Search Now

Committed to Keeping Your Personal Information Safe

At Tribe, we believe privacy is a fundamental human right. That's why we will always be clear about what information we store and how it is used. Here you will find a quick list of information we collect, why we collect it and how it is used, information about Tribe terms, privacy and how we conform to industry standards.

Information We Collect

We operate a data protection by design policy. We only collect mandatory data for explicit purposes stated in our policies. Any additional data shared with Tribe is at the discretion of the user.

Data collected for specific user types allows Tribe to provide the services associated with your account type. If you wished to opt out of data processing, this may prevent Tribe from providing the services related to your account type.

  • We collect this standard basic information so that we can contact you regarding Tribe. This also helps with safeguarding so that we know who our users are, for example, a person needing help in their community can identify the user they have asked help from. Your details are not shared publicly without your permission, such as when you accept help from someone.

    For Tribe Members, only your name will appear on the help you request and no other information is shared publicly.

  • We collect this information if you are interested in becoming a Community Support Provider. This is so we can carry out checks as to whether you are trustworthy to help people around you, and carry out jobs on behalf of the Tribe platform.

    If you offer to help a Tribe Member, or advertise yourself as a Community Support Provider then your experience, qualifications, hourly rate, transport, and basic information, with the exception of your location, is shared publicly.

  • We may ask you for your location. This is so we can help identify support in your community and provide a relevant list of support providers close to you. Your location is never shared without your explicit consent. Locations are also masked to other users so that they will not know your exact location.

  • We use analytics software on our website and apps. This is to help identify areas of improvement on the Tribe platform. It is also used to help identify need in your community. No personal data is transmitted during your searches.

Your Safety

For safety and security, we use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.

Your Health

In order to provide support to Tribe members, you must be in good health. When accepting these terms and conditions, you confirm that you do not have any health issues that may prevent you from carrying out help requests from Tribe.

Discrimination

We enforce a strict policy to protect users against discrimination and harm. Any users found in breach of this policy and perform any action within Tribe that can be considered as a hate incident or hate crime will be excluded from the service and reported to the local authorities. To read more about hate incidents and hate crimes, visit Citizens Advice

Data

Below you will find information regarding your data. Tribe is compliant with GDPR and meets the NHS Data Security & Protection toolkit standards.

  • Your personal information may be shared with local authorities. Information is passed to local authorities to help identify communities that need additional support, this information is shared under the public interest and allows your local authorities to better support residents and ensure those using Tribe are safe. In cases where a user receives part of their direct payment for care and support within Tribe, information is shared with local authorities for financial auditing purposes.

    If you provide paid support in your community, or register your interest in this, we may pass your details to local teams that are in place in your area. They are experts in developing new micro-providers and can help ensure you are operating as a legal business. Your personal information and activity inside Tribe is not sold and you will never be targeted by advertisers.

    You shall be informed about what information you will be sharing when performing any action within the Tribe apps for both Android and iOS.

    If required by law or subpoena, we will disclose personal information of users to law enforcement agents.

    If required, in breach of Tribe terms of service, we shall disclose personal information to the relevant authority. This includes but not limited to instances that involves crime, abuse, and general safeguarding.

    We may also pass on personal information to government bodies, such as the NHS and first responders, in the event of a personal emergency to yourself or in the event of pandemic control such as contact tracing.

  • Tribe undergoes routine penetration testing to ensure that your data is secure at the highest standards. Our latest tests have been performed by Mitigate Cyber using the OWASP Testing guide V3 and found zero vulnerabilities across the Tribe platform.

    Tribe is also compliant with GDPR and meets NHS Data Security & Protection toolkit standards that are set out by the National Data Guardian's (NDG) data security standards. The NDG advises and challenges the health and care system to help ensure that citizens’ confidential information is safeguarded securely and used properly. These standards assess 10 areas:

    1. Personal Confidential Data
    2. Staff Responsibilities
    3. Training
    4. Managing Data Access
    5. Process Reviews
    6. Responding to Incidents
    7. Continuity Planning
    8. Unsupported Systems
    9. IT Protection
    10. Accountable Suppliers

    Find out more about the NDG

  • Tribe utilises Multi-Factor Authentication (MFA) to enhance security measures and protect user accounts on the Tribe platform. This ensures that all administrative accounts and other key accounts have access to an additional layer of security beyond just a password.

    This applies to all users who have administrative or privileged access to the Tribe platform, as well as any other users where enhanced security measures are deemed necessary. This includes employees, contractors, and third-party partners. MFA is optional but recommended for standard users. Read the MFA Policy

  • Your data is kept on a secure cloud service. The data is encrypted during storage using an AES encryption algorithm, the encryption key is then also encrypted and rotated regularly to minimise risk.

