Privacy Policy
1. Who We Are
Tradiemate Ltd (“TradieMate”, “we”, “us”, “our”) operates the TradieMate mobile application and website (tradie-mate.co.uk). We provide business management software for UK sole-trader tradespeople, including invoicing, quoting, customer management, job tracking, and payment collection.
We are the data controller for personal data processed through our services. Tradiemate Ltd is registered with the Information Commissioner’s Office (ICO) as a data controller. If you have any questions about how we handle your data, contact us at legal@tradie-mate.co.uk.
TradieMate is not a payment services provider, payment facilitator, or e-money institution. We do not hold, transmit, or process payments on your behalf. All payment processing is carried out by Stripe and GoCardless, who are independently regulated payment service providers. See Section 6 for full details.
2. What Data We Collect
2.1 Data You Provide Directly
Account information: your name, email address, phone number, business name, and trade type when you sign up.
Customer data: names, email addresses, phone numbers, and addresses of your customers that you add to the app.
Job and invoice data: job descriptions, quote details, invoice amounts, line items, payment information, and photos you upload.
Bank account details (optional): if you wish to receive customer payments by bank transfer, you can store your account holder name, sort code, and account number in TradieMate for display on your invoices. This is an optional feature — see Section 6.8 for full details on how this data is collected, stored, used, and protected.
Feedback: any messages you send us through the in-app feedback feature.
2.2 Data Collected Automatically
Device information: device type, operating system version, app version.
Push notification tokens: to send you notifications about your business activity.
Usage data: which features you use and when, to help us improve the app.
2.3 Data from Third Parties
Payment data from Stripe: Stripe provides us with limited payment confirmation details such as transaction amounts, payment status, and payout timing. We never see or store full card numbers, bank account numbers, or identity documents — see Section 6 for full details.
Direct Debit data from GoCardless: GoCardless provides us with mandate status and payment confirmation data. We do not see or store your customers’ full bank account details.
Accounting data from Xero: Xero provides invoice and contact synchronisation data if you choose to connect your Xero account.
3. How We Use Your Data
We use your data to:
Provide and operate the TradieMate app and its features.
Send invoices and quotes to your customers on your behalf.
Send automated WhatsApp messages and emails (payment reminders, quote follow-ups, service reminders) that you have enabled.
Facilitate payment collection through Stripe Connect and GoCardless (see Section 6).
Display your bank account details on invoices (if you have provided them) so your customers can pay you by bank transfer (see Section 6.8).
Synchronise your invoices and contacts with Xero.
Send you push notifications about your business activity.
Send you a welcome email and weekly business digest.
Generate AI-powered quotes from job descriptions you provide (see Section 5).
Improve our app and develop new features.
Respond to your feedback and support requests.
Comply with legal obligations.
4. Lawful Basis for Processing (UK GDPR)
Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we are required to have a valid lawful basis for processing your personal data. The table below sets out each category of personal data we process, the purpose of processing, and the lawful basis we rely on.
4.1 Lawful Basis Schedule
| Data Category | Purpose of Processing | Lawful Basis |
|---|---|---|
| Account registration data (name, email, phone, business name, trade type) | Creating and managing your TradieMate account; providing the service you signed up for | Contract — Article 6(1)(b): processing necessary for the performance of a contract |
| Customer data you input (customer names, phones, emails, addresses) | Storing your customer records; sending quotes, invoices, and reminders on your behalf | Contract — Article 6(1)(b): processing necessary to deliver the service you contracted for |
| Job and invoice data (job descriptions, quotes, invoice amounts, line items, photos) | Generating quotes; creating and sending invoices; tracking payments; syncing with Xero | Contract — Article 6(1)(b): processing necessary to deliver the service |
| Bank account details for invoice display (optional: account holder name, sort code, account number) | Displaying your bank account details on invoices so customers can pay you by bank transfer. Display only — TradieMate does not initiate, process, or access funds using this data. | Contract — Article 6(1)(b): processing necessary to deliver the bank transfer invoicing feature you opted into |
| Payment transaction data (amounts, status, dates from Stripe/GoCardless) | Displaying payment status in-app; reconciling your accounts; syncing with Xero | Contract — Article 6(1)(b) and Legal Obligation — Article 6(1)(c): tax record-keeping requirements |
| Job descriptions sent to AI (Claude API) | Generating AI-powered quotes from your job descriptions | Contract — Article 6(1)(b): processing necessary to deliver the AI quoting feature |
