TRACX
Marketplace
ProductFeaturesPricingOverview
Start earning

Privacy Policy

This Privacy Policy explains how TRACX (“we”, “our”, or “us”) collects, uses, shares, safeguards, and retains information in connection with our AI chat research platform, websites, and related services (collectively, the “Services”). We are committed to protecting your privacy and being transparent about our data practices.

1) Who we are and our roles

TRACX provides an AI-powered research platform that enables brands to launch conversational studies (“Campaigns”) and collect qualitative insights from participants. Depending on context:

  • When we process data on behalf of our business customers (e.g., brands running Campaigns), we act as a data processor/service provider. Our customers are the data controllers/businesses responsible for their Campaigns and instructions.
  • When we process data for our own purposes (e.g., account creation, billing, product improvement, site analytics), we act as a data controller/business.

2) Information we collect

The information we collect depends on how you use the Services.

Account and contact information

Name, email address, organisation/company details, role, and authentication method (e.g., magic link sign-in).

Participant profile and eligibility data

Information provided by participants when joining or updating their profile, and responses to screening questions to determine eligibility for specific Campaigns.

Campaign interactions and content

Chat transcripts, messages, files or media you upload, and associated Campaign context (e.g., prompts, tasks, timing). These data are central to delivering research insights to our customers.

Payment and wallet information

If you are rewarded for participation, we may process payment identifiers, wallet details, and transaction records. We do not store full payment card details on our servers.

Device, usage, and analytics data

IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, clicks, session metadata, and feature usage to secure and improve the Services.

Cookies and similar technologies

We use cookies and similar technologies for authentication, preferences, analytics, and performance. You can control cookies through your browser settings. Where required, we obtain consent.

Sensitive information

We generally do not seek to collect sensitive personal data unless explicitly required for a Campaign and permitted by law, with appropriate safeguards and clear disclosures.

3) How we use information

  • Provide, operate, and maintain the Services.
  • Authenticate users and secure accounts.
  • Enable Campaign participation and deliver research outputs.
  • Process rewards and manage participant wallets where applicable.
  • Monitor, prevent, and detect fraud, abuse, or security incidents.
  • Analyze usage and improve performance, features, and UX.
  • Provide support and communicate important service updates.
  • Comply with legal obligations and enforce our terms.
  • With consent or as permitted by law, send product communications and collect feedback to improve quality and privacy.

4) Legal bases (EEA/UK)

Where the GDPR/UK GDPR applies, we rely on the following legal bases:

  • Contractual necessity: to provide the Services and run Campaigns.
  • Legitimate interests: to secure, improve, and operate the Services, prevent fraud/abuse, and understand usage, balanced against your rights and freedoms.
  • Consent: for certain analytics, cookies, or where Campaigns require explicit consent.
  • Legal obligations: to comply with applicable laws and requests.

5) Sharing and disclosures

  • With customers (brands) for Campaign results: We process Campaign data on their behalf. Customers determine how they use the outputs and are responsible for their own notices and permissions.
  • Service providers: Hosting, storage, analytics, security, email, customer support, and payments. We bind them by contract to use the data only as instructed and protect it appropriately.
  • Legal and compliance: To protect rights, safety, and the Services, comply with law, or respond to valid legal requests.
  • Business transfers: In connection with a merger, acquisition, or asset sale, subject to safeguards and continued protections.

We do not sell your personal information. We do not allow targeted advertising based on your Campaign content.

6) International transfers

We may transfer, store, and process information in countries other than where it was collected. Where required, we use appropriate safeguards such as Standard Contractual Clauses, and we take steps to ensure an adequate level of protection for your data.

7) Security

We implement administrative, technical, and organizational measures designed to protect personal data, including encryption in transit, access controls, audit logging, and least-privilege practices. No system is perfectly secure; we work continuously to enhance our security posture.

8) Retention

We retain personal data for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Customers can configure Campaign retention where applicable; we honor deletion requests in accordance with law and our agreements.

9) Your rights

Depending on your location, you may have rights to access, correct, delete, or port your data, object to or restrict processing, and withdraw consent at any time. If we process your data on behalf of a customer, please contact them first; we will assist as required.

10) U.S. state privacy notices (e.g., California)

For residents of states with comprehensive privacy laws (such as the CCPA/CPRA in California), we provide the following additional disclosures:

  • Categories collected: identifiers; commercial information (e.g., transactions); internet or network activity; geolocation (approx.); professional or employment-related information; inferences; and audio/visual content if you provide it during Campaigns.
  • Sources: directly from you; from your organization; from your device; and from service providers supporting our Services.
  • Purposes: see “How we use information” above. We do not sell your personal information and we do not share it for cross-context behavioral advertising.
  • Your state rights may include: access, deletion, correction, and opt-out of sale/sharing, as applicable. You may also limit the use of sensitive information where required by law.

11) Children’s privacy

The Services are not directed to children under the age of 13 (or as otherwise defined by local law). We do not knowingly collect personal information from children without appropriate consent and safeguards.

12) Automated decision-making

We use AI models to assist with conversational research and synthesis features. We do not engage in solely automated decisions that produce legal or similarly significant effects about individuals without human oversight.

13) Changes to this policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. We will post the updated version and revise the “Last updated” date below.

14) Contact us

If you have questions, concerns, or requests regarding your personal data, please contact us at privacy@tracx.ai. You also have the right to contact your local data protection authority.

Last updated: 11/20/2025