Privacy Policy

Tracea is a market-intelligence platform that helps businesses research markets, suppliers, buyers, trade flows, pricing, benchmarks, and related commercial signals through dashboards, search tools, alerts, reports, exports, and APIs.

This Privacy Policy explains how TRACEA (“Tracea”, “we”, “us”, or “our”) collects, uses, shares, stores, and protects personal data when you use our website, platform, APIs, communications, events, trials, or support channels.

Who we are

The controller of your personal data is:

FOLOWUP LLC

5830 E 2nd St, Ste 7000, Casper, 82609, Wyoming, USA

Email: joan@tracea.ai

If Tracea provides services under an enterprise order form, data processing terms in that order form or in a separate Data Processing Addendum may also apply.

Who this policy applies to

This policy applies to:

website visitors;

trial users and account holders;

customer personnel and authorized users;

prospects, leads, and business contacts;

event attendees, newsletter recipients, and support contacts;

individuals whose business contact details appear in third-party or public source data used in our services, where that information qualifies as personal data.

This policy does not apply to third-party websites, applications, or services that link to or integrate with Tracea and have their own privacy notices.

What personal data we collect

We may collect the following categories of personal data.

Personal and contact data. Name, work email address, work phone number, company name, job title, business address, country, and correspondence details.

Account data. Username, password hash, single sign-on identifiers, profile preferences, seat or role assignments, subscription status, and audit records linked to account administration.

Transaction and billing data. Billing contact details, invoicing information, tax details, subscription plan information, payment status, and limited payment references. Tracea should not store full payment card data if a payment processor is used.

Usage and device data. IP address, device identifiers, browser type, operating system, login timestamps, session data, pages viewed, features used, exports, search activity, API calls, referring URLs, crash logs, and security logs.

Cookies and tracking data. Cookie identifiers, consent preferences, analytics identifiers, and similar online signals, depending on your choices and the tools enabled on our site.

Support and communications data. Messages you send to us, demo requests, support tickets, survey responses, meeting notes, and call or chat transcripts where recording is enabled with appropriate notice.

Third-party source data. Business contact details, public professional information, company affiliation data, and other commercial records received from data providers, public registries, customer submissions, or lawful public sources, where those records include personal data. Much of Tracea’s intelligence content may not be personal data, but some source records may still identify individuals, especially sole traders or business contacts.

Customer-submitted data. Files, notes, search lists, watchlists, CRM imports, comments, and other content that customers or users upload into the platform.

Aggregated or anonymized data. Usage statistics, benchmarking information, model performance information, and trend data that no longer identifies an individual or cannot reasonably be linked back to one.

Data we do not intend to collect

Tracea is not designed to collect special category data, criminal-offence data, or children’s data. Please do not upload those categories unless we have expressly agreed in writing that the upload is necessary and lawful.

How we collect personal data

We collect personal data:

directly from you, when you create an account, request a demo, subscribe, contact us, attend an event, or use the platform;

automatically, through logs, cookies, analytics, and security tools;

from your employer or contracting organization, when it provisions an account for you;

from payment providers, identity providers, and support tools;

from data vendors, public sources, partner sources, and customer imports, where permitted by law and contract.

How and why we use personal data

We use personal data for the following purposes.

To provide the service. We use account, contact, usage, and support data to create and administer accounts, authenticate users, provide dashboards, API access, exports, alerts, customer support, and service communications.

To manage subscriptions and commercial relationships. We use contact, billing, and transaction data to invoice, collect payment, manage renewals, administer contracts, provide account management, and maintain customer records.

To operate, secure, and improve Tracea. We use usage, device, and support data to monitor performance, prevent abuse, investigate incidents, enforce our Terms, troubleshoot errors, improve features, and develop new functionality. Where possible, we use aggregated or anonymized data for analytics, service improvement, benchmarking, and model evaluation.

To build and maintain market-intelligence datasets. We use source data, customer-submitted data, and operational data to compile, normalize, enrich, categorize, validate, and display market intelligence and related commercial insights. If source data contains personal data, we process that data only where we have an appropriate lawful basis and a clear business purpose.

To communicate with you. We use contact and communication data to respond to inquiries, send transactional notices, provide support, and, where permitted, send product updates, insights, or marketing communications.

To comply with law and protect rights. We use relevant data to comply with legal obligations, respond to lawful requests, maintain financial records, exercise or defend legal claims, and protect Tracea, our users, data providers, and third parties.

Legal bases

Where GDPR or UK GDPR applies, we rely on one or more of the following legal bases:

Contract. Processing is necessary to take steps at your request or to perform our contract with you or your organization, including account setup, access control, service delivery, billing support, and customer support.

Legitimate interests. Processing is necessary for our legitimate interests in operating and improving the platform, securing our systems, preventing fraud and misuse, managing business relationships, building business-to-business market intelligence products, and measuring service performance, provided those interests are not overridden by your rights and freedoms.