| WhatsApp/email communications metadata (delivery status, timestamps) | Tracking message delivery; providing you with visibility on communication status | Legitimate Interest — Article 6(1)(f): necessary for effective service delivery and your business operations |
| Device and usage data (device type, OS, app version, feature usage) | Improving the app; diagnosing technical issues; developing new features | Legitimate Interest — Article 6(1)(f): necessary to maintain and improve the service |
| Push notification tokens | Sending business activity notifications to your device | Consent — Article 6(1)(a): you can enable or disable push notifications at any time |
| Marketing communications (email) | Sending promotional content, product updates, and offers | Consent — Article 6(1)(a): you opt in during registration and can unsubscribe at any time |
| Business digest emails | Sending weekly summaries of your business activity | Legitimate Interest — Article 6(1)(f): providing valuable business insights. You can opt out at any time |
| CRM contact records (HubSpot) | Managing user lifecycle from signup through subscription; tracking onboarding and engagement | Legitimate Interest — Article 6(1)(f): necessary to deliver effective onboarding and customer support |
| Financial and tax records (invoices, payment records) | Complying with UK tax law and HMRC requirements including Making Tax Digital | Legal Obligation — Article 6(1)(c): required by UK tax legislation |
| Fraud prevention data | Detecting and preventing fraudulent use of the platform | Legitimate Interest — Article 6(1)(f): protecting the platform, our users, and their customers |
4.2 Legitimate Interest Assessments
Where we rely on legitimate interest as our lawful basis, we have carried out a Legitimate Interest Assessment (LIA) to ensure that our interests do not override your rights and freedoms. In each case, we have considered:
The purpose: whether the processing is necessary and proportionate to the aim.
The impact on individuals: whether the processing could cause harm, and whether individuals would reasonably expect it.
Safeguards: what measures we have in place to minimise any impact, including the ability to opt out.
You have the right to object to processing based on legitimate interest at any time. Contact legal@tradie-mate.co.uk to exercise this right. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.
4.3 Consent
Where we rely on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal. You can withdraw consent by:
Push notifications: disabling notifications in your device settings or in the TradieMate app.
Marketing emails: clicking the “unsubscribe” link in any marketing email, or contacting legal@tradie-mate.co.uk.
Business digest emails: clicking “unsubscribe” or adjusting your preferences in the app settings.
4.4 Special Category Data
We do not intentionally collect any special category data (also known as sensitive personal data) as defined under Article 9 of UK GDPR. This includes data relating to racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, sex life, or sexual orientation. If you include such data in free-text fields (e.g. job descriptions), we process it solely for the purpose of providing the service and take no further action on it.
5. AI-Powered Features
TradieMate uses artificial intelligence (powered by the Anthropic Claude API) to generate quotes from job descriptions you provide.
When you use the AI quote feature, the job description and trade type are sent to the Anthropic API to generate a quote.
We do not send personally identifiable information about you or your customers (such as names, addresses, or phone numbers) to the AI service for quote generation.
Anthropic’s commercial terms governing API usage exclude submitted content from being used to train Anthropic’s AI models.
Generated quotes are stored within your TradieMate account and are not shared with other users.
6. Payments, Stripe Connect, and Financial Data
This section explains in detail how payment processing works within TradieMate, what data Stripe collects, what data we can see, and the respective roles and responsibilities.
6.1 TradieMate Is Not a Payment Facilitator
TradieMate does not process, hold, or transmit payments. We are not a payment facilitator, payment services provider, or e-money institution. We do not handle your funds at any point.
Instead, TradieMate uses Stripe Connect with Standard accounts. This means:
Each tradesperson who uses payment features creates their own direct relationship with Stripe.
Stripe is the payment processor and is independently responsible for payment processing, regulatory compliance, and fund management.
Payments from your customers go directly to your Stripe account, not through TradieMate.
Stripe pays out funds directly to your bank account according to the payout schedule you configure in your Stripe Dashboard.
TradieMate simply provides the software interface that connects to your Stripe account to initiate payment requests on your behalf.
6.2 Stripe Connect Standard Accounts
When you enable payment collection in TradieMate, you will be directed to Stripe to create a Stripe Connect Standard account. This involves:
Stripe’s onboarding process: you create your account directly with Stripe on their platform. TradieMate does not control or manage this process.
Your direct agreement with Stripe: by creating a Stripe account, you enter into a direct contractual relationship with Stripe under Stripe’s Connected Account Agreement and Stripe’s Privacy Policy. These are separate from your agreement with TradieMate.
