Integration helps 1-800-Flowers better support B2B customers - Learn more in our webinar

Privacy Policy

Effective Date: 27 September, 2024

Your privacy is very important to TradeCentric. This privacy statement provides information about the personal information that TradeCentric collects, and the ways in which TradeCentric uses that personal information.

TradeCentric is committed to protecting and respecting your privacy and data. Our Privacy Policy has been drafted to comply with applicable data privacy laws, in particular, the EU General Data Protection Regulation (“GDPR”). If the GDPR does not apply to you, not all terms of this Privacy Policy may be relevant to you.

TradeCentric complies with the EU-U.S. Data Privacy Framework (DPF) and Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce’s International Trade Administration (ITA) regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.

TradeCentric has certified to the Department of Commerce International Trade Administration that it adheres to the Data Privacy Framework Principles. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework, please click here.

Individuals have access to personal information about him/her/them that TradeCentric holds and is able to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.

TradeCentric offers individuals the opportunity to choose (opt out) whether their personal information is to be disclosed to a third party or to be used for a purpose that is materially different from the purpose for which it was originally collected. Individuals can opt out of receiving marketing materials by clicking the link “Unsubscribe” in any TradeCentric email.

TradeCentric takes responsibility for the processing of personal information it receives under the Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. TradeCentric shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless TradeCentric proves that it is not responsible for the event giving rise to the damage.

TradeCentric is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and the possibility, under certain conditions, for the individual to invoke binding arbitration.

TradeCentric is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, and is liable in cases of onward transfers to third parties.

What information do we collect?

TradeCentric may collect and use the following kinds of personal information:

  • information about your use of this website (including form data)
  • information that you provide using for the purpose of registering with the website (including purchase credentials)
  • information about transactions carried out over this website
  • information that you provide for the purpose of subscribing to the website services; and
  • any other information that you send to TradeCentric

How do we use personal information?

TradeCentric may use personal information to:

  • administer the TradeCentric website
  • personalize the website for users
  • enable access to and use of the website services
  • publish information about users on the website
  • send users products that they purchase
  • supply services that users purchase
  • send statements and invoices
  • collect payments from users
  • send marketing communications

Where TradeCentric discloses personal information to its agents or sub-contractors for these purposes, the agent or sub-contractor in question will be obligated to use that personal information in accordance with the terms of the privacy statement.

In addition to the disclosures reasonably necessary for the purposes identified elsewhere above, TradeCentric may disclose personal information to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise or defend its legal rights.

Securing your data

TradeCentric will take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of your personal information.

Information TradeCentric stores will be held on secured servers. Any third parties that would store your personal information will be reviewed by TradeCentric to ensure they also hold reasonable technical and organizational precautions.

Information relating to electronic transactions entered via this website will be protected by encryption technology.

Cross-border data transfers

Information that TradeCentric collects may be stored, processed in and transferred between any of the countries in which TradeCentric operates to enable the use of the information in accordance with this privacy policy.

In addition, personal information that you submit for publication on the website will be published on the internet and may be available around the world.

You agree to such cross-border transfers of personal information.

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Netscape Navigator or Internet Explorer) settings. Each browser is a little different, so look at your browser Help menu to learn the correct way to modify your cookies.

Updating this statement

TradeCentric may update this privacy policy by posting a new version on this website. You should check this page occasionally to ensure you are familiar with any changes.

Other websites

This website contains links to other websites. TradeCentric is not responsible for the privacy policies or practices of any third party.

Dispute Resolution

Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through TradeCentric, LLC’s internal processes, TradeCentric, LLC has agreed to participate in the VeraSafe DPF Dispute Resolution Program. Subject to the terms of the VeraSafe DPF Dispute Resolution Program, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the DPF Dispute Resolution Program, please submit the required information to VeraSafe here: https://www.verasafe.com/public-resources/dispute-resolution/submit-dispute/.

Security

The B2B eProcurement Integrations Platform that you can Trust.

As a data integrations company, we understand the importance of keeping your company’s data secure. TradeCentric’s information security program is based on industry standards and adheres to a strict set of policies designed to protect your data and keep our infrastructure and environment secure. Rest assured as a TradeCentric customer, you are protected by our highest level of security measures and accredited procedures.

TradeCentric is certified by DQS Inc. for ISO/IEC 27001 compliance. The ISO/IEC 27001 is one of the most widely acknowledged information security standards worldwide, outlining best practices to the confidentiality, integration and availability of information in a company. ISO/IEC 27001 outlines and provides requirements for an information security management system (ISMS), specifies a set of best industry practices, and details the security controls that help manage information risks. As an ISO 27001 certified company, TradeCentric provides an information security management framework for assessing information risk management processes, including our ability to establish, implement, operate and monitor secure information in the context of B2B integration services. It covers both corporate processes and the technology infrastructure we use to provide cloud and managed integration solutions.

