1. Scope
This Policy applies to information we process about visitors to our marketing sites, account holders, administrators, technicians, and end customers who interact with TradeKit-powered experiences (such as booking pages or payment links). If you are an employee applicant, additional notices may apply during recruiting. If you integrate TradeKit with other systems, those systems may process data under their own policies.
2. Information We Collect
2.1 Personal identifiers and contact data
We collect names, email addresses, phone numbers, mailing addresses, business names, trade categories, and similar identifiers when you register, complete onboarding, contact support, or transact with us. We may collect government-issued identification or tax identifiers when required for payments, fraud prevention, or legal compliance (for example, Know Your Customer checks through our payment processor).
2.2 Business and operational data
To operate scheduling, quoting, invoicing, CRM, and marketing features, we process job details, service areas, pricing catalogs, estimates, invoices, photos, notes, calendar availability, communications logs, and customer records you choose to store in the Services.
2.3 Payment and financial data
When you or your customers pay through TradeKit, our payment processor (Stripe) collects card or bank details, billing addresses, and transaction metadata. We generally receive tokens, last-four digits, brand, expiration, ACH masks, settlement status, and dispute information—not full primary account numbers stored on our servers.
2.4 Usage, device, and log data
We automatically collect IP address, device type, operating system, browser type, approximate location derived from IP, timestamps, pages viewed, feature usage, crash diagnostics, and security telemetry. We use this data to secure accounts, debug, understand product usage, and improve performance.
2.5 Communications content
If you use SMS, email, voice, or in-app messaging features, we process message content, delivery status, and related metadata to route, display, and archive communications as configured in your account.
2.6 AI-assisted features
Where you enable features that use artificial intelligence, limited prompts or content you submit may be transmitted to model providers (such as OpenAI) to generate suggestions. We configure such processing to improve your workflow and do not sell prompts as a data product.
2.7 Cookies and similar technologies
See our Cookie Policy for categories of cookies, analytics tools such as Google Analytics where enabled, and your choices.
3. How We Use Information
We use collected information to:
- Provide, maintain, and improve the Services, including personalization and feature development;
- Authenticate users, prevent fraud, enforce our Terms of Service, and protect security;
- Process payments, payouts, refunds, and chargebacks through Stripe;
- Send transactional messages (verification, receipts, appointment reminders) and, where permitted, product updates or tips you can opt out of;
- Comply with legal obligations, respond to lawful requests, and defend our rights;
- Generate de-identified or aggregated analytics that do not identify individuals;
- Train or evaluate internal models only as permitted by law and contract, with safeguards for sensitive content.
4. Legal Bases (where applicable)
For users in the European Economic Area, United Kingdom, or Switzerland, we rely on performance of a contract, legitimate interests (such as securing the Services and understanding usage), consent where required (for example, certain cookies or marketing), and legal obligation as the basis for processing.
5. Sharing and Third Parties
We disclose information to the categories of recipients below solely as needed to operate the Services:
- Stripe, Inc.— payment processing, identity verification, fraud tools, and regulatory reporting. Subject to Stripe's privacy policy and your connected account agreements.
- Resend (or comparable transactional email providers) — delivery of system emails, notifications, and some marketing messages you configure.
- Twilio (or comparable carriers) — SMS, voice, and related telecommunications where you enable those channels.
- OpenAI (or comparable model vendors) — AI-assisted drafting, classification, or support features when activated.
- Amazon Web Services (AWS) and similar infrastructure providers — hosting, storage, backups, logging, and content delivery.
- Google Analytics (if implemented on marketing properties) — aggregated traffic analytics; you may control cookies as described in our Cookie Policy.
- Professional advisors — attorneys, accountants, or insurers under confidentiality obligations.
- Authorities — when required by subpoena, court order, or applicable law, or to protect vital interests.
- Business transfers — in a merger, acquisition, financing, or sale of assets, information may transfer subject to this Policy or equivalent protections.
We do not sell personal information as the term "sell" is defined under the California Consumer Privacy Act (CCPA) as amended by the CPRA. We do not share personal information for cross-context behavioral advertising for monetary consideration.
6. Data Security
We implement administrative, technical, and organizational measures designed to protect information, including encryption in transit, access controls, least privilege, logging, vulnerability management, and employee training. No method of transmission or storage is completely secure; you are responsible for protecting your credentials and devices. Report suspected incidents to hello@gettradekit.com.
7. Data Retention
We retain information for as long as your account is active, as needed to provide the Services, and as required by law, tax, accounting, or dispute resolution. Backup copies may persist for a limited period. Upon deletion requests we will remove or anonymize personal data unless retention is necessary to complete transactions, comply with law, or establish legal claims. Payment records may be retained longer pursuant to financial regulations and processor requirements.
8. Your Rights and Choices
8.1 Access, correction, deletion
You may access and update many profile fields inside the Services. You may request deletion of personal information subject to legal exceptions. Contact hello@gettradekit.com with your account email and a description of the request.
8.2 Portability
Where applicable, we will provide a machine-readable export of personal data you provided to us, consistent with product capabilities and security review.
8.3 Marketing opt-out
Marketing emails include unsubscribe links. SMS programs include STOP instructions where required. Transactional messages necessary to operate your account may continue.
8.4 Do Not Track
There is no consistent industry standard for DNT signals; we currently do not respond to browser DNT flags but honor applicable opt-out rights where mandated.
9. Children's Privacy
The Services are not directed to children under sixteen (16), and we do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us and we will delete it promptly.
10. California / CCPA Rights
California residents may request to know categories and specific pieces of personal information collected, sources, business purposes, and third-party disclosures; request deletion; and not be discriminated against for exercising rights. Authorized agents may submit requests with proper verification. We will verify requests using account credentials or alternate proof. You may appeal denials by replying to our decision email. Financial incentives, if any, will be described with material terms.
11. Other U.S. State Privacy Laws
Residents of Colorado, Connecticut, Virginia, Utah, and other states with comprehensive privacy statutes may have rights similar to California's, including access, correction, deletion, portability, and opt-out of certain processing. Nevada residents may opt out of the sale of covered information as defined under Nevada law (we do not sell personal information as described above). To exercise rights, email hello@gettradekit.comfrom the address associated with your account and identify your state of residence. We will verify and respond within the timeframe required by applicable law, typically forty-five (45) days, with a possible extension where permitted. If we deny a request, you may appeal by replying to our response with "Appeal" in the subject line.
TradeKit does not knowingly process sensitive categories (such as precise geolocation for behavioral profiling beyond product functionality, or biometric data for identification) except where you voluntarily submit content in free-text fields or photos for job documentation—and then only to provide the Services you requested.
12. International Transfers
If you access the Services from outside the United States, your information may be processed in the United States or other countries where we or subprocessors operate. Where required, we implement appropriate safeguards such as Standard Contractual Clauses.
13. Automated Decision-Making
We do not use solely automated decision-making that produces legal or similarly significant effects regarding consumers without human review, except fraud scoring through payment processors as governed by their policies.
14. Changes to This Policy
We may update this Privacy Policy to reflect operational, legal, or regulatory changes. We will post the revised version with an updated effective date and, where changes are material, provide additional notice (for example, email or in-app banner). Continued use after the effective date constitutes acceptance unless applicable law requires explicit consent.
15. Contact Us
Privacy inquiries and requests:
Email: hello@gettradekit.com
Mailing address: TradeKit (Sizzle Venture Studio), St. Louis, Missouri, United States
If you are a European data subject and we appoint a representative or Data Protection Officer, updated contact details will appear here.