Last updated: 6 June 2026
This Privacy Policy explains how sidething Ltd ("sidething", "we", "our", or "us") collects, uses, and protects your information when you use our website, app, and related services (collectively, the "Service").
By using sidething, you agree to this Privacy Policy. If you do not agree, please stop using the Service.
sidething Ltd is registered in England and Wales (Company Number 16834072) with its registered office at 14/2E Docklands Business Centre, 10-16 Tiller Road, Canary Wharf, London, E14 8PX, United Kingdom.
1.1. Data: any information you provide to sidething or that we collect in connection with your use of the Service.
1.2. Data Protection Laws: all applicable privacy and data protection laws, including the UK GDPR and the Data Protection Act 2018.
1.3. User: any person accessing or using the Service who is not employed by sidething or providing services on its behalf.
1.4. Website: sidething.com and any related subdomains (including app.sidething.com).
2.1. This Privacy Policy applies to sidething Ltd and Users of this Service.
2.2. It does not apply to third-party sites or services linked from sidething.
2.3. For the purposes of data protection laws, sidething Ltd is the data controller responsible for how and why your personal data is processed.
3.1. sidething may collect and process the following types of data:
4.1. Directly from you: when you register, update your account, use AI-assisted features, contact us, or use sidething's features.
4.2. Automatically: through technical logs and local analytics.
4.3. Through platform features: when you interact with AI tools, create tasks, participate in Inner Circles, or use other collaborative features within the Service.
4.4. Through automated public-web research: when you apply to join sidething, we look up publicly available information about you to verify your application and prepare context for your sidekick. See Section 8.
5.1. sidething uses your data to:
5.2. We do not sell or rent your data.
5.3. We do not use third-party ad tracking or behavioural targeting.
6.1. Our legal bases for processing your data under the UK GDPR include:
7.1. sidething includes AI-assisted features that help you plan, build, and track progress on your side project. These features use third-party AI language model providers to process the content you submit.
7.2. What data is processed: When you use AI-assisted features, the content you provide (such as chat messages, task descriptions, business context, and profile information relevant to your query) may be sent to our AI providers for processing. Voice recordings submitted for transcription are sent to our speech-to-text provider.
7.3. How AI providers handle your data: Our AI providers process your data solely to generate responses to your requests. Under our agreements with these providers:
7.4. AI output accuracy: AI-generated content (such as suggested roadmaps, task estimates, and guidance) is provided as a starting point and should not be treated as professional advice. You are responsible for reviewing and verifying any AI-generated output before relying on it.
7.5. Automated processing: Some features involve automated decision-making, such as generating personalised roadmaps or estimating task effort. These automated suggestions are designed to assist you and can be modified or overridden at any time. If you have concerns about automated processing, you may contact us to request information about the logic involved or to request human review of a specific decision.
8.1. When you submit an application to join sidething, we automatically run a public-web research pass on the information you give us. We use this to verify your application, prepare context for your sidekick, and shorten our review time.
8.2. What we look at. Only publicly accessible content. Professional profile pages (such as LinkedIn-style profiles), company pages tied to your work email domain, public publications, public directories, and other content an open web search would surface for your name and role.
8.3. What we do not do.
8.4. What we generate. A short research dossier that may include your professional background, current employer and role, location, public projects, and links to your public profiles (such as LinkedIn, X, GitHub, or a personal site). We save the LinkedIn profile we identify so we can complete our review of your application.
8.5. Where it lives. The dossier is stored alongside your application data. Once your account is created, it forms part of your private workspace context and helps your sidekick understand who you are from day one.
8.6. Correcting or removing it. At the end of the application form, you can update anything we got wrong before submitting. After approval, you can edit your profile in account settings or email support@sidething.com to request deletion of your research dossier at any time.
8.7. When we cannot find you. If our research is not confident enough to identify you, we ask you to confirm your LinkedIn directly during the application. Our quality bar, that approved members have a public professional presence, applies either way.
9.1. We share data with a small number of trusted service providers who help us operate sidething:
9.2. Each provider processes data under data protection agreements consistent with UK GDPR requirements. You may request details of these agreements by contacting us.
9.3. We do not sell or rent your data.
9.4. We never share your data with advertisers or social media platforms.
9.5. We maintain an up-to-date list of sub-processors. If you would like to be notified of changes, email support@sidething.com.
10.1. We retain your data while your account is active or as long as required by law.
10.2. You may request deletion of your account at any time.
10.3. Upon account deletion, your data is removed from the live system. Encrypted backups may persist for up to 30 days before being permanently erased.
10.4. Payment and financial data are retained for six years to meet legal requirements.
10.5. Images uploaded in chat are automatically deleted after 90 days unless associated with an admin account.
10.6. AI interaction logs are retained for the purpose of providing you with conversation history and improving your experience. These are deleted when your account is deleted.
