CT
CarrierTrust
Language
HomeRisk indexCompany profileFor companies
Privacy

Privacy Policy

CarrierTrust respects privacy and processes personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation). This Privacy Policy explains how data is collected, used, stored, protected and retained when users access or use CarrierTrust.

Data we collect

  • Email address and authentication data for account access and security
  • Company name, VAT number, business profile information and account details where provided
  • Reviews, reports, legal notices, counter-notices, messages and other content submitted through the platform
  • Technical data including IP address, timestamps, device/browser information, security logs and activity records
  • Moderation history, complaint history, abuse signals and evidence relevant to platform integrity or legal disputes

Purpose of processing

Data is processed to operate CarrierTrust, provide user accounts, publish and manage reviews, prevent fraud and abuse, enforce platform rules, handle complaints, preserve evidence, comply with legal obligations, protect legal rights and maintain platform security.

Legal basis

Personal data is processed where necessary for performance of a contract, compliance with legal obligations, legitimate interests in operating and protecting the platform, fraud prevention, abuse prevention, dispute handling, legal defense, and where applicable, user consent.

Storage and security

Data is stored using secure infrastructure, including Supabase services, with appropriate technical and organisational measures intended to protect data against unauthorized access, loss, misuse, alteration or disclosure.

Retention period

Data may be retained for as long as reasonably necessary for account operation, security, moderation history, complaint handling, fraud prevention, legal compliance, dispute resolution and enforcement of platform rules. Certain technical logs, timestamps, IP records and evidence may be retained where necessary to protect CarrierTrust, users or third parties.

Disclosure of data

Data may be disclosed to hosting providers, technical service providers, legal representatives, courts, regulators, competent authorities or law enforcement where required by law, legal process, valid authority request, fraud investigation, security protection, dispute handling or protection of legal rights.

Platform protection and evidence

CarrierTrust may preserve IP logs, account identifiers, timestamps, moderation actions, legal notices, complaint records, counter-notices and technical evidence where necessary for abuse prevention, fraud investigation, legal defense, authority cooperation and protection of platform integrity.

Your rights

Users may request access, rectification, erasure, restriction of processing, objection to processing, data portability where applicable, or withdrawal of consent where processing is based on consent. Some requests may be limited where retention is required for legal compliance, dispute handling, fraud prevention or protection of legal claims.

Supervisory authority

Users may lodge a complaint with the Latvian Data State Inspectorate or another competent data protection authority if they believe their personal data has been processed unlawfully.