Privacy Policy

1.1 We are the data controller in relation to the processing of the personal information that you provide to us. Our contact details are as follows:

1.1.1 Address: 57 Woodland Grove, Weybridge, England, KT13 9EQ.

1.1.2 Email address: admin@trubrics.com (please include “Personal DataRequest” in your subject heading to ensure it receives the correct attention).

1.2 Our Data Protection Officer is Joel Hodgson, whose email address is joel.hodgson@trubrics.com.

2.1 Generally, the information we hold about you comes from the way that youengage with us, for example by doing any of the following:

2.1.1 through engaging with us via our website or applications (Site),including the website form submission;

2.1.2 providing us with information in the regular course of business(including referrals or introductions to us);

2.1.3 providing us with information in the course of subscribing with for marketing communications we may operate from time to time (if you are a client or visitor of our Site);

2.1.4 contacting us offline, for example by telephone, SMS, email or by post;

2.1.5 interacting with us using social media; and

2.1.6 providing information in the course of your employment orengagement with you.

2.2 If you are an end user of our customer, we will collect your personal data fromour customer in the ordinary course of performing our services, in relation tohow you as an end user use the customer’s applications.

2.3 We may also obtain information from publicly available sources, includingpublic databases, registers and records.

3.1 The types of personal data that we may collect, use, store and transfer about you will depend on the relationship we have with you (e.g. whether you are a customer or visitor of our website). We have set out below the types of information collected together with the purpose and legal grounds for processing.

3.12 We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

4.1 Please note that personal information we are holding about you may be shared with and processed by:

4.1.1 any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006;

4.1.2 regulators, fraud prevention agencies or other third parties for the purposes of monitoring and/or enforcing our compliance with any legaland regulatory obligations, including statutory or regulatory reporting or the detection or prevention of unlawful acts;

4.1.3 any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order);

4.1.4 other parties and/or their professional advisers involved in a matter where required as part of the conduct of the services;

4.1.5 our own professional advisers and auditors for the purpose of seeking professional advice or to meet our audit responsibilities;

4.1.6 our service providers and agents (including their subcontractors) or third parties which process information on our behalf (e.g. internetservice, data storage and security platform providers, our bank, payment processing providers, accounting software providers and those organisations we engage to help us send communications to you) so that they may help us to provide you with the applications, products, services and information you have requested; and

4.1.7 another organisation to whom we may transfer our agreement with you or if we sell or buy (or negotiate to sell or buy) our business or any of our assets (provided that adequate protections and safeguards are in place).

4.2 Please note that we may include links within our Site to third party social media providers such as LinkedIn and Discord, but we will not share your informationwith such providers without your consent.

5.1 This Privacy Policy does not apply to information processed by our businesspartners or other third parties, including:

5.1.1 Google Workspace;

5.1.2 Hubspot; and

5.1.3 Quickbooks.

5.2 Our website may contain links to third websites which we do not own or control– this Privacy Policy does not apply to these third-party websites or applications that are accessible from, or referenced on, our website. We are not responsible for the privacy policies of other websites or applications, andencourage you read all applicable terms, conditions and privacy policies when using other websites and applications

7.1 We have systems in place to periodically review and delete data that is no longer being used by us for the purposes set out in this Privacy Policy. Unless we are required or permitted by law to hold on to your data for a specific retention period, we will only hold your personal information within our systems:

7.1.1 if you are a website visitor, for a period of 12 months since your lastinteraction with us;

7.1.2 if you are a customer, supplier or investor, for a period of 6 yearsafter you cease being a customer, supplier or investor;

7.1.3 if you are an end user of our customer, for a period of 12 months from when we obtain your personal data from the customer; and

7.1.4 if you are an employee, for a period of 6 years after you cease being an employee.

7.2 Where we no longer need your personal information, we will dispose of it in a secure manner.

7.3 In some circumstances you can ask us to delete your data: see your legal rights at paragraph 8 below for further information.

7.4 In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

8.1 In respect of the personal data about you that we are processing and in accordance with the Data Protection Act 2018 and the GDPR, in certain circumstances (and provided that exemptions do not apply) you will have the following rights:

8.1.1 right to access: the right to request certain information about, access to and copies of the personal information about you that we are holding (please note that you are entitled to request one copy of the personal information that we hold about you at no cost, but fo r any further copies, we reserve the right to charge a reasonable fee based on administration costs);

8.1.2 right to rectification: the right to have your personal information rectified if it is inaccurate or incomplete;

8.1.3 right to erasure/“right to be forgotten”: the right to withdraw your consent to our processing of the data (if the legal basis for processing is based on your consent) and the right to request that we delete or erase your personal information from our systems;

8.1.4 right to restriction of use of your information: the right to stop us from using your personal information or limit the way in which we can use it;

8.1.5 right to data portability: the right to request that we return any information you have provided in a structured, commonly used and machine-readable format, or that we send it directly to another company, where technically feasible; and

8.1.6 right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or for marketing purposes.

8.2 If you have subscribed to marketing communications from us, you have the right to unsubscribe from such communications at any time by following the link in the footer of the last email you received from one of our brands or by sending your request with detailed instructions to us (see contact details above).

8.3 Please note that if you withdraw your consent to the use of your personal information for purposes set out in our Privacy Policy, we may not be able to provide you with access to all or certain parts of our Site.

8.4 If you consider our use of your personal information to be unlawful, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. Please see further information on their web Site: www.ico.org.uk.

We do not make decisions based solely on automated data processing, including profiling.

10.1 We keep your information protected by taking appropriate technical and organisational measures to guard against unauthorised or unlawful processing, accidental loss, destruction or damage. For example:

10.1.1 where appropriate, data is encrypted when transiting on our system or stored on our databases;

10.1.2 we have implemented safeguards in relation to access and confidentiality in order to protect the information held within our systems; and

10.1.3 we frequently carry out risk assessments and audits to monitor andreview threats and vulnerabilities to our systems to prevent fraud.

10.2 However, while we will do our best to protect your personal information, we cannot guarantee the security of your information which is transmitted via an internet or similar connection. It is important that all details of any username, password and/or other identification information created to access our servers are kept confidential by you and should not be disclosed to or shared with anyone.

We may amend this Privacy Policy from time to time, for example to keep it up to date, to implement minor technical adjustments and improvements or to comply with legal requirements. We will always update this Privacy Policy on our Site, so please try to read it when you visit the Site (the “last updated” reference tells you when we last updated our Privacy Policy).

‍Last updated 02 March 2025