Logo

Privacy Policy

Version 1.0 | Effective Date: [DATE]

1. INTRODUCTION AND SCOPE

1.1 About This Policy

This Privacy Policy explains how [Company Name] ("we," "us," or "our"), the operator of the Trusted Payments Platform, collects, uses, processes, and protects your personal information when you use our mobile application and services.

1.2 Who This Policy Applies To

This policy applies to:

  • Consumers using our App to commission construction or trade work
  • Trades providing services through our Platform (whether using our App or email communications)
  • Visitors to our website and services

1.3 Controller Information

[Company Name] is the data controller for personal information processed through the Trusted Payments Platform.

Contact Details:

  • Company: [Company Name]
  • Address: [Address]
  • Email: [Email]
  • Phone: [Phone]
  • Data Protection Officer: [DPO Email]

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

Account Registration Information:

  • Full name and contact details
  • Email address and phone number
  • Postal address
  • Date of birth (for age verification)
  • Authentication credentials

Consumer-Specific Information:

  • Project specifications and requirements
  • Property details and location
  • Payment preferences and billing information
  • Milestone payment schedules
  • Project completion confirmations

Trade-Specific Information:

  • Business registration details
  • Professional qualifications and certifications
  • Insurance policy details and coverage
  • Bank account and payment details
  • Portfolio and work examples
  • Availability and service areas

Communication Data:

  • All messages sent through our Platform
  • Email communications with our system
  • Support requests and feedback
  • Dispute-related communications

2.2 Information We Collect Automatically

Device and Technical Information:

  • Device type, model, and operating system
  • IP address and general location data
  • App usage analytics and performance data
  • Login times and session duration
  • Device identifiers and browser information

Platform Usage Data:

  • Projects created, viewed, or applied to
  • Search queries and filters used
  • Payment transaction details
  • Time spent on different features
  • Error logs and diagnostic data

2.3 Information from Third Parties

Payment Processing:

  • Transaction data from payment processors
  • Bank account verification information
  • Credit and fraud checking data

Identity Verification:

  • Data from identity verification services
  • Credit reference agency information
  • Professional qualification confirmations

Insurance and Warranty Providers:

  • Policy status and coverage details
  • Claims history and assessments
  • Risk assessment data

3. HOW WE USE YOUR INFORMATION

3.1 Primary Service Delivery

Platform Operation:

  • Creating and managing your account
  • Facilitating project matching between Consumers and Trades
  • Processing payments and managing escrow accounts
  • Operating the milestone payment system
  • Managing the Customer Protection Account (10% retention)

Communication Services:

  • Recording and storing all platform communications
  • Facilitating secure messaging between parties
  • Sending project updates and notifications
  • Providing customer support services

Project Management:

  • Tracking project progress and milestones
  • Managing handover documentation
  • Coordinating completion confirmations
  • Maintaining project records for warranty purposes

3.2 Financial Protection Services

Escrow and Payment Processing:

  • Operating secure payment systems
  • Managing Customer Protection Account funds
  • Processing milestone payments
  • Handling dispute-related fund management
  • Facilitating final payment releases

Risk Assessment:

  • Evaluating project and payment risks
  • Monitoring for fraudulent activity
  • Assessing insurance and warranty claims
  • Conducting due diligence checks

3.3 Dispute Resolution and Legal Compliance

Dispute Management:

  • Providing evidence to the Dispute Resolution Ombudsman
  • Maintaining comprehensive dispute records
  • Supporting arbitration proceedings
  • Facilitating Insurance Backed Warranty claims

Legal and Regulatory Compliance:

  • Meeting financial services regulations
  • Complying with construction industry standards
  • Maintaining records for legal proceedings
  • Supporting law enforcement requests where required

3.4 Service Improvement and Analytics

Platform Enhancement:

  • Analyzing usage patterns to improve services
  • Identifying and fixing technical issues
  • Developing new features and functionality
  • Ensuring platform security and stability

Quality Assurance:

