GDPR
Data Crumbs
(Guess the Tidean)
History and culture of privacy
Privacy at Tide
Naughty list
100
In which year was the GDPR adopted?

2016

100

Is a member of the Legal team and absolutely hates hiking

Stoian Tentchev

100

Which famous whistleblower exposed an illegal and possibly unconstitutional mass surveillance program in the U.S. in 2013?

Edward Snowden

100

Name at least two ways in which Tide's Privacy Team can be contacted

The Privacy Service Desk in Jira
The dpo@tide.co mailbox
Slacking Hris or Svet (not recommended)

100

If a Tidean commits a personal data breach, where should that breach be reported first without undue delay?

The InfoSec Jira Service Desk
#Panic Slack channel

200

What does the "GDPR" stand for?

General Data Protection Regulation

200

Is a member of senior leadership and studied in film school

Liza Haskell

200

Which nascent at-the-time piece of technology scared so much Louis D. Brandeis and Samuel D. Warren II, the "fathers" of privacy, to prompt them to write the article "The Right to Privacy" back in 1890?

Instant Photography

200

Where can a Member find an exhaustive description of how Tide handles the personal data of all Members?

In Tide's Privacy Policy available on the Tide Website (www.tide.co/privacy)

200

Which company was exposed in 2018 as having collected the personal data of millions of Facebook users without their consent and subsequently used that data for political advertising as part of Donald Trump's presidential campaign and the UK’s Vote Leave campaign?

Cambridge Analytica

300

What's the name of the piece of legislation which replaced the GDPR in the UK post-Brexit?

The UK GDPR
300

Name two members of the Legal Team who have both studied for a year in Leuven, Belgium, albeit at different times

Martyna Budzynska and Liza Haskell

300

Which country's citizens have such a penchant for privacy that they convinced Google to curtail Google Street View in some cities so their homes can be censored from public view and their anonymity protected? (Hint: Perhaps linked to scary secret police during nationalist and then socialist era)

Germany

300

What kind of request does a Member make when they ask from Tide to delete all their data?

Data Subject Erasure Request (Or commonly known as Right to be Forgotten)

300

Against which big tech company was the single highest GDPR fine ever issued? (Hint: CEO looks like a particular villain from the Austin Powers film series)

Amazon 

€746 Million ($823.9 Million)

400

What's the name of the independent expert that organisations should appoint to oversee data protection compliance and to act as the point of contact for data subjects and regulatory authorities?

Data Protection Officer (or DPO)

400

Is a member of senior leadership and obsessed with Godzilla collectibles

Guy Duncan

400

In which year did George Orwell write the famous dystopian novel "1984" foreshadowing how powerful  mass surveillance programs of totalitarian states can be?

1948

400

What curios object do you think was mailed to Martyna and Hris at Tide's London office by one very disgruntled Member in 2021?

The Member's Tide Card

400

How much is the maximum amount of monetary sanction that the UK Information Commissioner's Office can impose on Tide for breaches of the UK GDPR?

Up to 17 million pounds, or up to 4% of Tide's global turnover in the last fiscal year.

500

What's the name of the concept introduced by the GDPR whereby privacy and data protection controls should be hard-wired in the technical architecture of digital products and services?

Data Protection By Design (or Privacy by Design) and Data Protection By Default (or Privacy By Default)

500

Is a member of senior leadership and has previously worked at a german online lender Kreditech

Oliver Prill

500

In which country famous for its mass surveillance practices did police officers wear "smart helmets" during the COVID-19 pandemic equipped with AI-powered infrared cameras detecting pedestrians' temperature, facial recognition capabilities, license plate recognition and the ability to scan QR codes?

People's Republic of China

500

What's the name of the company process whereby data protection and privacy risks are assessed prior to the deployment of a new Tide product or service?

Data Protection Impact Assessment 

500

Which leading Swedish fintech bank was fined 724 000 EURO in 2022 for shortcomings in their publicly-available privacy notice?

Klarna Bank AB