Tradedesk.ioPreview
Get started

Privacy & Cookies

This page explains how Tradedesk.io processes personal data and how we use cookies and similar technologies. For cookie consent controls, see Cookie preferences.

Privacy summary

  • We provide a B2B company intelligence platform that structures information from publicly available sources.
  • Where names/roles appear (e.g., directors/PSCs), they are typically sourced from public registers; the original publisher is the source of record.
  • Strictly necessary cookies are always enabled; analytics cookies are used only with consent.

Privacy Policy (Tradedesk.io)

**Last updated:** 23 February 2026

1) Who we are

Tradedesk.io (“Tradedesk”, “we”, “us”, “our”) provides a B2B platform and APIs that aggregate and structure company information and related public-domain records into searchable profiles, analytics, and data products.

**Data controller (website + platform):**

  • [DATAVERA LTD / LEGAL ENTITY NAME]
  • Registered office: [ADDRESS]
  • Company number: [NUMBER]
  • Privacy email: [privacy@tradedesk.io]
  • General contact: [contact email]

If we appoint a Data Protection Officer (DPO), their contact details will appear here: [DPO contact].

If you are in the EEA (EU/EEA users): if required, we will identify our EU representative here: [EU representative name/address/email].

2) Scope of this policy

This policy explains how we process personal data when you:

  • visit tradedesk.io (the “Website”);
  • create an account or use our platform, dashboards, and APIs (the “Services”);
  • receive our communications (e.g., product updates, marketing where permitted); and/or
  • appear in our datasets through publicly available sources (e.g., directors/PSCs in corporate registries).

This policy does not cover third-party websites we link to.

3) Key definitions

“Personal data” means information relating to an identified or identifiable person (e.g., a name linked to a role, appointment, or identifier).

“UK GDPR” refers to the UK’s version of GDPR alongside the Data Protection Act 2018.

“EU GDPR” refers to Regulation (EU) 2016/679.

4) What personal data we collect and process

A) Account, billing and organisation data (platform users)

If you register or use the Services, we may process:

  • Identity & contact: name, work email, job title, organisation, phone (optional)
  • Authentication: hashed credentials, SSO identifiers (if enabled), MFA status
  • Subscription & billing: plan tier, billing contact, invoices, payment status (payment card data is typically handled by our payment processor, not stored by us)
  • Team/workspace: invites, membership, roles, permissions
  • Support/comms: support tickets, emails, chat logs relating to support requests

B) Usage, device and log data (website + APIs)

We may process:

  • IP address, timestamps, pages visited, referrer, device/browser information
  • API usage logs (endpoint called, request metadata, response status, rate-limit events)
  • Security logs (login events, suspicious activity indicators)

C) Public-source personal data in our company intelligence datasets

Some datasets include names and business-related details about people where those details are made publicly available by authoritative sources (for example, company officers/directors, Persons with Significant Control, or signatories on public filings).

Depending on jurisdiction and availability, this may include:

  • Name (and sometimes former names as published)
  • Role/appointment (e.g., director, secretary, PSC), appointment dates and status
  • Service address or correspondence address as published by the source
  • Nationality, month/year of birth, partial DOB, occupation only where published
  • Links between a person and corporate entities (e.g., officer appointments across companies)

**Important:** where names/roles are sourced from public registers, the originating publisher remains the primary source of record. If you believe a public register entry is wrong or should not be public, you typically need to raise that with the original data owner/publisher first (see Section 11).

