Privacy Policy

TeamTreat is a software platform used by organizations to manage employee celebrations, such as birthdays and special occasions, and coordinate associated deliveries.

Organizations that use TeamTreat act as data controllers for their employee data. TeamTreat acts as a data processor providing the technology used to manage this information.

If you have questions about this Privacy Policy, you can contact us at: [email protected]

We collect the following types of information depending on how the service is used.

Account Information

When an organization signs up for TeamTreat we may collect:

• Name
• Email address
• Organization name
• Account credentials
• Role within the organization

Organization Information

Organizations may configure:

• Organization name
• Delivery address
• Organization identification number (if provided)

Employee Data Provided by Customers

Organizations may upload limited employee data including:

• Employee name
• Work email address (optional)
• Birthdate
• Dietary requirements (optional)

This data is provided and controlled by the organization using TeamTreat.

Usage Information

We may collect limited technical information to operate and secure the service, including:

• Login timestamps
• Error logs
• Basic usage metrics
• Device and browser information

We use collected information to:

• Provide and operate the TeamTreat platform
• Enable organizations to manage workplace celebrations
• Maintain system security
• Provide support to customers
• Improve and maintain our services

We do not sell personal data.

Where applicable under the UK GDPR and EU GDPR, we process personal data under the following legal bases:

• Contractual necessity - to provide the TeamTreat service
• Legitimate interests - maintaining platform security and improving service reliability
• Consent - where required (such as optional cookies)

Organizations using TeamTreat are responsible for ensuring they have an appropriate legal basis for the employee data they upload.

We only share data where necessary to operate the service.

Examples include:

• Infrastructure providers used to host the platform
• Security and authentication services
• Legal or regulatory authorities if required by law

We require all service providers to process data securely and only for the purposes of operating TeamTreat.

We retain personal data only for as long as necessary to provide the TeamTreat service.

Organizations may delete employee data within the platform at any time.

Account data may be retained for a reasonable period after account closure for security and legal purposes.

We implement reasonable technical and organizational safeguards to protect personal data, including:

• Encrypted connections
• Secure authentication systems
• Controlled infrastructure access

However, no system can guarantee absolute security.

TeamTreat infrastructure providers may operate in multiple jurisdictions.

Where personal data is transferred outside the UK or European Economic Area, we take reasonable steps to ensure appropriate safeguards are in place.

Depending on your location, you may have rights including:

• Access to personal data
• Correction of inaccurate data
• Deletion of personal data
• Restriction of processing
• Data portability

Employees whose data is uploaded by an organization should contact their employer directly regarding requests.

We may update this Privacy Policy from time to time.

When we make changes, we will update the Last updated date on this page.

If you have questions regarding this policy, contact:

[email protected]