Consent. We rely on consent where required, including certain direct marketing activities and non-essential cookies or similar tracking technologies in jurisdictions where opt-in consent is required.

Legal obligation. Processing is necessary to comply with tax, accounting, sanctions, export-control, regulatory, law-enforcement, and other legal obligations.

If we rely on legitimate interests, you may object where the law gives you that right.

How we share personal data

We may share personal data with:

cloud hosting and infrastructure providers;

authentication and identity providers;

payment processors and billing providers;

analytics, error-monitoring, and product-performance providers;

CRM, marketing, and email-delivery providers;

support, ticketing, and customer-success providers;

data providers, enrichment partners, and API partners where necessary to deliver or validate the service;

professional advisers such as lawyers, auditors, insurers, and accountants;

regulators, courts, law-enforcement bodies, and competent authorities where required by law;

acquirers or successor entities in a merger, financing, reorganization, or sale of assets.

Where we use processors, we require them to process personal data only on our instructions, to use appropriate security measures, and not to use the data for their own unrelated purposes.

Tracea should publish and maintain a separate subprocessor list and update it when material vendors change.

Third-party services and APIs

Tracea may rely on third-party services and APIs for hosting, authentication, communications, analytics, payments, customer support, mapping, enrichment, or source-data ingestion. Those providers may process personal data on our behalf or as independent controllers, depending on the service.

Where Tracea embeds or links to third-party functionality, that third party may collect information directly under its own privacy notice. Tracea is not responsible for third-party privacy practices outside services we control as processor relationships.

International transfers

Tracea may process personal data in countries outside the EEA, Switzerland, or the UK.

Where we transfer personal data to a country that is not covered by an adequacy decision or equivalent recognized mechanism, we will use appropriate safeguards, such as:

the European Commission’s Standard Contractual Clauses;

the UK International Data Transfer Addendum or other recognized UK transfer mechanism;

additional technical and organizational safeguards, such as access controls, encryption, and data-minimization measures, where appropriate.

You may request more information about the safeguards relevant to your data by contacting us.

How long we retain personal data

We retain personal data only for as long as reasonably necessary for the purposes described in this policy, including to comply with legal, accounting, tax, audit, and dispute-resolution requirements.

The recommended retention schedule for Tracea appears later in this report and should be adopted into internal policy and operational controls. Where the retention period expires, we will delete or anonymize the data unless we are required to keep it longer by law or for a documented legal claim, security investigation, or dispute.

Anonymized data may be retained for longer where it no longer identifies any individual.

How we protect personal data

Tracea uses technical and organizational measures designed to protect personal data, including as appropriate:

encryption in transit and at rest;

role-based access controls;

logging and monitoring;

multi-factor authentication for administrative access;

environment segregation;

vendor due diligence and contractual controls;

backup and recovery procedures;

incident response procedures;

staff confidentiality obligations and training.

No service can guarantee absolute security, but we work to maintain safeguards proportionate to the risks involved.

Your rights

Where GDPR, UK GDPR, or similar laws apply, you may have the right to:

access personal data we hold about you;

rectify inaccurate or incomplete personal data;

request deletion of personal data where there is no valid reason for continued processing;

request portability of data that you provided to us where processing is based on consent or contract and carried out by automated means;

object to processing based on legitimate interests or to direct marketing;

request restriction of processing in certain circumstances;

withdraw consent at any time, where processing is based on consent;

lodge a complaint with your local supervisory authority.

To exercise your rights, contact joan@tracea.com. We may need to verify your identity before acting on a request. If the request relates to an enterprise account managed by your employer or another organization, we may direct you to that organization where it acts as controller for part of the processing.

Marketing communications

If you receive marketing communications from Tracea, you can unsubscribe at any time by using the unsubscribe link in the message or by contacting us. We may still send you non-marketing messages about your account, subscription, security, billing, or service changes.

Cookies and tracking

Tracea uses cookies and similar technologies for three main reasons:

to operate the site and platform;

to remember user settings and security choices;

to measure performance and improve the service;

to support marketing or attribution where enabled.

Strictly necessary cookies do not require consent where the law allows that. Analytics, advertising, attribution, personalization, and other non-essential cookies should only be used where the user has given any required consent.

You can manage your choices through our cookie banner or cookie settings link. Browser settings alone are not the only control we rely on for non-essential cookies.

Minors

Tracea is a business service and is not directed to individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided personal data to Tracea, contact us and we will take appropriate steps to delete it.

Changes to this policy

We may update this Privacy Policy from time to time. If we make a material change, we will post the updated version on our website and, where appropriate, notify customers or account holders by email, in-product notice, or another reasonable method. The “Last updated” date above shows when this policy was last changed.

How to contact us

Privacy questions, rights requests, and complaints should be sent to:

FOLOWUP LLC

5830 E 2nd St, Ste 7000, Casper, 82609, Wyoming, USA

Email: joan@tracea.ai

If you are not satisfied with our response and applicable law gives you that right, you may contact your local data protection authority.