← Back to trademason.co.uk

Privacy Policy

Last updated: 11 June 2026

This policy explains what data TradeMason stores, why, and your rights. It is written for both contractors who hold an account and homeowners who submit an enquiry to a contractor through TradeMason.

1. What we store

• Contractor accounts: your name, email address, phone number, and sign-in credentials (held securely by our authentication provider).
• Business details: business name, contact details, service area, VAT status, default terms, and your saved rates.
• Customer and enquiry records: names, phone numbers, email addresses, postcodes and job details that customers submit through enquiry forms, or that contractors record themselves.
• Quotes: quote values, statuses, follow-up dates and outcomes (won/lost and reasons).
• Billing information: when you subscribe, your card payment is processed by Stripe, our payment provider. We do not see or store your full card number — Stripe handles that. We hold limited billing details (such as your name, email address and subscription status) to manage your account.

2. Why we store it

Solely to provide the service: capturing enquiries for the contractor they were sent to, preparing and tracking quotes, and helping contractors follow up work. We do not sell personal data, and we do not use it for third-party advertising.

3. If you are a homeowner who submitted an enquiry

Your enquiry (name, contact details, job description, postcode) is stored so that the roofing contractor you contacted can respond and quote. That contractor controls the relationship with you; TradeMason processes the data on their behalf. To have your details corrected or removed, contact the contractor directly or reach us via Support.

4. Where the data lives

Data is stored in our database and authentication provider (Supabase) and served from cloud hosting (Microsoft Azure). Card payments are processed by Stripe, our payment provider. Access to each contractor's data is restricted to that contractor's account using row-level security.

5. How long we keep it

For as long as the contractor's account is active, or until deletion is requested. Pilot accounts that are closed have their data removed within a reasonable period after closure.

6. Your rights

Under UK data protection law (UK GDPR) you can request access to, correction of, or deletion of your personal data, and you can complain to the ICO (ico.org.uk). Requests: see Support. We currently fulfil export and deletion requests manually and aim to respond within 30 days.

7. Changes

We will update this page as the product develops and note the date above.