  • Data is encrypted during transit between our secure server and your mobile app too. We use the latest SSL/TLS protocols to ensure data can not be read or modified during transit.

  • Some data can be deleted whenever you like, some is removed or hidden automatically and some is retained for longer periods of time, where necessary.

    Tribe user data which makes up your profile, can be corrected or deleted at any time. Some data, like community groups visible in Tribe, may be hidden if a page is inactive. Some information is retained for an extended period of time, this includes payments that have been processed through Tribe, and is kept for financial auditing purposes and to prevent fraud.

  • If you request to have your data removed from Tribe, or the retention period expires, the data is deleted and overwritten on our storage hardware to obscure your data, this is in line with industry standards. Any physical hardware containing user data is also obsfucated and destroyed when being replaced.

  • We collect information that your browser sends whenever you visit our Service ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, your location, mobile type, mobile OS, the pages and content of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics. We use Google Analytics to gather this information.

  • Tribe is compliant with the NHS Data Security & Protection toolkit.

Your Rights

Data protection law gives you the right to access your personal information, to object to the use of your personal information for certain purposes, and the right to erase, restrict or receive a machine-readable copy of your personal information. You can access, update and delete your Tribe account information by logging into your Tribe account. If you cannot fulfill your request using these tools, please emailsupport@tribeproject.org or contact us using the address below. We will handle your request in accordance with the law. This means there may be legal reasons why we cannot fulfil all requests.

We will respond to your request within one month of receiving the information. If the request is of a complex nature or multiple requests from an individual, the timeline may extend up to 3 months to allow us to complete all required actions.

Payments

Tribe enables support providers and seekers to seamlessly handle payments. Tribe also allows local authorities and funding providers to provide funding to those who require financial help to receive support. Tribe facilitates payments through a third-party payment service called MangoPay. In addition to this, Tribe provides a facility to apply and pay for a DBS check, with these payments taken via Stripe.

  • If you decide you wish to create a virtual wallet in Tribe to make or receive payments, you will be required to verify your identity and store your banking information within MangoPay. This information is encrypted and bypasses the Tribe system directly to MangoPay. No information is shared.

  • When paying a support provider, Tribe adds an application fee on every transaction to cover our running costs including technology, feature development, support planning, community services, and the business tools available to you. This fee is payable by the support provider for gaining work by using the Tribe service and is taken automatically from each transaction.

    In addition to this there are some banking fees that may be applicable to certain transactions, taken directly by MangoPay, these are at cost and no profit or subsidy is taken by Tribe on these, where applicable, any fees related to a transaction will be detailed prior to taking a decision to do so. All fees are outlined below and subject to change.

    0.5%Bank Pay-in Fee
    1.4% + 20pCard Pay-in Fee
    45pWithdrawing Fee
    £8.00Withdrawing Fee (Non UK Account)
    3%Application Fee

  • When making a payment, your bank or card details are securely stored with MangoPay. You are provided with the option to remove your payment sources and details from MangoPay, if you wish to do so. Tribe does not store any banking data.

Payments Terms and Conditions

By accepting Tribe terms of service, and when setting up a virtual wallet in your Tribe account you agree to the Terms and Conditions of use for MangoPay payment services.

Legal

These Terms, Conditions and Privacy set out important information regarding your rights and obligations, and the restrictions that may apply. Please read these Terms and Conditions ("Terms", "Terms and Conditions") carefully before using the www.tribeproject.org website, mobile apps & portal (the "Service") operated by Tribe Project CIC and Bronze Software Labs ("us", "we", or "our").

  • When you create an account with us, you must provide us information that is accurate, complete, and current at all times. Failure to do so constitutes a breach of the Terms, which may result in immediate termination of your account on our Service.

    You are responsible for safeguarding the password that you use to access the Service and for any activities or actions under your password, whether your password is with our Service or a third-party service.

    You agree not to disclose your password to any third party. You must notify us immediately upon becoming aware of any breach of security or unauthorized use of your account.

  • Our Service may contain links to third-party web sites or services that are not owned or controlled by Tribe.

    Tribe has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. You further acknowledge and agree

    that Tribe shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such web sites or services.

  • We may terminate or suspend access to our Service immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.

    All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

    We may terminate or suspend your account immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.

    Upon termination, your right to use the Service will immediately cease. If you wish to terminate your account, you may simply discontinue using the Service.

    All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

  • These Terms shall be governed and construed in accordance with the laws of the country in which you reside, without regard to its conflict of law provisions.

    Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service, and supersede and replace any prior agreements we might have between us regarding the Service.