10.7. Applicant research dossiers (see Section 8) are retained for the lifetime of your account plus 30 days, unless you request earlier deletion. If your application is declined, the dossier is deleted within 90 days.
11.1. sidething does not use tracking cookies. We do not use any third-party analytics services such as Google Analytics.
11.2. Authentication: Your login session is managed using tokens stored in your browser's local storage (not cookies). These tokens are used solely to keep you signed in.
11.3. Analytics: We collect basic, anonymised usage analytics (such as page views and feature usage) using a custom, client-side system. This data is stored locally in your browser and is not transmitted to any external analytics service.
11.4. Consent preferences: If you interact with consent prompts, your preference is stored in your browser's local storage.
11.5. You can clear local storage through your browser settings at any time, though this will sign you out of your account.
12.1. Under UK GDPR, you have the right to:
12.2. To exercise your rights, email support@sidething.com.
12.3. If you are unhappy with how we handle your data, you may contact the Information Commissioner's Office (ICO) at ico.org.uk.
13.1. We use technical and organisational measures to safeguard your data, including:
13.2. Despite these safeguards, no system is completely secure. You acknowledge that data transmission over the internet carries inherent risks.
13.3. If you suspect unauthorised access to your account, contact support@sidething.com immediately.
14.1. Some of our service providers may process data outside the UK or European Economic Area (EEA).
14.2. Whenever data is transferred internationally, we ensure adequate protection through Standard Contractual Clauses, adequacy decisions, or equivalent safeguards in line with UK GDPR.
14.3. You can request more details about these safeguards by contacting us.
15.1. By default, your activity and content on sidething (such as wins, uploads, and responses) are visible only within your Inner Circle or specific collaboration spaces.
15.2. sidething offers an optional Stealth Mode, allowing you to control visibility or pseudonymise your public profile.
15.3. You can enable or disable Stealth Mode at any time in your account settings.
15.4. sidething cannot guarantee complete anonymity for content you voluntarily share publicly.
16.1. If sidething Ltd undergoes a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction.
16.2. Any new owner will continue to handle your data under terms consistent with this Privacy Policy.
16.3. You will be notified if ownership or control changes in a way that materially affects your data rights.
17.1. sidething may include links to other websites or third-party resources.
17.2. We do not control those sites and are not responsible for their privacy practices.
17.3. You should read the privacy policies of any third-party websites you visit.
18.1. sidething allows you to connect external tools (such as Google Calendar, Gmail, Notion, Stripe, and others) to enable business intelligence features. These connections are managed through our integration partner, Composio.
18.2. Read-only access. All connections are read-only by default. sidething reads data from your connected tools but never writes to, modifies, or deletes data in your external accounts.
18.3. What data we access. When you connect a tool, we access only the data necessary to extract business intelligence signals. This includes calendar events, email metadata (subjects and senders, not full email bodies), document titles and update timestamps, subscription and revenue data, and similar structured information.
18.4. How we process your data. Connected tool data is processed by AI models to extract structured intelligence signals such as activity patterns, revenue trends, and suggested actions. We store the extracted signals, not the raw data from your connected tools. Raw data is processed in memory and discarded after extraction.
18.5. Composio as a processor. Composio acts as a data processor for managing OAuth tokens and API access to your connected tools. Composio's privacy policy governs their handling of your authentication credentials. We do not store your OAuth tokens directly.
18.6. Disconnecting tools. You can disconnect any tool at any time from your connections settings. When you disconnect, we stop accessing data from that tool. Previously extracted intelligence signals remain in your account unless you request their deletion.
18.7. Team connectors. Some connectors (such as Stripe or Supabase) may be designated as team connectors by a workspace admin. Data from team connectors is visible to all workspace members. Personal connectors (such as Gmail or Google Calendar) are private to the individual user.
18.8. Data retention. Intelligence signals extracted from your connected tools are retained as long as your account is active. You can dismiss or delete individual signals. Upon account deletion, all intelligence data is permanently removed.
19.1. We may update this Privacy Policy from time to time.
19.2. When changes are made, we will post an updated version at sidething.com/privacy and notify users by email or in-app notice if the updates are material.
19.3. Continued use of the Service after an update means you accept the revised terms.
20.1. For questions, complaints, or data requests, contact us at:
sidething Ltd 14/2E Docklands Business Centre, 10-16 Tiller Road Canary Wharf, London, E14 8PX, United Kingdom
Email: support@sidething.com
21.1. This Privacy Policy is governed by the laws of England and Wales.
21.2. Any disputes arising from it will be handled exclusively by the English courts.