Privacy Policy

1. Introduction

This Privacy Policy explains how Traceremove LLC ("Traceremove," "we," "us," or "our") collects, uses, shares, and protects personal information when you visit our website, request a free audit, enter into a signed engagement, or otherwise interact with our services. We are based in New York, NY, United States, and we serve clients globally.

We have designed this policy to comply with the General Data Protection Regulation (GDPR) for European visitors and clients, and with the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA) for California residents, as well as other applicable privacy frameworks.

2. Information We Collect

Information you provide directly

When you request a free audit, submit a contact form, book a discovery call, or enter into an engagement, we collect information such as your name, email address, phone number, company or brand name, and any details you choose to include about the reputation matter you wish to discuss. We also collect information you send us in the course of an active engagement, including target URLs, account identifiers, and any documentation you share with us to support the work.

Information collected automatically

When you visit our website, we automatically collect limited technical information including your IP address, browser type, operating system, referring URL, pages visited, and approximate geographic location derived from your IP. We use cookies and similar technologies for essential site functionality and, if you consent, for analytics. See Section 7 for details on cookies.

Information from third parties

In the course of performing Services, we may collect publicly available information about the subjects of an engagement from search engines, social platforms, review sites, and other public sources, as instructed by the Client under the relevant Engagement Letter.

3. How We Use Your Information

We use personal information to: respond to audit requests and inquiries; scope, perform, and deliver the Services; communicate with clients about engagements in progress; issue invoices and receive payment; maintain our website and improve its functionality; comply with legal obligations; and, where lawful, send limited communications about our services to existing clients.

We do not sell personal information to third parties, and we do not share personal information with third parties for their independent marketing purposes.

4. Legal Bases for Processing (GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, our legal bases for processing personal information are: (a) performance of a contract when you engage us for Services; (b) your consent, where we ask for it (for example, for optional analytics cookies); (c) our legitimate interests in operating and improving our business, provided those interests are not overridden by your rights and freedoms; and (d) compliance with legal obligations.

5. Information Sharing

We share personal information only with: (a) contractors and subprocessors who perform functions on our behalf (such as email delivery, cloud storage, analytics) under written confidentiality and data-protection obligations; (b) legal or professional advisors when we need specialist support; (c) authorities, when legally required; and (d) successors in interest, in the event of a merger, acquisition, or sale of assets, provided the successor agrees to honor this Privacy Policy.

6. Data Retention

We retain client engagement records for as long as the engagement is active and for a reasonable period thereafter to meet accounting, audit, and legal retention requirements — typically six years after the close of an engagement. Target lists, working files, and sensitive working data are purged from shared systems within ninety days of engagement close-out, subject to any legal hold obligations. Website analytics data is retained for fourteen months or as otherwise specified in our analytics provider's standard settings.

7. Cookies and Tracking

Our site uses cookies in three categories, grouped below with concrete detail so you know exactly what sits in your browser when you visit us.

Strictly necessary cookies (no consent required)

These cookies are essential for the site to function. Disabling them breaks the site. They include: tr_cookie_consent (stores your cookie-preferences choice so we don't ask again on every page, stored up to 1 year in localStorage, essential), tr_exit_seen (prevents the exit-intent popup from re-appearing every page in the same session, stored only for the session in sessionStorage). No personal data in either.

Analytics cookies (consent-based)

Only set if you choose "Accept all" on the cookie banner. We use Google Analytics 4 (GA4) via Google Tag Manager. The cookies set are: _ga (anonymous user identifier, 2 years), _ga_[ID] (session tracking per property, 2 years), _gid (daily identifier, 24 hours). These help us understand aggregate site usage — most-visited pages, drop-off points, device types, geographic distribution at country level. We do not use these cookies to identify individuals or to build advertising profiles. You can withdraw consent at any time by clearing your browser cookies or returning to our site and choosing "Essential only".

What we do not use

We do not use: advertising cookies, cross-site tracking pixels, Facebook Pixel, LinkedIn Insight Tag, or any third-party tracker designed for retargeting. We do not sell or share cookie-derived data with third parties for their own marketing. We do not use fingerprinting or device-level identifiers.

How to manage

On first visit, you choose via the cookie banner at the bottom of the screen. After that, you can change your mind by clearing your browser's cookies for our domain and reloading — the banner will reappear. Or contact contact@traceremove.com and we can help directly.

8. Your Rights

Depending on your location, you may have rights to: access the personal information we hold about you; correct inaccurate information; request deletion of your information; object to or restrict certain processing; request portability of your information; and withdraw consent where processing is based on consent. California residents have specific rights under CCPA/CPRA, including the right to know, the right to delete, the right to correct, and the right to opt out of sale or sharing of personal information (we do not sell or share in the ways that trigger this opt-out, but you may confirm this by contacting us).

To exercise any of these rights, contact us at the address in Section 12. We will respond within the timeframes required by applicable law (typically thirty days for GDPR; forty-five days for CCPA/CPRA).

9. International Transfers

We are based in the United States. If you are located outside the United States and provide personal information to us, that information will be transferred to and processed in the United States. Where required by law, we rely on appropriate safeguards for such transfers, including Standard Contractual Clauses approved by the European Commission and equivalent mechanisms for other jurisdictions.

10. Security

We implement reasonable administrative, technical, and physical safeguards to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include encrypted transmission, access controls, audit logging, and scoped workspace practices for client engagements. No system is perfectly secure, and we cannot warrant absolute security.

11. Children's Privacy

Our Services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate consent, we will delete that information.

12. Contact and Complaints

For privacy inquiries, data subject requests, or complaints, contact us at: contact@traceremove.com or Traceremove LLC, New York, NY, United States. If you are in the European Economic Area and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

13. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will revise the "Last updated" date above and post the revised policy on this page. Material changes will be communicated to active engagement clients by email.