Tradmin← Back to home

Legal

Privacy Policy

Effective date: 20 June 2025

1. Who We Are

Tradmin Limited ("Tradmin", "we", "us", or "our") operates the Tradmin platform, including the website at tradmin.app and associated mobile applications (collectively, the "Service"). We are a New Zealand company and this Privacy Policy is governed by the New Zealand Privacy Act 2020. To the extent we handle personal information of individuals in Australia, we also comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

If you have questions about this policy, contact us at [email protected].

2. Information We Collect

2.1 Information you provide directly

  • Account information: name, email address, phone number, business name, trade type, and password when you register.
  • Business information: ABN/NZBN, business address, logo, and payment details (processed via our payment partners — we do not store raw card numbers).
  • Job and customer data: quotes, invoices, job notes, customer names, addresses, and contact details you enter into the Service.
  • Voice recordings: if you use our voice-to-quote feature, audio recordings are processed to generate text. Recordings are not retained beyond the duration of processing.
  • Photos and attachments: images you upload for jobs, quotes, or receipts.
  • Communications: messages you send us via the contact form or email.

2.2 Information collected automatically

  • Usage data: pages visited, features used, time spent, click paths, and errors encountered.
  • Device and technical data: IP address, browser type, operating system, device identifiers, and approximate location (country/region).
  • Cookies and similar technologies: session tokens, preference cookies, and analytics identifiers. See Section 7.

2.3 Information from third parties

  • Payment processors (e.g. Stripe) may share transaction confirmations and fraud signals with us.
  • If you connect third-party integrations (e.g. Xero, MYOB), we receive only the data you authorise those services to share.

3. How We Use Your Information

We use the information we collect to:

  • Create and maintain your account and provide the Service.
  • Generate quotes, invoices, job schedules, and reports on your behalf.
  • Process payments and send payment reminders.
  • Provide AI-assisted features (voice transcription, auto-fill, smart suggestions).
  • Send transactional emails (account confirmations, invoice receipts, payment notifications).
  • Send product updates and marketing communications where you have consented or where permitted by law. You can opt out at any time.
  • Monitor and improve the performance, security, and reliability of the Service.
  • Comply with legal obligations and enforce our Terms of Service.
  • Detect and prevent fraud, abuse, and security incidents.

We rely on the following legal bases: contract performance (to provide the Service you signed up for), legitimate interests (security, improvement, fraud prevention), consent (marketing), and legal obligation.

4. How We Share Your Information

We do not sell your personal information. We share it only in the following circumstances:

  • Service providers: trusted third parties who process data on our behalf under written agreements — including cloud hosting (e.g. Cloudflare), payment processing (e.g. Stripe), email delivery (e.g. Resend), and analytics. These providers may only use data to provide services to us.
  • Your customers: when you send a quote or invoice via the Service, your customer's details and the document are transmitted as you direct.
  • Integrations you authorise: if you connect your Xero or MYOB account, relevant data is shared as needed to power that integration.
  • Legal requirements: if required by law, court order, or to protect our rights, property, or safety.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, personal information may be transferred to the successor entity, who must honour this policy.

5. Data Retention

We retain your personal information for as long as your account is active and for a period afterwards as required by law or our legitimate business interests:

  • Account data: retained for the life of your account plus 7 years (to meet NZ and AU tax record-keeping obligations).
  • Job and invoice data: retained for 7 years from the date of creation unless you request earlier deletion.
  • Voice recordings: deleted within 24 hours of processing.
  • Usage and analytics data: retained in aggregated or anonymised form for up to 2 years.
  • Contact form submissions: retained for 12 months.

When you close your account, we delete or anonymise your personal information within 30 days, except where retention is required by law.

6. Your Rights

Under the NZ Privacy Act 2020 and (where applicable) the Australian Privacy Act 1988, you have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate or incomplete personal information.
  • Delete your personal information (subject to legal retention requirements).
  • Object to or restrict certain processing.
  • Data portability: request a machine-readable export of your data.
  • Withdraw consent for marketing communications at any time.
  • Complain to the New Zealand Privacy Commissioner (privacy.org.nz) or the Office of the Australian Information Commissioner (oaic.gov.au) if you believe we have mishandled your information.

To exercise any right, email us at [email protected]. We will respond within 20 working days (as required by the NZ Privacy Act).

7. Cookies

We use cookies and similar technologies for:

  • Essential cookies: session authentication and security. These cannot be disabled without breaking the Service.
  • Analytics cookies: understanding how users interact with the Service (e.g. page views, feature usage). We use privacy-respecting analytics that do not fingerprint individuals.
  • Preference cookies: remembering your settings.

You can control non-essential cookies through your browser settings. Disabling analytics cookies will not affect your ability to use the Service.

8. Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Access controls and role-based permissions for staff.
  • Regular security reviews and penetration testing.
  • Secure deletion of data when no longer required.

No system is completely secure. If you suspect your account has been compromised, contact us immediately at [email protected]. We will notify affected users of any data breach that poses a serious risk, in accordance with the NZ Privacy Act 2020 and the Australian Notifiable Data Breaches scheme.

9. International Transfers

Tradmin is based in New Zealand. Your data may be stored or processed by our service providers in other countries, including the United States and the European Union. We ensure all international transfers are subject to adequate safeguards (including standard contractual clauses or equivalent protections) consistent with the NZ Privacy Act 2020 and the Australian Privacy Act 1988.

10. Children

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you become aware that a minor has provided us with personal information, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a prominent notice in the Service at least 14 days before the change takes effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact Us

For any privacy-related questions, requests, or complaints:

If you are not satisfied with our response, you may complain to the New Zealand Privacy Commissioner at privacy.org.nz or, for Australian users, the OAIC at oaic.gov.au.