Privacy Policy & Cookie Policy

Last updated: January 11, 2025

πŸ”’ GDPR Compliance

This Privacy Policy complies with GDPR, German Federal Data Protection Act (BDSG) and ePrivacy Directive. Created with eRecht24 GDPR standards.

Certified by:eRecht24 GDPR Generator

Your Rights under GDPR

πŸ“‹ Access (Article 15 GDPR)

Request your personal data

✏️ Rectification (Article 16 GDPR)

Correct inaccurate data

πŸ—‘οΈ Erasure (Article 17 GDPR)

Delete your personal data

πŸ“€ Data Portability (Article 20 GDPR)

Export your data

πŸ›‘ Restriction (Article 18 GDPR)

Restrict data processing

❌ Object (Article 21 GDPR)

Object to processing

1. Data Controller

TradeComply

Represented by: Phuong Nguyen (CEO) & Rahul Bhat (CTO)

Email: info@tradecomply.eu

Website: www.tradecomply.eu

EU Representative: Available upon request

Data Protection Officer (DPO):

For data protection inquiries, contact our DPO at privacy@tradecomply.eu

2. Data Processing Overview

We process personal data necessary to provide trade compliance services:

Categories of Personal Data:

  • Account Data: Name, email address, company name, business role
  • Trade Data: Product descriptions, HS codes, customs documents, shipping details
  • Technical Data: IP addresses, browser information, device identifiers
  • Usage Data: Platform interactions, feature usage, session data
  • Communication: Support requests, feedback, correspondence
  • Billing Data: Payment information (processed by third parties)

3. Legal Basis for Processing

Article 6(1)(b) GDPR - Contract Performance

Service delivery, account management, trade compliance support

Article 6(1)(c) GDPR - Legal Obligation

Customs law compliance, tax obligations, record keeping

Article 6(1)(f) GDPR - Legitimate Interest

Security monitoring, fraud prevention, service improvement

Article 6(1)(a) GDPR - Consent

Marketing communications, newsletters, optional features

4. Data Retention

  • Trade Documents: 10 years (German customs law Β§ 147 AO)
  • Account Data: Service duration + 7 years
  • Technical Logs: 12 months
  • Marketing Data: Until consent withdrawal
  • Support Communication: 3 years

5. Data Sharing

We only share data as necessary for service delivery:

πŸ”’ Cloud Infrastructure

Google Cloud Platform (EU regions only), Firebase Hosting

Standard Contractual Clauses (SCCs) ensure GDPR compliance

πŸ’³ Payment Processing

Stripe (PCI DSS compliant), PayPal

Payment data processed directly by providers, not stored by us

πŸ“Š Analytics

Google Analytics (anonymized), Hotjar (with consent)

IP anonymization enabled, demographic data collection disabled

πŸ“§ Communication Services

EmailJS (contact form processing), LinkedIn (social media integration)

EmailJS processes contact form submissions, LinkedIn provides social media features

βš–οΈ Legal Requirements

Customs authorities, tax authorities (when legally required)

Only upon valid legal request or court order

6. Cookies & Tracking

βœ… Essential Cookies (Always Active)

Required for basic website functionality

  • Authentication and session management
  • Security features and fraud prevention
  • Load balancing and performance

πŸ”§ Functional Cookies

Enhance your experience (opt-in required)

  • Language preferences and settings
  • UI customization and preferences
  • Form data storage

πŸ“Š Analytics Cookies (Optional)

Help us improve our service (consent required)

  • Usage statistics and performance monitoring
  • Feature effectiveness analysis
  • Error tracking and debugging

Cookie Management: You can manage cookie preferences through our cookie banner or browser settings. Essential cookies cannot be disabled without affecting service functionality.

7. Data Security

We implement appropriate technical and organizational measures:

  • Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
  • Access Control: Role-based permissions, multi-factor authentication
  • Monitoring: 24/7 security monitoring and incident response
  • Regular Audits: Security assessments and vulnerability testing
  • Staff Training: Regular data protection training for employees

8. Data Subject Rights

To exercise your GDPR rights, contact us at privacy@tradecomply.eu:

How to Request:

  1. Send email to privacy@tradecomply.eu with "GDPR Request" in subject
  2. Include your account email and specify which right you want to exercise
  3. We will verify your identity and respond within 30 days

Right to Complain: You have the right to lodge a complaint with a supervisory authority. In Germany, contact your local state data protection authority or the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

9. Privacy Policy Changes

We may update this privacy policy to reflect legal changes or service improvements. Material changes will be communicated via email or platform notification 30 days before taking effect.

Version History: Previous versions are available upon request.

Exercise your GDPR rights:

Contact: privacy@tradecomply.eu
← Terms & ConditionsImpressum β†’