscription.
• Employer listing data — retained for the duration the listing is active, plus a reasonable period thereafter (up to 24 months) for legal and business record-keeping purposes. Employer contact email is retained alongside the listing record.
• Payment records — Stripe retains transaction records per their own data retention policies and financial regulatory requirements. We retain payment confirmation metadata (amount, plan, date) for our own financial records.
• Analytics and session recording data — retained for up to 12 months, depending on tool configuration.
• Server logs — access logs are retained for up to 30 days for security and debugging purposes.

8. Your Rights

Depending on where you are located, you have the following rights regarding your personal data. To exercise any of them, email us at hello@remotetide.com with the subject line “Privacy Request.” We will respond within 30 days (or the timeframe required by applicable law).

8.1 Rights for Canadian Residents (PIPEDA)

• Right of access — you can request a description of the personal information we hold about you and how it is being used.
• Right to correct — you can challenge the accuracy or completeness of your personal information and request that we correct it.
• Right to withdraw consent — you can withdraw consent to our collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions and reasonable notice.
• Right to complain — if you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca.

8.2 Rights for EU / EEA Residents (GDPR)

• Right of access — you can request a copy of the personal data we hold about you.
• Right to rectification — you can ask us to correct inaccurate data we hold about you.
• Right to erasure — you can request that we delete your personal data. We will comply unless we have a legal obligation to retain it.
• Right to data portability — you can request your data in a structured, machine-readable format.
• Right to object — you can object to processing based on legitimate interests, including profiling. You may object to session recording and analytics by contacting us or using your browser's tracking protection features.
• Right to restrict processing — you can ask us to pause processing your data in certain circumstances.
• Right to withdraw consent — where processing is based on consent, you can withdraw at any time without affecting the lawfulness of prior processing.
• Right to lodge a complaint — you may lodge a complaint with your local data protection supervisory authority (for example, the ICO in the UK or the relevant EU member state authority).

8.3 Rights for California Residents (CCPA / CPRA)

• Right to know — you can request disclosure of what personal information we collect, use, share, or sell.
• Right to delete — you can request deletion of your personal information, subject to certain exceptions.
• Right to correct — you can request that we correct inaccurate personal information we hold about you.
• Right to opt out of sale or sharing — we do not sell personal information or share it for cross-context behavioral advertising. There is nothing to opt out of under this right.
• Right to limit use of sensitive personal information — we do not collect sensitive personal information as defined under the CPRA (such as Social Security numbers or precise geolocation). This right is not applicable to our current data practices.
• Right to non-discrimination — exercising your privacy rights will not result in different levels of service.

9. International Data Transfers

RemoteTide is operated from Canada. Our infrastructure is located in the United States. If you are located outside the United States — including in the EU, EEA, or Canada — your data may be transferred to and processed in the United States, where data protection laws may differ from those in your country.

Where required by applicable law, we rely on lawful transfer mechanisms such as Standard Contractual Clauses (SCCs) when transferring personal data from the EU/EEA to the United States. You can contact us at hello@remotetide.com to request information about the specific transfer mechanisms we rely on.

10. Children's Privacy

RemoteTide is not directed at children under the age of 16. We do not knowingly collect personal information from anyone under 16. If we become aware that we have inadvertently collected data from a child under 16, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at hello@remotetide.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will update the “Last updated” date at the top of this page. For significant changes, we will provide additional notice where practicable — such as a prominent notice on the site or, if you are a subscriber, an email notification.

We encourage you to review this policy periodically. Your continued use of RemoteTide after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact our designated privacy officer at the address below. Use the subject line “Privacy Request” so we can route it correctly:

Canadian residents who are not satisfied with our response may file a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.

EU/EEA residents who are not satisfied with our response have the right to lodge a complaint with their local data protection supervisory authority, as described in Section 8.2.