Account management: you can manage your Stripe account, payout schedule, bank details, and account settings directly through the Stripe Dashboard at dashboard.stripe.com.
6.3 What Data Stripe Collects Directly From You
During Stripe’s onboarding and Know Your Customer (KYC) process, Stripe collects the following data directly from you. This data is collected by Stripe, processed by Stripe, and stored by Stripe. TradieMate does not collect, see, or store this data:
Identity verification (KYC) data:
Your full legal name.
Date of birth.
Home address.
Government-issued photo identification (e.g. passport, driving licence). The image and data extracted from your ID document are processed and stored by Stripe, not TradieMate.
National Insurance number or other tax identification number (where required by Stripe for regulatory compliance).
Financial data:
Bank account details (sort code and account number) for receiving payouts.
Debit card details (if used as an alternative payout method).
Business verification data:
Business name and trading name.
Business address.
Business type (sole trader, limited company, etc.).
Company registration number (if applicable).
VAT registration number (if applicable).
Information about the nature of your business and expected transaction volumes.
Stripe collects and processes this data as an independent data controller for the purposes of regulatory compliance, fraud prevention, anti-money laundering (AML), and Know Your Customer (KYC) obligations. Stripe’s collection and use of this data is governed by Stripe’s Privacy Policy at stripe.com/privacy.
6.4 What Data TradieMate Can See
Through the Stripe Connect API, TradieMate has access to a limited subset of your Stripe account data. Specifically, we can see:
Account status: whether your Stripe account is active, pending verification, or restricted.
Charges and payment intents: transaction amounts, currency, payment status (succeeded, failed, refunded), and the date/time of transactions initiated through TradieMate.
Payout status: whether payouts to your bank account are scheduled, pending, or completed (we cannot see your bank account details).
Customer payment method type: whether a customer paid by card, Apple Pay, Google Pay, etc. (we cannot see card numbers or bank details).
Refund status: whether a refund has been issued for a transaction initiated through TradieMate.
Basic account information: your business name and email address as registered with Stripe.
TradieMate cannot see and does not have access to:
Your full bank account number or sort code as held by Stripe for payouts (Stripe does not expose this through the Connect API).
Your customers’ full card numbers, CVVs, or bank account details.
Your identity documents (passport, driving licence, etc.).
Your date of birth, National Insurance number, or home address as provided to Stripe.
Your Stripe Dashboard login credentials.
Any data you provide to Stripe outside of transactions initiated through TradieMate.
6.5 Your Customers’ Payment Data
When your customers make a payment through a TradieMate invoice link:
The customer’s payment card details are entered directly on a Stripe-hosted payment page. At no point does TradieMate collect, see, or store your customer’s card number, expiry date, or CVV.
Stripe processes the payment and confirms the transaction status to TradieMate.
TradieMate receives confirmation that the payment was successful (or failed), the amount, and the payment method type. We do not receive the customer’s card details.
Stripe is PCI DSS Level 1 certified, the highest level of payment security certification.
6.6 GoCardless and Direct Debit
TradieMate integrates with GoCardless to enable Direct Debit payments from your regular customers:
GoCardless collects bank account details directly from your customers to set up Direct Debit mandates. TradieMate does not see or store these bank account details.
We receive mandate status (active, cancelled, failed) and payment confirmation data from GoCardless.
GoCardless acts as an independent data controller for the purposes of processing Direct Debit payments and complying with financial regulations.
GoCardless processes data in accordance with their own Privacy Policy at gocardless.com/legal/privacy.
6.7 Disconnecting Your Payment Accounts
You can disconnect your Stripe account or GoCardless account from TradieMate at any time through your account settings. When you disconnect:
TradieMate will no longer be able to initiate payment requests on your behalf.
Your Stripe or GoCardless account remains active and is managed directly by you through their respective dashboards.
Historical transaction data within TradieMate (amounts, dates, status) will be retained in accordance with our data retention policy (see Section 9).
6.8 Bank Account Details for Invoice Display
Separately from Stripe Connect and GoCardless, TradieMate offers an optional feature that allows you to store your bank account details so they automatically appear on invoices you send to customers paying by bank transfer. This section explains exactly what is collected, how it is used, and the strict limitations on what TradieMate can do with this data.
What we collect
If you choose to use this feature, you can enter and store:
Your account holder name (the name on your UK bank account).
Your UK sort code (six digits, stored in the canonical XX-XX-XX format).
