Privacy Policy
Tradeflow Technologies Inc (“Tradeflow”, “we”, “us”, or “our”) operates the Tradeflow website at www.tradeflow.finance and the Tradeflow portal at portal.tradeflow.finance (together, the “Services”). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights in relation to that information.
This policy applies to personal information we process as a data controller. When we process personal information on behalf of our business customers (e.g., data they upload about their own staff or suppliers), we act as a processor and the business customer’s privacy policy governs.
By using the Services you acknowledge that you have read and understood this policy. If you do not agree, please do not use the Services.
1. Information we collect
1.1 Information you give us
- Account information. When you sign up, we collect your name, email address, phone number, company name, role, and the password you set (stored in hashed form by our authentication provider).
- Transactional information. Orders you place, purchase orders you generate, invoices you upload, supplier relationships you configure, and related free-text notes.
- Communications. Emails, support messages, and forms you submit (including the waiting-list or contact form on the marketing site).
- Payment information. If you make a payment through the Services, billing details are collected by our payment providers. We do not store full card details on our own systems.
1.2 Information collected automatically
- Usage data. Pages and screens you view, features you use, approximate time spent, referring URL, and actions you take.
- Device and connection. IP address, browser type and version, operating system, screen size, language preference.
- Cookies and similar technologies. Session cookies for authentication, preference cookies, and analytics identifiers. See Section 6.
1.3 Information from third parties
If you sign in using a third-party identity provider, or link a point-of-sale (POS) integration or accounting tool, we receive the information those providers share with us consistent with your authorisations and their privacy terms.
2. How we use your information
We use personal information to:
- provide, operate, and maintain the Services, including authenticating you, processing your orders, and rendering invoices;
- communicate with you about your account, orders, product updates, and support requests;
- improve the Services, including analysing usage patterns, diagnosing issues, and developing new features;
- personalise your experience (e.g., remembering your supplier selections);
- send marketing communications about Tradeflow products and services, where you have consented or where permitted by law. You may opt out at any time using the unsubscribe link in our emails or by contacting us;
- comply with legal obligations, enforce our Terms of Use, prevent fraud, and protect the rights, property, or safety of Tradeflow, our users, and others.
3. Legal bases for processing (EEA / UK visitors)
If you are in the European Economic Area or United Kingdom, our legal bases for processing your personal information are:
- Performance of a contract — to deliver the Services you have signed up for.
- Legitimate interests — to operate and improve the Services, protect them from misuse, and communicate relevant product information. You may object to processing on this basis.
- Consent — for optional cookies, certain marketing communications, and any processing that requires consent under applicable law. You may withdraw consent at any time.
- Legal obligation — to comply with laws, regulations, and lawful requests from authorities.
4. How we share your information
4.1 Service providers (sub-processors)
We share information with vendors who help us run the Services under contractual obligations to protect your data. Our main sub-processors include:
| Provider | Purpose | Location |
|---|---|---|
| Amazon Web Services | Cloud hosting, storage, content delivery | South Africa, Europe, USA |
| Auth0 (Okta) | Authentication and identity management | Europe, USA |
| Amazon SES | Transactional email delivery | Europe, USA |
| Google Analytics | Website and product usage analytics | USA |
| GoDaddy | Domain registration | USA |
We keep this list current. If you need an up-to-date detailed sub-processor list, contact us at the address in Section 11.
4.2 Business partners
If you place orders through the Services, we share order information (item, quantity, contact details for delivery) with the supplier you are ordering from so they can fulfil your order. Suppliers process that information under their own privacy terms.
4.3 Legal and safety
We may disclose personal information (i) to comply with applicable law, regulation, legal process, or governmental request; (ii) to enforce our Terms of Use; (iii) to protect the rights, property, and safety of Tradeflow, our users, or the public; or (iv) to investigate fraud, security, or technical issues.
4.4 Corporate transactions
If Tradeflow is involved in a merger, acquisition, restructuring, or sale of assets, personal information may be transferred as part of that transaction. We will notify you of any such change and of any choices you may have.