Procedures

At Tribe, we take the security and safety of our users as paramount and strive to make things clear and as informative as possible to help give you peace of mind.

  • To report an incident, you can either contact us using the information on this page, or report in-app using the Tribe mobile app on iOS and Android. You can also report an incident to your local authority.

    The procedure is as follows once an incident has been reported:

    • The incident is logged in our security incident resolution center
    • The incident is marked as open and flagged to Tribe staff for review
    • Tribe staff use Tribe Terms of Service and legal guidelines such as the Human Rights Act 1998 to determine the outcome of an incident
    • Once reviewed, Tribe staff will determine the course of action in three ways:
      • Safe: We have determined that Tribe Terms of Service have not been breached and take no further action
      • Undetermined: We are unsure that there is a potential for intervention and consult relevant authorities
      • Escalation: We have determined that there is a need for intervention and escalate the incident to the relevant authorities
    • The incident is then marked as closed

    However, if the incident is of imminent danger to life, please refer to the Community Guidelines and contact the emergency services immediately.

    Tribe staff also use an internal management system, so that if any incidents arise concerning Tribe staff or the system in general they are to be logged by the operations lead, initially reviewed by the operations lead using the same method as above and escalated to the Tribe board or the relevant authorities if found to be in breach of Tribe Terms of Service.

  • We actively review our policies and procedures to make sure that they are up-to-date and relevant to the current needs of the service. Reviews take place at least once yearly, but policies and procedures are updated more regularly to accommodate new changes in legislation and when new features are added to the service.

  • Data is never 100% secure when stored digitally, and although we have procedures and tests in place to reduce risk, as detailed in our security section, we must put procedures in place to follow in the event of a data breach.

    Personal data breaches can include the following:

    • Access to personal data by an unauthorised third party
    • Deliberate or accidental action (or inaction) by a controller or processor
    • Sending personal data to an incorrect recipient
    • Hand-held devices / laptops containing personal data being lost or stolen
    • Alteration of personal data without permission
    • Loss of availability of personal data

    It is the responsibility of everyone at Tribe to ensure they keep personal data safe. In the event of personal data being breached, our procedure is to act fast and follow the procedure below:

    • Identify the breach extent and user(s) affected
    • Log the breach using our internal management system
    • Report the breach to the Data Protection Officer (DPO) with a detailed review of the breach
    • The DPO reviews the breach and makes a decision as to whether the breach will result in a risk to individuals' rights and freedoms
    • Report the breach to the Information Commissioners Office (ICO) with a detailed review of the breach if required to do so
    • Notify affected users of the breach with appropriate actions to reduce risks
    • Potentially suspend or isolate part of the service until the breach has been contained
    • Once contained, review the breach internally and action any improvements for prevention
    • Update our Data Privacy Impact Assessments if required

    If you believe you may have encountered a data breach, you must report it using the contact details on this page or in-app using the Tribe mobile app on iOS and Android.

    Tribe ensures system access and data security are maintained by performing annual penetration tests and complying with data security standards. We also make sure that staff systems have no direct access to personal data to reduce risk. Our DPO and Operations Lead have sole access to live encrypted database content and are able to decrypt content in the event of breaches and reporting.

Privacy

Tribe Project CIC and Bronze Software Labs ("us", "we", or "our") operates the www.tribeproject.org website, mobile apps & portal (the "Service"). This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service. We will not use or share your information with anyone except as described in this Privacy Policy. We use your Personal Information for providing and improving the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions above.

If you wish to be excluded from data processing activities, please note this may impact your usage of Tribe.

If we need to process your data for another purpose outside of the original purpose, we will notify you and explain the legal basis which allows us to do so. Please note that we will if necessary process your personal data without your knowledge or consent, in compliance with the above rules where this is required or permitted by law.

Users have the right to withdraw consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent.

The data subject can request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. Please contact support@tribeproject.org for further details.

  • We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

    These third parties have access to partial Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

  • The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

    If required by law or subpoena, we will disclose personal information of users to law enforcement agents.

  • Our Service does not address anyone under the age of 16 ("Children").

    We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us. If we discover that a Children under 16 has provided us with Personal Information, we will delete such information from our servers immediately.

Changes

We reserve the right, at our sole discretion, to modify or replace our terms and policies at any time. If a revision is material we will try to provide at least 30 days notice prior to any new terms and policies taking effect. What constitutes a material change will be determined at our sole discretion.

You are advised to review this page periodically for any changes. Changes to this page are effective when they are posted.

By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Service.

Contact us

You can contact us by mail, email or the Tribe Resolution Centre located in the Tribe app

e-Innovation Centre, Priorslee, Telford, Shropshire. TF2 9FT
support@tribeproject.org