Privacy Policy

Last updated: November 2024

Introduction

This Privacy Policy explains how TraceID ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our website and services.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

Who We Are

TraceID is a digital product passport and traceability platform. Our registered office is located at:

Stadium Business and Trade Park, Tilehurst, Reading RG30 6BX

For data protection matters, you can contact us at: [email protected]

Information We Collect

Information You Provide to Us

We collect personal information that you voluntarily provide when you:

  • Register for an account
  • Use our services
  • Contact us for support or enquiries
  • Subscribe to our newsletter or communications
  • Participate in surveys or promotions

This information may include:

  • Name and contact details (email, phone number, address)
  • Company name and job title
  • Account credentials (username, password)
  • Payment and billing information
  • Communications with us

Information Collected Automatically

When you access our website or use our services, we automatically collect certain information, including:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, time spent, features used)
  • Cookies and similar tracking technologies
  • Log data (access times, error logs)

Information from Third Parties

We may receive information about you from third parties, such as:

  • Business partners and service providers
  • Public databases and sources
  • Social media platforms (if you connect your account)

How We Use Your Information

We use your personal information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our services
  • Account Management: To create and manage your account
  • Communication: To respond to your enquiries and provide customer support
  • Personalisation: To customise your experience and provide relevant content
  • Analytics: To understand how our services are used and improve functionality
  • Security: To protect against fraud, unauthorised access, and other security risks
  • Legal Compliance: To comply with legal obligations and regulatory requirements
  • Marketing: To send promotional communications (with your consent where required)

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract: To fulfil our contractual obligations to you
  • Legitimate Interests: For our legitimate business purposes, such as improving our services
  • Legal Obligation: To comply with applicable laws and regulations
  • Consent: Where you have provided explicit consent

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyse usage, and deliver personalised content. Cookies are small text files stored on your device.

Types of Cookies We Use

  • Essential Cookies: Required for the website to function properly
  • Analytics Cookies: Help us understand how visitors use our website
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used to deliver relevant advertising

You can control cookie preferences through your browser settings. However, disabling certain cookies may affect website functionality.

How We Share Your Information

We do not sell your personal information. We may share your information with:

Service Providers

Third-party vendors who perform services on our behalf, such as:

  • Cloud hosting and infrastructure providers
  • Payment processors
  • Analytics and marketing service providers
  • Customer support platforms

Business Transfers

In connection with any merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

Legal Requirements

When required by law, regulation, legal process, or governmental request, or to protect our rights, property, or safety.

With Your Consent

When you have given explicit consent for specific sharing purposes.

International Data Transfers

Your information may be transferred to and processed in countries outside the United Kingdom. Where we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Other approved transfer mechanisms under UK GDPR

Data Security

We implement appropriate technical and organisational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security assessments and monitoring
  • Employee training on data protection
  • Incident response procedures

However, no method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods vary depending on:

  • The nature of the information
  • The purpose for which it was collected
  • Legal and regulatory requirements
  • Legitimate business needs

Your Rights

Under UK data protection law, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to certain types of processing
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise your rights, please contact us at [email protected]. We will respond within one month of receiving your request.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date
  • Sending you an email notification (for significant changes)

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: [email protected]
  • Post: Stadium Business and Trade Park, Tilehurst, Reading RG30 6BX

Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: https://ico.org.uk
  • Telephone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Book Demo