GDPR

With your privacy policy and data protection at the forefront of all our decisions, we have made these updates to comply with the General Data Protection Regulation and to continue to meet and exceed privacy guidelines, standards, and regulations regarding data privacy laws.

What does GDPR mean for you?

Enforceable May 25, 2018, the General Data Protection Regulation (GDPR) is a requirement for the European Union (EU) which was designed to update the existing Data Protection Directive. This new legal framework goes into effect for any organization which collects and processes personal data of citizens of the EU, regardless of where they are currently based.

TradeCentric is committed to protecting its partner’s data and the individuals they represent, and this improvement will continue to strengthen and standardize user data privacy across the EU nations. Our services and policies are designed to meet and exceed the guidelines, standards, and regulations around data protection and use.

While the GDPR applies to all EU Member States, TradeCentric is dedicated to providing the best protection and service across its global footprint, and this document describes how TradeCentric approaches GDPR and complies to our customers.

GDPR at TradeCentric

As a data gateway platform, TradeCentric behaves as a “processor” under GDPR. This means that we process data on behalf of a “controller”, who is responsible for decisions about the use of that data. Within GDPR, both organizations have responsibilities and obligations. This relates both to the contracted relationship between controller and processor, as well as that between the controller and their end user/partner.

As the processor, we have a direct obligation to you, our customer, to process and use the data only for the purposes that we have been contracted for. Along those same lines, TradeCentric expects its customers to handle the data accessible through our system with the same compliance, based on their relationship with their users and partners.

Part of our service to you in relation to GDPR is to support your compliance to your customers. This comes in the form of our processes and ability to help comply with GDPR’s “Rights of the Data Subject” as it relates to the data we collect. Simply submit a GDPR request to [email protected].

Below are five key GDPR principles and how we exercise them in our commitment to you.

1. Lawful Basis for Processing

This foundational principle in GDPR ensures your data is processed lawfully, fairly, and transparently. TradeCentric executes data based on our contracted relationship with you, our customer. Within the lawful basis of processing we only use the data as it is necessary to perform the service we are contracted to do. We only engage with data that we have received from either side of the transaction. Our customer, the “controller”, in execution of the contract, can make requests on that data, such as retention rates, that are applicable to your needs.

2. Individual Rights

GDPR introduces concepts related to an individual’s rights to his/her “personal information”. This comes in the form of ideas like: “Right to be informed”, “Right to rectification”, and “Right to erasure”. As part of these rights, a controller needs to be able to respond to a request where the individual exercises their rights.

A controller can relay a GDPR request to TradeCentric by phone or through one of our GDPR request channels (listed above). TradeCentric will review the request and support the controller in the response, as it relates to the data on our systems. Individuals that we interact with directly also have the right make such requests on their own behalf through the channels provided above.

3. Accountability and Transparency

An additional cornerstone to GDPR principles is accountability and transparency.

TradeCentric adheres to common industry standards such as PCI and ISO for security and controls to safeguard customer data. We follow a comprehensive set of policies and procedures that govern the use and handling of data. By implementing “data protection by design and default”, our core handling of data is with fair, lawful and purposeful action. We are aligning with the Data Privacy Framework and have implemented an independent third-party dispute resolution service. We also provide dedicated channels for any data privacy inquiries and requests. Additional and more specific information is available in our Data Protection Agreement (DPA).

4. Cross-Border Data Flows

As part of GDPR’s Data Transparency, this covers general principles for international data transfers and applicable disclosures.

TradeCentric’s services are currently based in the United States. As data is processed, it is submitted from the data’s origin country to the U.S., and then is transmitted to the data’s destination country (which may or may not be the same as the origin).

5. Sub-Processors

Just as our customers rely on us for their B2B integrations and transactions, we too rely on others to help us run our business and perform our services. TradeCentric maintains up-to-date service agreements with these organizations.

OrganizationUse, Service ProvidedGeography
GoogleEmail, file storage/transfer, analyticsUnited States
AmazonHostingUnited States
SalesforceCRM, support ticketingUnited States
Bill.comBillingUnited States
SaaSOpticsBillingUnited States
TickstarAuthorized PEPPOL service providerSweden
ElasticApplication loggingEuropean Union
Planhat ABCSMSwitzerland
JotformNew trading partner intakeUnited States
SalesloftCSMUnited States
MongoDBDocument storageUnited States

Questions

If you have any questions, please contact us at [email protected]