  • Monitoring service quality and user satisfaction
  • Conducting user research and feedback analysis
  • Evaluating Trade performance and Consumer experience

4. LEGAL BASIS FOR PROCESSING

4.1 Contract Performance

We process your information to fulfill our obligations under the Terms and Conditions, including:

  • Providing the Trusted Payments service
  • Managing projects and payments
  • Facilitating dispute resolution
  • Operating warranty services

4.2 Legitimate Interests

We process information for our legitimate business interests, including:

  • Platform security and fraud prevention
  • Service improvement and development
  • Marketing to existing customers about relevant services
  • Business analytics and reporting

4.3 Legal Obligations

We process information to comply with legal requirements, including:

  • Financial services regulations
  • Anti-money laundering requirements
  • Tax obligations
  • Court orders and legal proceedings

4.4 Consent

For certain processing activities, we rely on your explicit consent, including:

  • Marketing communications about third-party services
  • Optional analytics and research participation
  • Sharing information with third parties beyond service delivery

5. INFORMATION SHARING AND DISCLOSURE

5.1 Within the Platform

Between Consumers and Trades:

  • Project specifications and requirements
  • Communication history and messages
  • Progress updates and completion confirmations
  • Contact information necessary for project delivery

With the Dispute Resolution Ombudsman:

  • Complete project documentation
  • All recorded communications
  • Payment and milestone information
  • Supporting evidence for dispute resolution

5.2 Service Providers and Partners

Payment Processing:

  • Secure payment gateway providers
  • Banking partners for escrow services
  • Financial institutions for transaction processing

Identity and Verification Services:

  • Know Your Customer (KYC) providers
  • Credit reference agencies
  • Professional qualification verification services
  • Insurance verification providers

Technology and Infrastructure:

  • Cloud hosting and storage providers
  • Analytics and monitoring services
  • Security and fraud prevention services
  • Customer support platforms

Insurance and Warranty Providers:

  • Insurance Backed Warranty providers
  • Independent surveyors and assessors
  • Claims processing services

5.3 Legal and Regulatory Disclosure

Mandatory Disclosure:

  • Law enforcement agencies (with appropriate warrants)
  • Regulatory authorities (financial services, consumer protection)
  • Courts and tribunal services
  • Tax authorities and revenue services

Business Transfers:

  • In case of merger, acquisition, or sale of assets
  • During business restructuring or insolvency proceedings
  • To potential buyers or investors (with appropriate safeguards)

6. DATA RETENTION

6.1 Active Account Period

While your account remains active, we retain all information necessary for service delivery and legal compliance.

6.2 Post-Project Retention

Following project completion, we retain information for:

6 Years Minimum:

  • Complete project records and communications
  • Payment and financial transaction history
  • Dispute resolution documentation
  • Warranty and insurance claim records

Extended Retention for Legal Purposes:

  • Information subject to ongoing legal proceedings
  • Records required for regulatory compliance
  • Warranty claims that extend beyond 6 years

6.3 Marketing and Analytics Data

Marketing preferences and analytics data are retained until you withdraw consent or request deletion, subject to our legitimate interests in maintaining business records.

6.4 Account Closure

When you close your account:

  • Personal identifiers are removed where possible
  • Transactional and project data is retained for legal compliance periods
  • You can request a full data export before closure

7. INTERNATIONAL TRANSFERS

7.1 Data Location

Your personal information is primarily processed and stored within the United Kingdom. However, some processing may occur internationally through our service providers.