4.5 With your consent
We may share personal information for any other purpose disclosed to you at the time we collect it, or for which you otherwise consent.
We do not sell your personal information.
5. International data transfers
We are incorporated in Delaware, USA and operate globally. Personal information we collect may be transferred to, stored in, and processed in countries other than the one in which you reside, including the United States and the European Union. Where required by applicable law (e.g., GDPR, UK GDPR, or POPIA’s Section 72), we use appropriate safeguards such as Standard Contractual Clauses and supplementary measures to protect personal information during transfer.
6. Cookies and analytics
We and our service providers use cookies and similar technologies to operate the Services and to understand how they are used.
- Strictly necessary cookies keep you logged in and remember what you are doing while using the Services. These cannot be disabled.
- Preference cookies remember your settings to personalise your experience.
- Analytics cookies (Google Analytics 4) help us understand aggregate usage patterns so we can improve the Services. Analytics data is pseudonymised and IP addresses are truncated where possible.
You can control cookies via your browser settings. Opting out of analytics cookies is also possible by installing the Google Analytics Opt-out Browser Add-on. Blocking strictly necessary cookies may prevent parts of the Services from working.
7. Data retention
We retain personal information only for as long as needed to deliver the Services, comply with our legal obligations (e.g., tax, accounting, and legal record-keeping), resolve disputes, and enforce our agreements.
Typical retention periods:
- Account data — for the life of your Account, plus up to 7 years thereafter for financial record-keeping requirements.
- Transactional records (orders, invoices) — 7 years, or longer where required by tax or commercial law.
- Analytics data — up to 26 months in Google Analytics (default retention).
- Marketing preferences — until you unsubscribe, and for a reasonable period thereafter to honour your preference.
Where we no longer need personal information, we delete or anonymise it.
8. Security
We take reasonable and appropriate technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration, and destruction. These include encryption of data in transit over HTTPS, access controls on our systems, authentication via a dedicated identity provider (Auth0), and segmented production environments.
No system is perfectly secure. If you believe your Account has been compromised, please contact us immediately at hello@tradeflow.finance.
9. Your rights
Depending on where you live, you may have some or all of the following rights in respect of personal information we hold about you:
- the right to access a copy of your personal information;
- the right to request correction of inaccurate or incomplete information;
- the right to request deletion of your personal information, subject to legal and contractual retention requirements;
- the right to object to or restrict certain processing;
- the right to data portability, where applicable;
- the right to withdraw consent where processing is based on consent;
- the right to lodge a complaint with your local data protection authority. In South Africa this is the Information Regulator. In the EU/UK it is your national supervisory authority.
To exercise these rights, contact us at hello@tradeflow.finance. We will verify your identity and respond within the timeframe required by applicable law.
9.1 California privacy rights
If you are a California resident, in addition to the rights above, you may have rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA, including the right to know what personal information we collect, the right to delete, the right to correct, and the right to opt out of any sale or sharing of personal information for cross-context behavioural advertising. We do not sell personal information. To exercise your rights, contact us at hello@tradeflow.finance.
9.2 South African privacy rights (POPIA)
If you are a data subject under South Africa’s Protection of Personal Information Act, 4 of 2013 (“POPIA”), you may also exercise the rights described in Sections 23, 24, and 25 of POPIA, including the right to request confirmation that we hold your personal information and to have that information corrected or deleted in the circumstances POPIA allows. You may also lodge a complaint with the Information Regulator of South Africa.
10. Children’s privacy
The Services are not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to our practices, legal requirements, or the Services. When we make material changes, we will notify you by email (if we have your address) and/or by posting a prominent notice on the Services. The “Effective” date at the top of this policy indicates when the latest version took effect. Your continued use of the Services after changes take effect constitutes your acceptance of the updated policy.
12. Contact us
If you have questions, concerns, or requests related to this Privacy Policy or your personal information, please contact us:
Tradeflow Technologies Inc.Attn: Sebastian Dyantyi — Privacy
1111B South Governors Avenue STE 219898
Dover, Delaware 19904
Email: hello@tradeflow.finance