Introduction

This policy aims to give you information about how Tractable collects and processes your personal data (for instance when you use our website or buy services from us). It is important that you read this notice together with any other notices we may provide on specific occasions when we are collecting or processing your personal data, so that you are fully aware of how and why we are using your personal data. This notice supplements the other notices and is not intended to override them.

If you have any questions or concerns about our use of your personal data, then please contact us using the contact details provided at the bottom of this policy.

This policy may be updated from time to time so you should check back here if you haven’t reviewed it for a while.

In this notice references to GDPR refers to the EU General Data Protection Regulation 2016/679 (“GDPR”) and national laws implementing GDPR (including the UK). If you’re a resident of California, the “Additional CCPA Disclosures” are outlined at the end of this document. 

Tractable acknowledges that various other Countries, States and Provinces consumer privacy laws may also provide their residents with the same or additional rights regarding our use of their personal information and Tractable confirms all those rights shall be adhered to. 

References to “personal data” mean any information relating to an identified or identifiable natural person (a ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Who are we?

Tractable uses the speed and accuracy of AI to visually assess cars and homes, headquartered in New York with affiliates in the UK, France, Romania and Japan.  

You can find out more about Tractable at https://tractable.ai/about-us/

What data is collected?

We collect certain information or data about you depending on the reason for your interaction with us. Personal data is data that can be used directly or indirectly to identify you, such as your name or identification number.

The personal data that we may collect about you broadly falls into the following categories:

  1. Information collected when you use the tractable.ai website, this includes:
  • questions, queries, feedback or any other information you request, email or provide to us (including your contact details such as your email address, phone number or postal address);
  • your IP address, broad geographic location, details of which version of web browser you used, and other technical information; and
  • information on how you use the website, using cookies and page tagging techniques to help us improve the website. For more information on the cookies we use, please see below.

We use this data to:

  • manage and improve the website and our offering by monitoring how you use it;
  • respond to any communications you send us, if you’ve asked us to;
  • form a view on what we think may be interest to you and this is how we decide which products and services may be relevant for you (we call this marketing) 
  • share thought leadership and research; and
  • manage our relationship with you such as performance of a contract with you to administer and protect our business. 

By browsing the tractable.ai website you agree to us processing your data in this way.

  1. Information that you provide voluntarily, this includes:
  • Contact information that you provide to us, for example to enable us to send you product or marketing information or to arrange a demo, to respond to your queries or to set up your account with us; 
  • Information provided to enable you to provide services to us and for us to invoice you; and
  • Personal data detailed on your CV or other documentation in connection with a role or contract with us.
  1. Information that we obtain from third party sources:

From time to time, we may receive personal data about you from third party sources such as: 

  • analytics providers and third party providers to obtain personal data for the purposes of contacting individuals who we think are likely to be interested in our products and services;
  • recruiters;
  • social media organisations (e.g. LinkedIn); and 
  • contractors. 

but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal data to us.  

The types of information we collect from third parties include contact details, job titles, IP addresses, and qualifications and we use the information we receive from these third parties to maintain and improve the accuracy of the records we hold about you, to find people who might be a good fit for our company and to enhance our marketing communications to you.

References in this notice to “you” or “your” are references to individuals whose personal data Tractable processes in connection with the items listed in Clause 1.

Sharing your personal data

We may pass on your personal data if we have a legal obligation to do so. This includes exchanging information with law enforcement bodies, regulatory or government agencies, in connection with a court order, to establish or defend our legal rights or to protect your vital interests or those of any other person.

We may disclose your personal data to the following categories of recipients:

  • to our group companies, third party services providers and partners who provide services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our website or to help supply or perform our services), or who otherwise process personal data for purposes that are described in this policy or notified to you when we collect your personal data;
  • to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal data only for the purposes disclosed in this policy;
  • Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services;
  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom or any other region we operate in, who require reporting of processing activities in certain circumstances; and 
  • to any other person with your consent to the disclosure.

Our legal bases for processing your personal data 

Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it.  We will always have a lawful basis for collecting and using your personal data and we will normally collect personal data from you only where we have your consent to do so, where we need the personal data to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.

