Privacy Policy

      Effective: April 2025

      Table of Contents
      • Introduction
      • Data Protection Officer
      • How we collect and use (process) your personal information
      • Use of the tradenetsolutions.com.au website
      • Cookies and tracking technologies
      • Use of the TradeNet Solutions Australia Pty. Ltd. services
      • When and how we share information with third parties
      • Transferring personal data internationally
      • Data Subject rights
      • Security of your information
      • Data storage and retention
      • Questions, concerns, or complaints
      Introduction

      TradeNet Solutions Australia Pty. Ltd. ("TradeNet") is a software-as-a-service (SaaS) provider offering secure, end-to-end solutions tailored for buying groups, franchises, their members, and suppliers.

      We understand that you care about your privacy, and we take it seriously. This Privacy Notice describes TradeNet's policies and practices regarding the collection and use of your personal data and outlines your privacy rights. We recognise that privacy is an ongoing responsibility and may update this Privacy Notice as we expand our services or policies.

      Data Protection Officer

      TradeNet is headquartered in Melbourne, Victoria, Australia. We have appointed a Data Protection Officer (DPO) who you may contact with questions or concerns about our personal data handling practices.

      Data Protection Officer - Australian Representative
      TradeNet Solutions Australia Pty. Ltd.
      Unit 4, 27-31 Duerdin Street
      Notting Hill Vic 3168, Australia
      privacy@tradenetsolutions.com.au
      +61 1300 138 406

      If you are based in the UK or the European Union, we may also appoint local representatives to assist in addressing privacy-related concerns under the GDPR or UK GDPR, as required.

      Data Protection Officer - UK Representative
      Adam Brogden
      GDPRLocal Ltd.
      1st Floor Front Suite 27-29 North Street
      Brighton England BN1 1EB
      contact@gdprlocal.com
      +44 (0)1772 217800,
      GDPR Reporting Link (UK)

      How we collect and use (process) your personal information
      What is personal information?

      Personal information is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.
      TradeNet collects personal information from website visitors, customers, and partners. This information typically includes:

      • Name
      • Job title
      • Department
      • Employer name
      • Work address
      • Work email
      • Work phone number
      • Mobile phone number
      Why do we collect, hold and use your personal information?

      We collect, hold and use your personal information so that we can:

      • verify your identity;
      • provide you with products and services, and manage our relationship with you;
      • contact you, for example, to respond to your queries or complaints, or if we need to tell you something important; and
      • comply with our legal obligations and assist government and law enforcement agencies or regulators.

      If you do not provide us with your personal information, we may not be able to provide you with our products or services, communicate with you or respond to your enquiries.

      We do not sell your personal information. We only share it with third parties involved in delivering our services.

      How do we collect your personal information?

      We collect personal information from you in a variety of ways, including:

      • when you interact with us electronically or in person;
      • when you access our website or use our products or services;
      • when we provide our products or services to you (or your employer or other organisation); and
      • we may receive personal information from your employer or third parties. If we do, we will protect it as set out in this Policy.

      We may also obtain your details from third-party sources such as LinkedIn, your organisation’s website, or industry directories.

      We may collect information about how you access, use and interact with our website, including by using a range of tools such as Google Analytics or other web analytic tools.

      Legal Basis for Processing Personal Data

      We collect and process your personal data only where we have a valid legal basis under UK GDPR. The legal bases we rely on generally include:

      • Consent: When you have given clear consent for a specific purpose (for example, subscribing to marketing updates).
      • Contractual Obligation: When processing is necessary to fulfil our contract with you (such as providing access to our services).
      • Legal Obligation: When we must comply with applicable laws and regulations.
      • Legitimate Interests: When processing is necessary for our legitimate business interests, provided these do not override your data protection rights (for example, to improve our services, communicate with you, or prevent fraud).

      If you would like further details about how a specific type of data is processed and the legal basis we rely on, please contact us using the details below.

      Use of the TradeNet's Website

      As with most websites, our servers automatically record information such as IP address, browser type, operating system, general location, and pages visited. This helps us better understand user needs and optimise our website experience.

      Cookies and tracking technologies

      We use cookies and similar technologies to enhance user experience. Our detailed Cookie Notice is available here. You may accept or decline cookies via your browser settings or the provided consent banner.

      Use of the TradeNet Services

      When you use our SaaS platforms or related services, we may collect data necessary for account management, service delivery, support, training, and communication.

      Who do we disclose your personal information to, and why?

      We store your personal information on cloud-based servers that may be located in Australia, the United States, or the United Kingdom, depending on your location and regional data preferences.

      We engage third-party processors for services such as cloud hosting, email distribution, CRM, and analytics. A list of our current sub-processors can be found here.

