Contact us
Last Updated: October 2025

This Privacy Policy explains how TraceNet Systems Ltd. ("TraceNet," "we," "our," or "the Company") collects, uses, protects, and discloses personal and financial data processed through our platform and related services.

Our mission is to enable financial transparency and security through AI-driven data intelligence, while maintaining strict compliance with international data-protection and financial-regulatory laws.

1. Scope and Application

This Policy applies to all users of TraceNet's platform — including individuals, businesses, and institutional partners — and covers data processed through:

  • Our websites and web applications;
  • API integrations with banks, payment providers, and crypto exchanges;
  • Customer support, onboarding, and communication channels.

It also applies to employees, contractors, and affiliates acting on behalf of TraceNet in processing user data.

2. Data We Collect

We collect only the data necessary to operate our services, ensure compliance, and improve system performance.

2.1 Data Provided by Users

  • Identity and contact details provided during compliance onboarding (e.g., full name, email address, institution, verification documents).
  • Account connection metadata (API keys, institution IDs — tokenized and encrypted).
  • User consent records and compliance declarations.

2.2 Data Collected Automatically

  • Technical information (IP address, device type, browser configuration, session time).
  • API call metadata and system performance logs.
  • Anonymized financial data retrieved via read-only connections.

2.3 Sensitive Financial Data

When connecting with banks or exchanges, TraceNet retrieves only read-only transactional data.

We never store authorization credentials, passwords, or payment instruments.

3. How We Use Data

We use collected data to:

  • Operate, maintain, and improve the platform;
  • Analyze transaction activity and detect potential fraud or irregular behavior;
  • Generate anonymized analytical and compliance reports;
  • Communicate with users and provide technical or regulatory support;
  • Fulfil legal and anti-money-laundering (AML) obligations;
  • Enhance the accuracy of our AI-based analytical models.

TraceNet does not sell or share data for marketing or advertising purposes.

4. Legal Basis for Processing

Data is processed under one or more of the following legal bases:

  • User consent — explicit authorization to connect financial accounts or submit verification data;
  • Legitimate interest — fraud detection, data security, and service improvement;
  • Legal obligation — compliance with AML/KYC and data-retention laws;
  • Contractual necessity — enabling user access and platform functionality.

5. Data Retention

Data is retained only for as long as necessary to:

  • Deliver platform functionality and services;
  • Comply with applicable financial regulations;
  • Resolve disputes or enforce contractual obligations.

Once no longer required, data is securely deleted or irreversibly anonymized.

6. Data Security

We employ advanced security measures to safeguard all user information:

  • AES-256 and TLS 1.3 encryption for data at rest and in transit;
  • Multi-region data hosting with restricted access controls;
  • Continuous penetration testing and vulnerability monitoring;
  • Immutable audit logs for all access and data operations.

All integrations are read-only and compliant with ISO 27001, SOC 2 Type II, and Open Banking PSD2 standards.

7. Data Sharing and Disclosure

We share data only where strictly necessary and under secure, regulated conditions:

  • Financial institutions and exchanges — to process authorized analytical or recall/dispute requests.
  • Regulatory authorities — when legally required for compliance with AML, KYC, or supervisory obligations.
  • Infrastructure providers — for hosting, compliance monitoring, or auditing, under confidentiality agreements.

TraceNet never discloses user data for commercial resale, behavioral profiling, or advertising.

8. International Data Transfers

Where data is transferred internationally, TraceNet applies appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) under GDPR;
  • Regional data storage for EU, UK, and Canadian users;
  • Encryption and pseudonymization prior to transfer.

Our primary data-processing centers are located in the European Union, United Kingdom, Canada, and Israel.

9. User Rights

Under applicable privacy regulations (including GDPR and UK DPA 2018), users have the right to:

  • Access their personal data;
  • Request correction or deletion;
  • Restrict or object to processing;
  • Request data portability;
  • Withdraw consent at any time without affecting prior lawful processing.

Requests can be submitted to privacy@tracenetsystems.com, and TraceNet will respond within 30 days of verification.

10. Cookies and Tracking

Our website uses minimal cookies essential for functionality and analytics.

Detailed information on cookie types and consent management is available in our Cookie Policy.

11. Data Protection Officer (DPO)

TraceNet has appointed a Data Protection Officer responsible for oversight of privacy practices and compliance.

📧 DPO Contact: dpo@tracenetsystems.com

📍 Address: TraceNet Systems Ltd., 14 HaGefen St., Ramat Gan, Israel

12. Updates to This Policy

This Policy may be updated periodically to reflect changes in regulation, technology, or corporate operations.

Revisions will be posted on this page with the updated "Last Modified" date.

For material updates, users will be notified via email or in-platform alert.

13. Contact

For any questions, privacy concerns, or regulatory correspondence, please contact:

📧 privacy@tracenetsystems.com

📍 TraceNet Systems Ltd.

14 HaGefen Street, Ramat Gan, 5252174, Israel

✅ Compliant with:

GDPR (2016/679), UK DPA 2018, CCPA, AMLD6, ISO 27001, SOC 2 Type II, PCI DSS, Open Banking PSD2.