Your account number (eight digits).
The feature is entirely optional. If you do not enable it, no bank account information is collected and no bank transfer details appear on your invoices.
Why we collect it
So your customers know where to send bank transfer payments when you issue them an invoice. The details are displayed as text on the invoice for the customer’s reference.
Where it is stored
In our Supabase database in the West Europe (London) region, encrypted at rest. Access is restricted by row-level security policies so that only you can view your own bank details when signed in to your TradieMate account.
Who can see it
You, when signed in to your TradieMate account.
Your customers, when they receive an invoice you have configured for bank transfer payment.
No one else. We do not share these details with any third party, including Stripe, GoCardless, Xero, HubSpot, or any other service provider.
Important: TradieMate cannot use these details to access your funds
These bank details are stored solely as display strings for invoicing purposes. TradieMate is not a payment services provider, holds no banking permissions, and has no mechanism by which these details could be used to initiate, process, debit, or withdraw funds. The data flow is one-way: you enter your details, we display them on invoices you send to your customers. There is no integration with any banking API and no functionality within TradieMate by which money could be moved using this information.
How you control it
You can add, edit, or remove your bank details at any time through Edit Profile in the TradieMate app. Clearing any of the three fields removes the information from our database immediately. You are not required to provide bank details to use TradieMate.
Retention
Retained while present in your Edit Profile. Deleted immediately when you clear the fields yourself or when you delete your TradieMate account. Unlike transactional records, no further retention obligation applies to these display strings.
7. Who We Share Your Data With
We do not sell your data to third parties. We do not share your data with advertisers. We share your data only with the following categories of service providers, all of whom are bound by data processing agreements:
Supabase (database hosting) — stores your account, customer, job, and invoice data. Servers located in West Europe (London).
Stripe (payment processing) — processes customer payments via Stripe Connect Standard accounts. Stripe is PCI DSS Level 1 certified and acts as an independent data controller for KYC and payment processing.
GoCardless (Direct Debit) — processes Direct Debit mandates and payments. Acts as an independent data controller for payment processing.
Twilio (WhatsApp messaging) — sends WhatsApp messages to your customers on your behalf (invoices, reminders, quotes).
SendGrid (email) — sends emails on your behalf (welcome emails, payment failure fallback emails, weekly digests).
Xero (accounting) — synchronises your invoices and customer contacts if you choose to connect your Xero account.
HubSpot (CRM) — stores contact records and tracks marketing engagement to manage user lifecycle from signup through subscription. EU data centre.
Anthropic (AI) — processes job descriptions to generate quotes using Claude AI. No personal data is sent beyond job descriptions and trade type.
Apple (App Store, subscription billing, push notifications) — handles subscription billing for users who subscribe via the App Store, and delivers push notifications to your device.
Expo (push notification infrastructure) — routes push notifications between TradieMate and Apple’s notification service.
Bank account details stored for invoice display (Section 6.8) are not shared with any third party. They are held solely in our Supabase database and rendered onto invoices you send.
8. Your Customers’ Data
When you add customer information to TradieMate, you are the data controller for that customer data, and we are your data processor. You are responsible for:
Having a lawful basis to store and use your customers’ contact information.
Informing your customers that you use TradieMate to manage invoices and communications.
Informing your customers that payments are processed by Stripe and/or GoCardless, and that their payment data is subject to those providers’ privacy policies.
Responding to any data access or deletion requests from your customers.
We will assist you in responding to customer data requests where possible.
9. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The table below sets out our retention periods for each category of data.