In some cases, we may also have a legal obligation to collect personal data from you (for example to meet accounting or tax obligations) or may otherwise need the personal data to protect your vital interests or those of another person.

Cookies 

Our website may place small files, such as cookies, tags and scripts onto your computer or device to collect information about how you browse the website.

When you visit our website for the first time, you will be shown a pop-up requesting your consent to our cookie settings. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

You can find out more about how to manage cookies here: aboutcookies.org

What type of cookies do we use and why?

Required/Strictly necessary cookies: We use necessary cookies to make our site work. Necessary cookies enable core functionality such as security, network management, and accessibility. 

Analytical/performance cookies: These cookies allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it enabling us to better understand how our website is used. This, in turn, enables us to improve our website and the services offered through it. These cookies collect anonymous information only and do not show your personal information.

Personalised Advertising cookies. These cookies are used to make our Services more relevant to you and to personalize advertising online that may be of interest to you. For example, they personalize features such as (i) product searches and offers, (ii) recommended content, and (iii) adverts. They do not increase the amount of content that you will be shown, but they will help limit the number of times you see the same content. To opt-out of our use of these cookies, please refer to ‘How do you opt-out of personalized advertising and control other cookie settings?’ Note that opting out of this will not remove adverts, offers, or products; but may make them less relevant or more repetitive.

These cookies aren’t used to identify you personally and we do not pass on the data we collect to third parties. 

Provider

Type of Cookie

Purpose

Hubspot

Marketing

This cookie is for tracking visitors. It contains the domain, initial timestamp and last timestamp of each visit.

Google Ads

Marketing

This cookie is used for retargeting and analytics purposes.

Where is your data stored?

Specifically, our website servers are located in the United Kingdom, and our group companies and third-party service providers and partners operate around the world.  This means that when we collect your personal data we may process it in any of these countries. These countries may have different privacy standards however we will always ensure that we have taken appropriate steps to safeguard the transfer of your information.  

We have an intra-group data sharing and transfer agreement in place between the Tractable group companies to enable the lawful transfer of your personal data between our entities. 

Some or all of your data may be stored outside of the UK or the European Economic Area (“the EEA”). If we do store data outside the UK or the EEA, we will take all reasonable steps to ensure that your data is treated safely and securely in compliance with the applicable data protection laws, which may include the implementation of the standard contractual clauses outlined by the ICO and European Commission. 

Please contact us at privacy@tractable.ai if you would like further information about the specific mechanism used by us when transferring your personal data out of the EEA and/or the United Kingdom. 

How do we keep your personal data secure?

Transmitting information over the internet is generally not completely secure, and we can’t guarantee that your browsing activity won’t be intercepted and/or monitored by other parties before it reaches our servers.

Any data you transmit is at your own risk.

We have procedures and security features in place to try and keep your data secure once we receive it.

Data security is very important to us and to protect your data we have taken suitable measures to safeguard and secure the data we collect, including: suitable measures to protect data we collect via our website, secure servers, use of strict procedures and security features to prevent unauthorised access and the maintenance of our SOC 2 Type 2 attestation and ISO 27001 accreditation.

Changes to this notice or your personal data

This notice is updated regularly, the exact date can be found at the bottom of this policy. 

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. If you wish to update your personal data, please contact your relationship partner or us at privacy@tractable.ai

How long do we keep your personal data?

We will only keep your personal data for as long as is necessary to fulfil the purpose that we collected it for and/or for as long as we have your permission to keep it.

When considering how long to keep your personal data for we consider such things as: the purpose for which it was collected, the scope of the data, the risk of harm from unauthorised access and any applicable legal or regulatory requirements.

Links between websites

The tractable.ai website – and any associated sub domains contain links to other websites.

This privacy policy only applies to this website, and does not cover other websites that we link to. You should take care to check the address bar in your browser to check if you have followed a link onto a different site. If you go to another website from this one, read the privacy policy on that website to find out what that site does with your information.

