Skip to main content

Privacy Policy

Last updated: 19 March 2026

1. Introduction

Trade2Trade Ltd ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our hospitality equipment repair marketplace platform at trade2trade.co.uk.

This policy should be read alongside our GDPR Compliance Policy, Cookie Policy, and Terms of Service.

2. Who We Are

Trade2Trade Ltd is the data controller for personal data collected through this platform. Our contact details for data protection enquiries:

3. Information We Collect

3.1 Information You Provide

When you register and use Trade2Trade, we collect:

  • Account information: Name, email address, phone number, password
  • Business information: Venue name, address, type, business registration details
  • Professional credentials: Certifications (Gas Safe, NICEIC, etc.), qualifications, insurance details, licence numbers
  • Financial information: Bank details for payouts, invoicing details (processed securely via Stripe — we do not store card numbers)
  • Profile content: Bio, profile photo, portfolio images, video introductions
  • Job-related data: Job descriptions, completion reports, photos, messages between parties
  • Equipment data: Equipment details, service history, manufacturer information
  • Reviews and ratings: Written reviews, star ratings, response content

3.2 Information Collected Automatically

When you use the Platform, we automatically collect:

  • Device information: IP address, browser type and version, operating system
  • Usage data: Pages visited, features used, time spent, search queries
  • Location data: Approximate location derived from IP address (used for job matching)
  • Cookies and tracking technologies: See our Cookie Policy

3.3 Information from Third Parties

  • Google OAuth: Name, email, and profile picture when you sign in with Google
  • Stripe: Payment confirmation status and payout details
  • Certification bodies: Verification of professional credentials where applicable

4. How We Use Your Information

We use your information to:

4.1 Provide Our Services

  • Create and manage your account
  • Match venues with qualified technicians based on location, skills, and availability
  • Facilitate job postings, offers, and communication
  • Process payments through our escrow system
  • Generate invoices and financial reports
  • Track equipment and service history

4.2 Improve and Protect

  • Analyse usage patterns to improve platform features
  • Detect and prevent fraud, abuse, and security incidents
  • Monitor platform performance and resolve technical issues
  • Verify technician certifications and qualifications

4.3 Communicate

  • Send transactional notifications (job updates, payment confirmations, new messages)
  • Provide customer support
  • Send marketing communications (only with your consent; you can unsubscribe at any time)

4.4 Legal Compliance

  • Comply with tax and financial regulations (HMRC requirements)
  • Respond to lawful requests from authorities
  • Enforce our Terms of Service

5. Information Sharing

We do not sell your personal information. We share information only in the following circumstances:

  • Between users: Venue names and locations are shared with technicians for job matching; technician profiles, ratings, and certifications are visible to venues
  • Payment processors: Stripe receives necessary payment data under PCI DSS standards
  • Hosting and infrastructure: Our hosting providers process data under strict Data Processing Agreements
  • Analytics: Anonymised and aggregated data only (no personally identifiable information)
  • Legal requirements: When required by law, court order, or to protect rights and safety
  • Business transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
  • With your consent: For any other purpose with your explicit agreement

6. Data Security

We implement robust technical and organisational measures to protect your personal information:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Secure password hashing (bcrypt)
  • Optional two-factor authentication (2FA)
  • Regular security audits and penetration testing
  • Role-based access controls
  • Automated audit logging of data access
  • Database backups with encryption

While we strive for the highest security standards, no method of transmission over the internet is 100% secure. We encourage you to use strong passwords and enable two-factor authentication.

7. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have the following rights:

  • Access — Request a copy of all personal data we hold about you
  • Rectification — Request correction of inaccurate or incomplete data
  • Erasure — Request deletion of your data (subject to legal retention requirements)
  • Restrict processing — Request limits on how we use your data
  • Data portability — Receive your data in a machine-readable format
  • Object — Object to processing based on legitimate interests or for marketing
  • Withdraw consent — Withdraw consent at any time for consent-based processing

To exercise these rights, email privacy@trade2trade.co.uk. We will respond within 30 days.

For full details of your GDPR rights, see our GDPR Compliance Policy.

8. Cookies

We use cookies and similar technologies to enhance your experience, analyse site usage, and for marketing purposes (with your consent). We provide a granular cookie consent mechanism where you can choose which categories of cookies to accept.

For detailed information about the cookies we use and how to manage them, see our Cookie Policy.

9. Data Retention

We retain your personal information for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements:

  • Active accounts: Data retained for the duration of your account
  • Deleted accounts: Personal data deleted within 30 days; anonymised records may be retained for legal purposes
  • Financial records: Retained for 7 years as required by HMRC
  • Audit logs: Retained for 90 days
  • Marketing data: Retained until you unsubscribe or withdraw consent

10. International Transfers

Your information may be transferred to and processed in countries other than the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and the UK International Data Transfer Agreement (IDTA).

11. Children's Privacy

Trade2Trade is a B2B marketplace. Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a minor, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or regulatory requirements. Material changes will be notified via email and platform notification at least 14 days before they take effect. The "Last updated" date indicates the latest revision.

13. Complaints

If you have concerns about how we handle your data, please contact us first at privacy@trade2trade.co.uk. You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

14. Contact Us

For questions about this Privacy Policy, contact us at: privacy@trade2trade.co.uk

Related Policies

Terms of ServiceGDPR PolicyCookie Policy