7.2 Transfer Safeguards

When information is transferred internationally, we ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules where applicable
  • Other legally approved transfer mechanisms

7.3 Key International Partners

Our main international data processing includes:

  • Cloud storage and computing services
  • Payment processing networks
  • Identity verification services
  • Customer support platforms

8. SECURITY MEASURES

8.1 Technical Safeguards

  • End-to-end encryption for sensitive communications
  • Secure socket layer (SSL) encryption for all data transmission
  • Regular security assessments and penetration testing
  • Multi-factor authentication for account access
  • Automated fraud detection and prevention systems

8.2 Organisational Measures

  • Regular staff training on data protection principles
  • Access controls and need-to-know principles
  • Regular security audits and compliance assessments
  • Incident response and breach notification procedures
  • Secure disposal of equipment and data storage media

8.3 Financial Data Protection

As a platform handling financial transactions:

  • PCI DSS compliance for payment card data
  • Segregated escrow account management
  • Regular financial audits and controls
  • Secure key management systems
  • Real-time transaction monitoring

9. YOUR RIGHTS AND CHOICES

9.1 Access Rights

You have the right to:

  • Request copies of your personal information
  • Understand how your information is being processed
  • Receive information in a portable format
  • Access your complete communication history through the Platform

9.2 Correction and Update Rights

  • Update your account information through the App
  • Correct inaccurate personal information
  • Complete incomplete information records
  • Update payment and contact details

9.3 Deletion Rights

You can request deletion of your information, subject to:

  • Legal retention requirements (6-year minimum for project records)
  • Ongoing legal proceedings or disputes
  • Legitimate interests in maintaining business records
  • Contractual obligations to other parties

9.4 Restriction and Objection Rights

  • Restrict processing for specific purposes
  • Object to direct marketing (unsubscribe anytime)
  • Object to processing based on legitimate interests
  • Withdraw consent for consent-based processing

9.5 Communication Preferences

Platform Communications:

  • Essential project updates (cannot be disabled)
  • System notifications and security alerts
  • Dispute resolution communications

Marketing Communications:

  • Service updates and new features
  • Third-party partner offers
  • Industry news and insights
  • Research and feedback requests

9.6 Data Portability

Request your information in machine-readable format for:

  • Account migration purposes
  • Personal record keeping
  • Transfer to other service providers

10. COOKIES AND TRACKING

10.1 Essential Cookies

We use necessary cookies for:

  • User authentication and session management
  • Security and fraud prevention
  • Platform functionality and performance
  • Payment processing security

10.2 Analytics Cookies

With your consent, we use analytics cookies for:

  • Understanding user behavior and preferences
  • Improving platform performance and features
  • Conducting user research and testing
  • Measuring marketing campaign effectiveness

10.3 Cookie Management

  • Adjust cookie preferences through your device settings
  • Use browser controls to block or delete cookies
  • Note that blocking essential cookies may impact platform functionality
  • Review and update cookie preferences anytime

10.4 Third-Party Tracking

We may use third-party services for:

  • Web analytics and user behavior analysis
  • Marketing campaign measurement
  • Social media integration
  • Customer support functionality

11. SPECIAL CIRCUMSTANCES

11.1 Dispute Resolution Context

During dispute proceedings:

  • Enhanced monitoring of communications may occur
  • Additional documentation may be required
  • Information sharing with Ombudsman is mandatory
  • Extended retention periods may apply

11.2 Insurance Claims

When warranty claims arise:

  • Information sharing with insurance providers
  • Independent surveyor access to property details
  • Extended documentation requirements
  • Coordination with multiple service providers

11.3 Legal Proceedings

If legal action occurs:

  • Information may be disclosed to legal representatives
  • Court orders may require specific information disclosure
  • Litigation hold procedures may extend retention periods
  • Witness statements may include personal information

11.4 Business Continuity

In case of service disruption:

  • Emergency contact procedures may access personal information
  • Business continuity partners may process data temporarily
  • Alternative communication channels may be established
  • Enhanced security measures may be implemented

12. CHILDREN AND VULNERABLE USERS

12.1 Age Restrictions

Our services are intended for users aged 18 and above. We do not knowingly collect information from minors under 18.

12.2 Vulnerable User Protection

We take special care with users who may be vulnerable, including:

  • Enhanced verification procedures
  • Additional communication safeguards
  • Specialist support services
  • Collaboration with appropriate agencies where necessary