Privacy & Trust

When you submit a job request to Tradelynx, the data you provide is used to match you with a suitable local trader and to keep your conversation with them in one place. We don't sell your details, we don't hand them to lead-broker resellers, and we don't publish them on a directory.

What you give us at intake:

• Your name, email, and phone
• The job description, postcode, and any photos you upload
• Your preferred timing

What we do with it:

• Match you with one local trader at a time.We send the job to a trader who covers your area and trade. If they don't accept, the request moves on to the next trader. You aren't broadcast to a directory.
• Strip metadata from photos. Images you upload are re-encoded server-side. Any GPS coordinates, camera serial numbers, or capture timestamps embedded in the file metadata are removed before a trader sees the photo.
• Keep your messages on Tradelynx. Conversations between you and the trader stay inside the platform thread until the trader accepts the job. After acceptance, contact details may be shared so they can arrange the visit.

What we don't do:

• We don't sell your data.
• We don't share your phone or email with traders before they accept the job.
• We don't use your data to train AI models. The AI we use (Anthropic Claude, OpenAI) processes inputs to perform a specific task — for example, scanning a trader's credential card — and the inputs aren't retained for training by those vendors on the API tier we use.

Different parties see different parts of your data, by design. Here's the short version:

• You see all of your own data — leads, jobs, messages, notifications, your profile.
• A trader being offered the job (before they accept) sees: the trade, your postcode area (not the full address), the job summary, urgency, and any photos you uploaded (with metadata stripped). They do not see your name, email, or phone.
• The trader who accepts the jobadditionally sees the full address and can message you through the platform thread. Phone calls, when used, may be routed via a masked number so your personal number isn't shared.
• Other traders on Tradelynx see no part of your job. The offered/accepted distinction is enforced both at the application layer and via row-level database security.
• Admin (the founder) can see all data for support, fraud review, and compliance. Every admin action is logged to an immutable audit trail.

For the technical detail of which database tables hold which fields and which roles can read or write each one, see the Data Access Matrix (maintained alongside the codebase under ISO 27001:2022 Annex A.5.15 / A.8.3).

Tradelynx is not a directory. You don't pick from a list and hope for callbacks. We send your job to one trader at a time, in a deliberate order:

• Trade fit.The trader covers the trade you've asked for (plumbing, electrical, etc.) and the specific job type if given.
• Geography. Their working radius covers your postcode area.
• Availability.They're currently accepting jobs and haven't paused or hit their daily cap.
• Standing. Verified status, completion history, and account health are taken into account.

The trader has a window to respond. If they don't accept, the job moves to the next eligible trader. You see one accepted match, not five competing quotes.

Every trader on Tradelynx completes identity verification through DiDit (a regulated identity-verification provider) — a biometric liveness check plus an ID document check. We also confirm a UK address and verify their phone number.

During admission, traders submit insurance documents and any trade credentials they hold (Gas Safe, NICEIC, OFTEC, etc.). These are kept on file and AI-scanned for type and expiry. They are not independently re-verified against the issuing scheme on a live basis.

What this means in practice:

• Identity is verified.The person you're messaging is the person who passed the DiDit check at admission.
• Documentation is on file.Insurance and trade credential documents are submitted, but Tradelynx doesn't guarantee that an insurance policy is currently active or that a Gas Safe number is currently registered.
• For regulated work, please verify directly.If the job is gas, electrical, asbestos, or another regulated trade, we recommend you confirm the trader's current scheme registration with the relevant body (Gas Safe Register, NICEIC, etc.) before work begins.

The longer technical disclaimer is on the Verification Explained page; the legal version is in the Terms of Service.

Under UK GDPR you have the right to access, correct, and delete the data we hold about you. We've built self-service tools for the most common requests:

• Download your data (Article 15 right of access). Sign in to your account and call POST /api/customer/account/export— you'll receive a JSON file with every record we hold about you, scoped to your authenticated user.
• Delete your account (Article 17 right to erasure). Sign in and call POST /api/customer/account/delete with { "confirm": true }. Your auth account is removed immediately. Any leads you submitted are anonymised in place (your name and contact removed; the trader's job-history record stays intact).
• File a formal data-subject request. Use POST /api/customer/account/dsar to file an access, correction, restriction, or objection request. We respond within 30 days.
• Email us directly at privacy@tradelynx.co.uk for any of the above if you prefer not to use the in-app tools.

Some data is preserved by law even after a deletion request: payment records (HMRC requires us to keep them for six years), anonymised job records (so the trader's work history remains intact), and immutable audit logs (a security control). The full retention table is in the Data Retention Schedule.

A short summary of the technical controls. The full picture is in our ISMS (ISO 27001:2022) and AIMS (ISO 42001:2023) documentation, available on request:

• Hosted in the EU/UK. Database (Supabase) and application hosting (Vercel) are in EU regions. Data does not transit outside the UK or EU for storage.
• TLS 1.2+ in transit, AES-256-GCM at rest for sensitive fields (encrypted access codes, key safe contents).
• Row-level security on every database table that holds personal data. Authenticated users can only read rows linked to their identity.
• No card data on Tradelynx infrastructure. Payments use Stripe Elements; we never see your card number. PCI scope: SAQ A.
• Approved third parties only. Supabase (database, auth), Vercel (hosting), Stripe (payments), Resend (email), Telnyx (telephony), DiDit (identity), Anthropic and OpenAI (AI), Sentry (error monitoring), Google Analytics 4 (anonymised traffic). No other vendor receives your data without explicit review.

Questions about how we use your data, or want to report a concern? Email privacy@tradelynx.co.uk. You also have the right to complain to the UK Information Commissioner's Office (ICO).