Following a link to this website from another

If you come to this website from another website, we may receive personal data about you from the other website. You should read the privacy policy of the website you came from to find out more about this.

What rights does GDPR give me?

As an individual, you have the following rights under the GDPR. 

    • Rectification: If any of the data we hold about you is incorrect then you can ask us to correct it.
    • Access: You have the right to view the data we hold about you and to receive copies of this data in digital format.
    • Erasure: You can request that we erase all the data we hold about you.
    • Restriction of processing: In some cases you can ask us to retain your data but not do anything with it.
    • Objection: You can request that we stop using your data for certain purposes (such as marketing) and if we have processed your personal data with your consent, then you can withdraw your consent at any time.  Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
  • Complaint. You have the right to complain to a data protection authority regarding our collection and use of your personal data. See the below section “What if I have a complaint” section of this policy  or more details.
  • Data Portability. You can request that we provide your data in a structured, commonly used, and machine-readable format. 
  • Automated Decision. You have a right not to be subject to a decision which is based on automated processing where the decision will produce a legal effect or a similarly significant effect on you.

You may exercise any of your rights at any time by contacting privacy@tractable.ai. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. 

How do I exercise my rights?

If you want to exercise any of your rights in relation to personal data Tractable holds about you then please email: privacy@tractable.ai or write to the Data Controller at the address given on the contact page of our website.

For most requests we will need to verify your identity so that we don’t give out information to the wrong person, so please provide a contact phone number where we can contact you, or sufficient details to enable us to validate your request.

What if I have a complaint?

If you are concerned about how we manage your personal data, or how we have handled a request to exercise your rights, then please get in touch with us to discuss it. To do this, please send an email detailing your concerns to privacy@tractable.ai.

If you are not satisfied with the response you can take your concern to the Information Commissioner’s Office (if in the UK), Office of the Privacy Commissioner of Canada if in Canada, or the relevant privacy authority in your jurisdiction. 

Various National, State, or Provincial consumer privacy laws may provide their residents with additional rights regarding our use of their personal information.

Some US jurisdictions, including California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia provide (now or in the future) their state residents with rights to:

  • Confirm whether we process their personal information.
  • Access and delete certain personal information.
  • Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose (excluding Iowa and Utah).
  • Data portability.
  • Opt-out of personal data processing for:
  • targeted advertising (excluding Iowa);
  • sales; or
  • profiling in furtherance of decisions that produce legal or similarly significant effects (excluding Iowa and Utah).
  • Either limit (opt-out of) or require consent to process sensitive personal data.

The exact scope of these rights may vary by state. To exercise any of these rights please contact us at privacy@tractable.ai.

Additional CCPA Disclosures

Under the California Consumer Privacy Act (“CCPA”), if you are a resident of California, we are required to provide you with additional information about how we collect, use, and disclose personal information.

For purposes of this notice, the term “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (the “CCPA”) but excludes information exempted from the CCPA’s scope. Please note that the terms of personal information and personal data are interchangeable for the purposes of this notice. 

The categories and sources of the Personal Information we collect are described above in “What data is collected?” 

The purposes for which we use Personal Information are described under “What data is collected?” section of this notice. 

The categories of third parties with whom we share personal information are described under the section “Sharing your personal data” of this Notice. 

Your data rights 

You have the right to request that Tractable disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable request, we shall provide to you all the information we are required to provide.

You have the right to request that Tractable delete any of your personal information that we have collected from you, subject to certain exceptions e.g required by law to retain a copy.

The specific pieces of personal information we have collected about you can be requested at  privacy@tractable.ai.  

Copyright

This policy is based on the UK government website privacy policy which is kindly made available under the Open Government Licence v3.0.

Last updated March 21, 2025

Subscribe for updates

The speed and accuracy of AI

Linkedin-in Facebook-square X-twitter Youtube
Solutions
Insurers
Repairers
Recyclers
Fleet & Rentals
Company
About us
News
Careers
Partnership
Partners
Press
© 2025 Tractable. All Rights Reserved
Cookies Policy
Privacy Policy