1 BACKGROUND

1.1 This Privacy Notice tells you how we look after your personal data when you visit our website at https://tradestack.uk (Website) or when you purchase our software, where you are a prospective customer of our business, or where you are another type of business contact, such as a supplier or service provider to our business.

1.2 This notice sets out what information we collect about you, what we use it for and whom we share it with. It also explains your rights under data protection laws and what to do if you have any concerns about your personal data.
‍
1.3 We may sometimes need to update this Privacy Notice, to reflect any changes to the way our services are provided or to comply with new business practices or legal requirements. You should check this Privacy Notice regularly to see whether any changes have occurred.

‍
2 WHO WE ARE AND OTHER IMPORTANT INFORMATION

2.1 We are TRADES TECHNOLOGY LIMITED, registered in England and Wales with company number 15788945 with our registered address at Antler C/O Techspace Aldgate East 32-38 Leman Street, London, E1 8EW (we, us or our).
‍
2.2 For all visitors to our Website and for users who purchase our services through an organisation, we are the controller of your information (which means we decide what information we collect and how it is used).

2.3 We are registered with the Information Commissioner’s Office (ICO), the UK regulator for data protection matters, under number ZB723392.

‍
3 CONTACT DETAILS

3.1 If you have any questions about this Privacy Notice or the way that we use information, please get in touch using the following details: info@tradestack.uk.

‍
4 THE INFORMATION WE COLLECT ABOUT YOU

4.1 Personal data means any information which does (or could be used to) identify a living person. We have grouped together the types of personal data that we collect, and where we receive it from, below.
‍
4.2 Type of personal data:
- Identity Data: your first and last name or title.
- Contact Data: your email address, telephone numbers, home address.
- Technical Data: internet protocol (IP) address, browser type and version, time zone setting and generic location, browser plug-in types and versions, operating system and platform on the devices you use to access our systems.
- Usage Data: information about how you use our systems.
- Financial Data: where you provide this over our Website to purchase one of our services.
- Feedback: information and responses you provide when completing surveys and questionnaires.
- Profile Data: email address, password, username, chat logs, audit trail of systems used and documents accessed and downloaded.
- Marketing and Communication Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.

‍
5 HOW WE USE YOUR INFORMATION

5.1 We are required to identify a legal justification (also known as a lawful basis) for collecting and using your personal data. There are six legal justifications which organisations can rely on. The most relevant of these to us are where we use your personal data to:
fulfil our contract with you;
do something for which you have given your consent.
‍
5.2 Below is set out the lawful basis we rely on when we use your personal data. If we intend to use your personal data for a new reason that is not listed below, we will update our Privacy Notice.
‍
5.2.1 Contract
To administrate or perform our contract with you. To process your payment information in connection with any contract we have with you. To send you updates about the services you have bought (e.g. confirmation of order, arrival time).
5.2.2 Consent
Where you have provided your consent to providing us with information or allowing us to use or share your information. Where you have consented to receive marketing material from us.
‍
5.3 Where we need to collect your personal data (for example, in order to fulfil a contract we have with you), failure to provide us with your personal data may mean that we are not able to provide you with the services. Where we do not have the information required about you to fulfil an order, we may have to cancel the service ordered.

‍
6 WHO WE SHARE YOUR INFORMATION WITH

6.1 We share (or may share) your personal data with:
- Our personnel: our employees (or other types of workers) who have contracts containing confidentiality and data protection obligations.
- Our supply chain: other organisations that help us provide our goods. We ensure these organisations only have access to the information required to provide the support we use them and have a contract with them that contains confidentiality and data protection obligations.
- Our professional advisers: such as our accountants or legal advisors where we require specialist advice to help us conduct our business.
- Our potential investors: parties who are interested in investing in the business and becoming shareholders, who are generally subject to contracts containing confidentiality and data protection obligations.
‍
6.2 If we were asked to provide personal data in response to a court order or legal request (e.g. from the police), we would seek legal advice before disclosing any information and carefully consider the impact on your rights when providing a response.

‍
7 WHERE YOUR INFORMATION IS LOCATED OR TRANSFERRED TO

7.1 We store your personal data on our servers in the UK.
‍
7.2 We will only transfer information outside of the UK or EEA where we have a valid legal mechanism in place (to make sure that your personal data is guaranteed a level of protection, regardless of where in the world it is located, e.g. by using contracts approved by the ICO or the UK Secretary of State).
‍
7.3 If you access our Website or purchase our services whilst abroad then your personal data may be stored on servers located in the same country as you or your organisation.

‍
8 HOW WE KEEP YOUR INFORMATION SAFE

8.1 We have implemented security measures to prevent your personal data from being accidentally or illegally lost, used or accessed by those who do not have permission. These measures include: access controls and user authentication (including multi-factor authentication); internal IT and network security; regular testing and review of our security measures.
‍
8.2 If there is an incident which has affected your personal data and we are the controller, we will notify the regulator and keep you informed (where required under data protection law). Where we act as the processor for the affected personal data, we notify the controller and support them with investigating and responding to the incident.