9.1 Retention Schedule
| Data Category | Retention Period | Reason / Legal Basis |
|---|---|---|
| Account data (name, email, phone, business name) | Retained while your account is active. Deleted within 30 days of account deletion. | Contract: necessary to provide the service. Deleted when no longer needed. |
| Customer data (names, contacts, addresses) | Retained while your account is active. You can delete individual records at any time. | Contract: necessary to provide CRM features. You control deletion. |
| Job and invoice data (descriptions, quotes, amounts, line items) | Retained while your account is active. Deleted within 30 days of account deletion, subject to tax retention requirements. | Contract and Legal Obligation: tax records must be kept for 7 years. |
| Bank account details for invoice display (optional) | Retained while present in your Edit Profile. Deleted immediately when fields are cleared or account is deleted. | Contract: necessary only while the feature is in use. No further retention obligation since these are display strings, not transactional records. |
| Payment and transaction records (amounts, dates, status from Stripe/GoCardless) | Retained for 7 years from the date of the transaction. | Legal Obligation: UK tax law (HMRC) requires financial records to be kept for at least 6 years, plus the current year. |
| Photos uploaded to jobs | Stored while the associated job exists. Deleted when you delete the photo or the job. | Contract: necessary to provide the service. |
| WhatsApp and email message logs (delivery status, timestamps) | Retained for 2 years from the date of the message. | Legitimate Interest: audit trail for dispute resolution and service quality. |
| AI-generated quotes (output from Claude API) | Retained within your account while the associated job exists. | Contract: necessary to provide the quoting service. |
| Device and usage data | Retained for 12 months in anonymised/aggregated form. | Legitimate Interest: service improvement and analytics. |
| Push notification tokens | Retained while your account is active and notifications are enabled. Deleted on account deletion or when disabled. | Consent: deleted when consent is withdrawn. |
| Marketing consent records | Retained for 3 years after consent is withdrawn, as a record that consent existed. | Legal Obligation: demonstrating compliance with UK GDPR consent requirements. |
| HubSpot CRM records | Retained while your account is active. Deleted within 30 days of account deletion. | Legitimate Interest: customer relationship management. |
| Stripe Connect data (KYC, identity docs, bank details) | Held by Stripe, not TradieMate. Retained by Stripe in accordance with Stripe’s retention policies and regulatory obligations. | N/A — TradieMate does not hold this data. Contact Stripe directly. |
| GoCardless mandate and payment data | Mandate status retained within TradieMate while active. Payment records retained for 7 years. | Contract and Legal Obligation: financial record-keeping. |
| Support and feedback messages | Retained for 2 years from the date of the message. | Legitimate Interest: service improvement and dispute resolution. |
9.2 What Happens When You Delete Your Account
When you request account deletion:
Your account data, customer records, job data, photos, and any stored bank account details for invoice display are permanently deleted within 30 days.
Payment and invoice records required for UK tax compliance are retained for 7 years from the transaction date, after which they are permanently deleted. During this retention period, the data is archived and is not actively processed.
Message logs are retained for up to 2 years for audit purposes, then deleted.
Data held by third parties (Stripe, GoCardless, Xero, Twilio, HubSpot, Apple) is subject to their own retention policies. You should contact them directly if you wish to delete data they hold.
We will confirm deletion of your data by email within 30 days of your request.
9.3 Your Right to Request Earlier Deletion
You can request deletion of specific data at any time by emailing legal@tradie-mate.co.uk. We will comply with your request unless we have a legal obligation to retain the data (e.g. tax records) or a legitimate ground that overrides your request. If we cannot delete specific data, we will explain why and provide a date when it will be deleted.
10. Data Security
We take the security of your data seriously:
All data is encrypted in transit (TLS/SSL) and at rest.
Database hosted in Supabase’s West Europe (London) region with row-level security policies.
Authentication via one-time passcodes (no passwords stored).
Payment data handled by Stripe (PCI DSS Level 1 certified) and GoCardless — we never store card numbers or customers’ bank account details.
Bank account details stored for invoice display (Section 6.8) are encrypted at rest with row-level security so that only the account holder can access them. TradieMate has no banking permissions or APIs through which this data could be used to access funds.
Identity verification documents (passport, driving licence) are collected and stored by Stripe, not by TradieMate.
Access to production systems is restricted to authorised personnel only.
11. Your Rights Under UK GDPR (Data Subject Rights)
Under the UK General Data Protection Regulation and the Data Protection Act 2018, you have the following rights over your personal data. These rights are not absolute and may be subject to exceptions set out in the legislation.
