Your privacy is very important to TradeCentric. This privacy statement provides information about the personal information that TradeCentric collects, and the ways in which TradeCentric uses that personal information.
TradeCentric complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.
Individuals have access to personal information about him/her that TradeCentric holds and is able to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
TradeCentric offers individuals the opportunity to choose (opt out) whether their personal information is to be disclosed to a third party or to be used for a purpose that is materially different from the purpose for which it was originally collected. Individuals can opt out of receiving marketing materials by clicking the link “Unsubscribe” in any TradeCentric email.
TradeCentric takes responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. TradeCentric shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless TradeCentric proves that it is not responsible for the event giving rise to the damage.
TradeCentric is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and the possibility, under certain conditions, for the individual to invoke binding arbitration
TradeCentric is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, and is liable in cases of onward transfers to third parties.
What information do we collect?
TradeCentric may collect and use the following kinds of personal information:
- information about your use of this website (including form data)
- information that you provide using for the purpose of registering with the website (including purchase credentials)
- information about transactions carried out over this website
- information that you provide for the purpose of subscribing to the website services; and
- any other information that you send to TradeCentric
How do we use your information?
TradeCentric may use your personal information to:
- administer this website
- personalize the website for you
- enable your access to and use of the website services
- publish information about you on the website
- send you products that you purchase
- supply services that you purchase
- send statements and invoices
- collect payments from you
- send you marketing communications
Where TradeCentric discloses your personal information to its agents or sub-contractors for these purposes, the agent or sub-contractor in question will be obligated to use that personal information in accordance with the terms of this privacy statement.
In addition to the disclosures reasonably necessary for the purposes identified elsewhere above, TradeCentric may disclose your personal information to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise or defend its legal rights.
Securing your data
TradeCentric will take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of your personal information.
TradeCentric will store all the personal information you provide on its secure servers.
Information relating to electronic transactions entered into via this website will be protected by encryption technology.
Cross-border data transfers
In addition, personal information that you submit for publication on the website will be published on the internet and may be available around the world.
You agree to such cross-border transfers of personal information.
Updating this statement
This website contains links to other websites. TradeCentric is not responsible for the privacy policies or practices of any third party.
Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through TradeCentric, LLC’s internal processes, TradeCentric, LLC has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here: https://www.verasafe.com/privacy- services/dispute-resolution/submit- dispute/.
The B2B eProcurement Integrations Platform that you can Trust.
As a data integrations company, we understand the importance of keeping your company’s data secure. TradeCentric’s information security program is based on industry standards and adheres to a strict set of policies designed to protect your data and keep our infrastructure and environment secure. Rest assured as a TradeCentric customer, you are protected by our highest level of security measures and accredited procedures.
TradeCentric is certified by DQS Inc. for ISO/IEC 27001 compliance. The ISO/IEC 27001 is one of the most widely acknowledged information security standards worldwide, outlining best practices to the confidentiality, integration and availability of information in a company. ISO/IEC 27001 outlines and provides requirements for an information security management system (ISMS), specifies a set of best industry practices, and details the security controls that help manage information risks. As an ISO 27001 certified company, TradeCentric provides an information security management framework for assessing information risk management processes, including our ability to establish, implement, operate and monitor secure information in the context of B2B integration services. It covers both corporate processes and the technology infrastructure we use to provide cloud and managed integration solutions.
What does GDPR mean for you?
Enforceable May 25, 2018, the General Data Protection Regulation (GDPR) is a new requirement for the European Union (EU) which was designed to update the existing Data Protection Directive. This new legal framework goes into effect for any organization which collects and processes personal data of citizens of the EU, regardless of where they are currently based.
TradeCentric is committed to protecting its partner’s data and the individuals they represent, and this improvement will continue to strengthen and standardize user data privacy across the EU nations. Our services and policies are designed meet and exceed the guidelines, standards, and regulations around data protection and use.
While the GDPR applies to all EU Member States, TradeCentric is dedicated to providing the best protection and service across its global footprint, and this document describes how TradeCentric approaches GDPR and complies to our customers.
GDPR at TradeCentric
As a data gateway platform, TradeCentric behaves as a “processor” under GDPR. This means that we process data on behalf of a “controller”, who is responsible for decisions about the use of that data. Within GDPR, both organizations have responsibilities and obligations. This relates both to the contracted relationship between controller and processor, as well as that between the controller and their end user/partner.
As the processor, we have a direct obligation to you, our customer, to process and use the data only for the purposes that we have been contracted for. Along that same lines, TradeCentric expects its customers to handle the data accessible through our system with the same compliance, based on their relationship with their users and partners.
Part of our service to you in relation to GDPR is to support your compliance to your customers. This comes in the form of our processes and ability to help comply with GDPR’s “Rights of the Data Subject” as it relates to the data we collect. Simply submit a GDPR request to [email protected]
Below are five key GDPR principles and how we exercise them in our commitment to you.
1. Lawful Basis for Processing
This foundational principle in GDPR ensures your data is processed lawfully, fairly, and transparently. TradeCentric executes data based on our contracted relationship with you, our customer. Within the lawful basis of processing we only use the data as it is necessary to perform the service we are contracted to do. We only engage with data that we have received from either side of the transaction. Our customer, the “controller”, in execution of the contract, can make requests on that data, such as retention rates, that are applicable to your needs.
2. Individual Rights
GDPR introduces concepts related to an individual’s rights to his/her “personal information”. This comes in the form of ideas like: “Right to be informed”, “Right to rectification”, and “Right to erasure”. As part of these rights, a controller needs to be able to respond to a request where the individual exercises their rights.
A controller can relay a GDPR request to TradeCentric by phone or through one of our GDPR request channels (listed above). TradeCentric will review the request and support the controller in the response, as it relates to the data on our systems. Individuals that we interact with directly also have the right make such requests on their own behalf through the channels provided above.
3. Accountability and Transparency
An additional cornerstone to GDPR principles is accountability and transparency.
TradeCentric adheres to common industry standards such as PCI and ISO for security and controls to safeguard customer data. We follow a comprehensive set of policies and procedures that govern the use and handling of data. By implementing “data protection by design and default”, our core handling of data is with fair, lawful and purposeful action. We are aligning with the Privacy Shield framework and have implemented an independent third-party dispute resolution service. We also provide dedicated channels for any data privacy inquiries and requests. Additional and more specific information is available in our Data Protection Agreement (DPA).
4. Cross-Border Data Flows
As part of GDPR’s Data Transparency, this covers general principles for international data transfers and applicable disclosures.
TradeCentric’s services are currently based in the United States. As data is processed, it is submitted from the data’s origin country to the U.S., and then is transmitted to the data’s destination country (which may or may not be the same as the origin).
Just as our customers rely on us for their B2B integrations and transactions, we too rely on others to help us run our business and perform our services. TradeCentric maintains up-to-date service agreements with these organizations.
Use, Service Provided
|Google, Google Apps||Corporate Email, Office and Storage||US|
|Salesforce, Pardot||CRM & Marketing||US|
|Google Analytics||Website Analytics||US|
|MailChimp||Marketing Emails, Service Notifications||US|
|AWS||Application Datacenter||US, EU|
|Transactional Emails||US, EU|
|AWS||Transactional Emails||US, EU|
|Seeburger||VAN Transactions||US, EU|
If you have any questions, please contact us at [email protected]