      We may disclose personal information for the purposes described in this Privacy Notice to:

      • our employees and related bodies corporate;
      • third party suppliers and service providers (including providers for the operation of our website and/or our business or in connection with providing our products and services to you);
      • our existing or potential agents, business partners or professional advisors.

      We may also disclose your information:

      • When required by law.
      • Where you have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances.
      • To enforce contracts or legal rights.
      • To protect the safety of our users or third parties.
      • Where we are otherwise permitted to disclose the information under applicable privacy laws including the Australia’s Privacy Act 1988.

      We do not allow our partners or service providers to use your data for their own purposes.

      If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer, to the extent permissible at law, our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. Such processing would be based on our legitimate interests in ensuring the continuity of our business operations, and we would only disclose information in good faith, where required by any of the above circumstances, and in compliance with applicable data protection laws.

      Transferring personal data internationally

      Where you use our SaaS platforms or related services, depending on your region, we store your personal data as follows:

      • Australia-based users: Data is stored in Australian data centres unless otherwise agreed.
      • UK or EU users: Data is stored in the UK or EEA, with occasional transfers to Australia or the US using Standard Contractual Clauses.
      • US-based users: Data is stored in US data centres unless otherwise agreed.

      All international transfers are performed in compliance with applicable laws, including the GDPR, UK GDPR, and Australia’s Privacy Act. Where required, we implement Standard Contractual Clauses or similar safeguards.

      Do we use your personal information for marketing?

      We may use your personal information to send you marketing communications about our products and services that we believe may interest you. Where required by law, we will obtain your consent before sending you direct marketing emails.

      In some cases, we may rely on the “soft opt-in” exception under UK GDPR and PECR — for example, where we have obtained your details in the course of providing products or services to you, and we are marketing our own similar products or services.

      You have the right to opt out of receiving marketing communications from us at any time. You can do this by clicking the “unsubscribe” link in any marketing email you receive from us. Once we receive your request, we will process your unsubscribe promptly, and in any event within 10 business days. Alternatively, you can contact us directly using the details provided at the end of this Privacy Policy.

      Data Subject rights

      Under privacy laws such as the GDPR, UK GDPR, and Australia’s Privacy Act 1988, you may have rights including:

      • Access to your data
      • Correction of inaccurate data
      • Deletion of data (the "right to be forgotten")
      • Restriction of processing
      • Objection to processing
      • Data portability
      • The right not to be subject to automated decision-making

      To exercise your rights under data protection law, please contact us at privacy@tradenetsolutions.com.au. We will respond to your request within one month (30 days) as required under UK GDPR.

      There is no fee to exercise your rights. However, if your request is clearly unfounded, excessive or repetitive, we may charge a reasonable fee or refuse to comply with your request in such cases. If necessary, we may also extend the response period by up to an additional two months, depending on the complexity and number of requests — if so, we will inform you of the extension and the reasons for it.

      If you are not satisfied with our response, you have the right to lodge a complaint with the relevant Supervisory Authority:

      Data storage and retention

      Your personal data is stored securely in our systems and in the cloud-based environments we manage or contract. Depending on your location and service agreement, data may be stored in Australia, the United States, or the United Kingdom.

      We implement and maintain processes and security measures designed to protect personal information we hold from misuse, interference, or loss, and from unauthorised access, modification or disclosure. These processes and systems include:

      • the use of identity and access management technologies to control access to systems on which personal information is processed and stored; and
      • requiring all employees to comply with internal personal information security policies and keep personal information secure.

      We retain:

      • Customer data for the length of your agreement and for a reasonable time after for operational or legal purposes
      • Prospect data until no longer of business value

      We will also take reasonable steps to destroy or de-identify personal information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under the relevant privacy laws including the Australia’s Privacy Act 1988.

      Children’s data

      Our services are not intended for children, and we do not knowingly collect personal data from anyone under 16 years of age.

      We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this Policy by instructing their children never to provide personal information through our websites or services without their permission.

      If you have reason to believe that a child under the age of 16 has provided personal information to us through our websites or services, please contact us at privacy@tradenetsolutions.com.au and we will use commercially reasonable efforts to delete that information promptly.

      Questions, concerns, or complaints

      To exercise your rights or ask questions about this Privacy Notice, please contact us:

      TradeNet Solutions Australia Pty. Ltd.
      Attn: Privacy Officer
      Unit 4, 27-31 Duerdin Street
      Notting Hill Vic 3168, Australia
      Email: privacy@tradenetsolutions.com.au
      Phone: +61 1300 138 406
      Webform: https://www.tradenetsolutions.com.au/privacy-request