11.1 Your Rights Explained
| Right | What It Means | How to Exercise It |
|---|---|---|
| Right of Access (Article 15) | You can request a copy of all personal data we hold about you, along with information about how we process it, who we share it with, and how long we keep it. | Email legal@tradie-mate.co.uk with the subject “Data Access Request”. We will provide your data in a commonly used electronic format (e.g. CSV or PDF). |
| Right to Rectification (Article 16) | You can request that we correct any inaccurate personal data or complete any incomplete data we hold about you. | You can edit most data directly in the app (profile, customer records, bank account details). For other corrections, email legal@tradie-mate.co.uk. |
| Right to Erasure (Article 17) | You can request that we delete your personal data. This is also known as the “right to be forgotten.” We must comply unless we have a legal obligation to keep the data. | Email legal@tradie-mate.co.uk or delete your account through the app settings. You can also clear your bank account details directly in Edit Profile. Note: financial records required by HMRC cannot be deleted until the retention period expires. |
| Right to Restriction (Article 18) | You can request that we limit how we process your data, for example while we investigate a complaint or verify the accuracy of your data. | Email legal@tradie-mate.co.uk with details of the restriction you are requesting. |
| Right to Data Portability (Article 20) | You can request a copy of the personal data you provided to us in a structured, commonly used, machine-readable format, and have it transferred to another provider. | Email legal@tradie-mate.co.uk. We will provide your data in CSV or JSON format. This applies to data processed by consent or contract. |
| Right to Object (Article 21) | You can object to processing based on legitimate interest or direct marketing at any time. We must stop processing unless we can show compelling legitimate grounds. | Email legal@tradie-mate.co.uk. For marketing, click “unsubscribe” in any email. We will stop processing within 30 days. |
| Right to Withdraw Consent | Where processing is based on consent (e.g. push notifications, marketing emails), you can withdraw your consent at any time without giving a reason. | Disable push notifications in your device settings. Click “unsubscribe” in marketing emails. Or email legal@tradie-mate.co.uk. |
| Right Not to be Subject to Automated Decision-Making (Article 22) | You have the right not to be subject to decisions based solely on automated processing that produce legal or significant effects on you. | TradieMate does not currently make any solely automated decisions with legal or significant effects. AI quote generation is a tool to assist you and does not make decisions about you. |
11.2 How We Handle Your Requests
Response time: we will respond to all data subject requests within 30 calendar days of receipt. If your request is complex or we receive a high volume of requests, we may extend this by a further 60 days, and we will inform you of any extension within the initial 30-day period.
Verification: we may need to verify your identity before processing your request to protect your data from unauthorised access. We will ask for sufficient information to confirm your identity.
No fee: in most cases, we will not charge a fee for processing your request. However, if your request is manifestly unfounded or excessive (for example, if you make repeated identical requests), we may charge a reasonable fee or refuse to act on the request.
Third-party data: if your request relates to data held by Stripe, GoCardless, Xero, or another third-party service provider, we will direct you to the relevant provider. We cannot action requests relating to data we do not hold.
11.3 Data Held by Stripe
For personal data held directly by Stripe (including your identity verification documents, bank account details, date of birth, National Insurance number, and KYC information), you will need to exercise your rights directly with Stripe. TradieMate does not have access to this data and cannot process requests relating to it.
You can contact Stripe through:
Stripe Privacy Centre: stripe.com/privacy
Stripe Support: support.stripe.com
Stripe’s Data Protection Officer: privacy@stripe.com
11.4 Right to Complain
If you are not satisfied with how we handle your data or respond to your request, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We encourage you to contact us first at legal@tradie-mate.co.uk so we can try to resolve your concern directly.
12. Cookies
The TradieMate mobile app does not use cookies. Our website (tradie-mate.co.uk) uses essential cookies only for basic functionality.
13. Children’s Privacy
TradieMate is a business management tool designed for adults. We do not knowingly collect data from anyone under the age of 18. If we learn that we have collected personal data from a child, we will delete it promptly.
14. International Transfers
Your data is primarily stored in the UK/EU (Supabase West Europe). Some of our service providers (Stripe, Twilio, SendGrid, Anthropic, HubSpot, Apple) may process data in the United States. Where this occurs, appropriate safeguards are in place, including:
The UK Extension to the EU-US Data Privacy Framework, where the receiving organisation is certified.
UK International Data Transfer Agreements (IDTAs) and Standard Contractual Clauses (SCCs) approved by the UK government.
Adequacy decisions where the UK government has determined that a country provides an adequate level of data protection.
Stripe processes KYC and payment data in accordance with their global data processing practices. Details of Stripe’s international data transfer mechanisms are available in Stripe’s Privacy Policy.
Bank account details stored for invoice display (Section 6.8) are held in the UK/EU only (Supabase West Europe / London) and are not transferred internationally.
15. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of significant changes by email or through the app. The “Last Updated” date at the top of this policy indicates when it was most recently revised.
16. Contact Us
If you have questions about this privacy policy or how we handle your data:
Email: legal@tradie-mate.co.uk
Website: tradie-mate.co.uk
Company: Tradiemate Ltd
Registered office: 22 Luton Road, Chalton, Luton, LU4 9UG, United Kingdom
Companies House number: 17100934
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.