Privacy & Cookie Policy for Trade Forge Network

This Privacy & Cookie Policy describes how we collect, use, store, and protect your personal information when you visit our website or use our services. We operate in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable e-privacy regulations.

By using our website, you acknowledge that you have read and understood this policy.

The Data Controller for all personal data processed via this website is:

Trade Forge Network
Email: info@tradeforgenet.com

If you have any questions regarding your personal data, you may contact us at any time.

We may collect and process the following information:

Under the UK GDPR, we must identify the lawful basis for processing. We process your data for the following purposes:

We may use your personal data to:

• Communicate with you and respond to enquiries

• Provide quotes, proposals, and service agreements

• Deliver our trade business support services

• Maintain internal administrative records

• Send relevant updates, newsletters, offers, and outreach communications in line with your preferences and applicable law (see section 5A)

• Analyse website usage to enhance the user experience

• Ensure the security and integrity of our website and systems

We do not conduct profiling that produces legal or similarly significant effects.

We may contact businesses about our services using work contact details that are publicly available or provided to us.

How we contact you depends on the type of business:

• Limited companies and other corporate businesses: we may contact you by email, SMS, and phone where permitted by law. Every marketing message will include a simple way to opt out.

• Sole traders: we may contact you by phone where permitted by law. We will only email or text you marketing if you have given us permission (for example, during a call where you agree to receive emails).

Call screening and preference lists:

Before making marketing calls, we may screen against preference services and maintain suppression lists to reduce unwanted contact. If you tell us you do not want to hear from us, we will stop and record your preference.

Your choices:

You can opt out at any time by using the unsubscribe link in our emails, replying "STOP" to any email or SMS from us, telling us during a phone call, or emailing info@tradeforgenet.com.

We do not sell your personal data.

We may share data with:

• Service providers (e.g., hosting, CRM, email platforms)

• Payment processors (e.g., Stripe, GoCardless)

• Analytics providers (e.g., Google Analytics, Meta Pixel)

• Professional advisors (legal, accounting)

• Regulators or law enforcement where legally required

All third parties are required to handle your data securely and only for the purpose for which it was shared.

Where we act as a Data Processor

In addition to the data we collect directly, we also provide business support services where we process personal data on behalf of our clients (who are the Data Controllers).

Services involving client customer data:

When clients engage us for business support services, we may process:

Customer/Client Data:

• Names

• Phone numbers

• Email addresses

• Postal addresses

• Previous job details and service history

• Communication history

• Quote and invoice information

• Payment status

• Job scheduling information

• Any other information necessary to deliver the agreed services

Enquiry/Lead Data:

• Prospective customer contact details

• Enquiry sources and details

• Quote requests and responses

• Follow-up communications

Our role: We act as a Data Processor on behalf of the client (the Data Controller). All processing is governed by a Data Processing Agreement (DPA) signed with each client before services commence.

Legal basis: The client (Data Controller) is responsible for ensuring they have a lawful basis to:

• Hold and process this customer data

• Share it with us for service delivery purposes

• Contact their customers for business purposes

Typically the lawful basis is:

• Legitimate interests (existing customer relationship, business administration)

• Contractual necessity (fulfilling contracts with customers)

• Consent (where explicitly obtained)

Your rights: If your data is being processed as part of our client services and you wish to exercise your data protection rights (access, deletion, rectification, objection, etc.), please contact the business that originally collected your data. They are the Data Controller and are responsible for handling your request.

If you receive follow-up messages as part of our Repeat Work Management service, you may stop receiving them by replying "STOP" to any message.

Data security: All client customer data is:

• Stored in password-protected systems (Google Sheets, secure cloud storage)

• Accessed only by authorised Trade Forge Network personnel

• Used solely for the purpose of delivering the agreed services

• Never shared with unauthorised third parties

• Deleted or returned to the client within 30 days of service termination

• Protected by our Data Processing Agreement with the client

Data retention: Client customer data is retained only for the duration of the service agreement, plus up to 30 days for final administrative tasks and data deletion confirmation.

Some third-party tools we use may store or process data outside the UK.

Where this occurs, we ensure safeguards such as:

• UK Addendum to EU Standard Contractual Clauses

• Adequacy decisions

• Additional technical and organisational measures

Your data is only transferred where lawful and protected.

We retain personal data only for as long as necessary for the purpose it was collected.

Typical retention periods:

• Enquiry data: 12-24 months

• Client project data: Up to 7 years (legal/tax requirement)

• Marketing email data: Until you unsubscribe + limited archival period

• Analytics data: 26-50 months (depending on settings)

• Suppression records (opt-outs): If you ask us not to contact you, we keep limited details to ensure we do not contact you again

When data is no longer required, it is securely deleted or anonymised.

You have the following rights under UK GDPR:

• Right to access - request a copy of your personal data

• Right to rectification - correct inaccurate information

• Right to erasure (“right to be forgotten”)

• Right to restrict processing

• Right to data portability

• Right to object

• Right to withdraw consent

• Right not to be subject to automated decision-making

If you object to direct marketing, we will stop - this is an absolute right.

To exercise your rights, contact us at info@tradeforgenet.com

If you believe your data has been mishandled, you may lodge a complaint with:
Information Commissioner’s Office (ICO): https://ico.org.uk/

We take appropriate technical and organisational measures to protect personal data, including:

• Secure servers and hosting

• Encryption where appropriate

• Access controls

• Password-protected systems

• Staff confidentiality obligations

While we work hard to protect your data, no method of transmission is 100% secure.

11.1 What Are Cookies?

Cookies are small text files stored on your device to enable website functionality, enhance performance, and track usage.

11.2 Types of Cookies Used

We use the following categories:

Strictly Necessary Cookies

Essential for website operation and security.

Performance/Analytics Cookies

Used to track metrics such as page views, bounce rates, and traffic sources (e.g., Google Analytics).

Functionality Cookies

Enhance user experience by remembering preferences.

Targeting/Advertising Cookies

Used by advertising platforms (e.g., Meta Pixel, Google Ads) to deliver relevant content.

11.3 Cookie Consent

On your first visit, you will see a cookie banner allowing you to:

• Accept all cookies

• Reject all non-essential cookies

• Manage preferences

You may update your preferences anytime.

11.4 Managing Cookies

You may disable cookies through your browser, although doing so may affect functionality.

Our website may link to external websites. We are not responsible for the privacy practices or content of those websites.

We do not knowingly collect personal data from individuals under 16. If we become aware that data has been collected, it will be deleted promptly.

We may update this Privacy & Cookie Policy from time to time. Changes will be posted on this page, and the "Last Updated" date will reflect the most recent version.