D) Datasets we commonly ingest (illustrative)

Our Services may incorporate data extracted/derived from public registers and open publications such as:

  • UK corporate registry filings and appointments (e.g., Companies House)
  • Official gazettes/notices (e.g., insolvency and corporate notices)
  • IP registers and publications (e.g., patents/trademarks where publicly available)
  • Regulatory and enforcement publications (e.g., certain regulator registers)
  • Environmental permits / planning / local authority publications (where open)
  • Trade/shipping/customs-related publications where lawfully available
  • Other public-domain sources that are lawfully accessible and intended for public disclosure

5) Derived data, analytics and profiles (what we infer)

To make the Services useful, we may create structured/derived outputs such as:

  • entity resolution and linking (connecting names/addresses/identifiers across sources)
  • company graphs and relationship networks (people ↔ companies, company ↔ assets/events)
  • risk/ESG/regulatory indicators, flags, or scores based on published events/records
  • data quality/confidence scores and provenance trails

We design these to support business intelligence and due diligence. We do not intend these outputs to be used to make decisions that produce legal or similarly significant effects about individuals without appropriate safeguards. If we do offer automated decisioning features in the future, we will update this policy.

6) Lawful bases for processing (UK GDPR / EU GDPR)

We rely on one or more lawful bases, depending on context:

  • Contract (to provide the Services)
  • Legitimate interests (B2B platform + public data structuring)
  • Legal obligation
  • Consent (where required, e.g., certain cookies and marketing where applicable)

7) How we use personal data

We use personal data to:

  • provide and secure the Services (authentication, access control, admin)
  • maintain datasets, provenance, audit trails and quality controls
  • respond to support enquiries and operational communications
  • process subscriptions, billing, and account administration
  • monitor and prevent fraud, abuse, and security incidents
  • perform analytics to improve product performance and user experience
  • where permitted, send product updates and marketing (opt-out available)

8) Sharing and disclosures (who we share with)

We may share personal data with:

  • service providers (processors) who help us run the Services (hosting, monitoring, email, billing, etc.)
  • customers/subscribers (your organisation’s authorised users may access admin/account information)
  • legal and safety recipients where required by law or to protect rights/safety and service integrity
  • parties to a business transfer (merger/acquisition/asset sale), subject to safeguards

We do not sell personal data as “people lists”.

9) International transfers (UK and EEA)

If personal data is transferred outside the UK or EEA, we use appropriate safeguards such as:

  • UK IDTA or UK Addendum to EU SCCs (as applicable)
  • EU Standard Contractual Clauses (2021/914) where applicable
  • other lawful transfer mechanisms recognised by UK GDPR / EU GDPR

10) Security

We implement technical and organisational measures designed to protect personal data, such as encryption in transit, access controls, MFA for administrative access, logging/monitoring, and incident response processes.

11) Public-source personal data: accuracy, disputes, and the original publisher

Where we display names/roles/appointments, these are typically reproduced or derived from publicly available sources (for example, official registries and public notices). The original publisher is the primary source of record.

If you believe information in a public register is inaccurate, incomplete, unlawfully published, or should be suppressed, you should usually contact the original data owner/publisher to correct it at source. Once corrected at source, our systems will update on the next refresh cycle (and we may also update earlier where feasible).

We may be able to correct obvious transcription/structuring errors we introduced, annotate a record with a dispute note, or suppress/restrict display in limited circumstances where justified.

12) Data retention

We keep personal data only as long as necessary for the purposes described, including account lifecycle, legal compliance, security, and maintaining historical accuracy of public-source records where appropriate.

13) Your rights (UK GDPR / EU GDPR)

You may have rights including access, rectification, erasure, restriction, portability, objection, and withdrawal of consent (where applicable).

To exercise rights, email [privacy@tradedesk.io] with enough information to identify the data and your request. We may ask for verification to prevent fraud.

14) Cookies and similar technologies

See our Cookie Policy below for details on categories and how to manage consent.

15) Marketing communications

Where permitted by law, we may send business-related updates about Tradedesk. You can opt out at any time using the unsubscribe link or by contacting [privacy@tradedesk.io].

16) Children

Our Services are intended for business use and not directed to children.

17) Complaints

If you have concerns, contact us first at [privacy@tradedesk.io]. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) and, if applicable, your local EEA supervisory authority.

18) Changes to this policy

We may update this policy from time to time. We will post the updated version on tradedesk.io and update the “Last updated” date.