Privacy Policy

Tradeline Authority

Privacy Policy

How we collect, use, share, and protect personal information for members inside the Tradeline Authority Vault, along with your choices and privacy rights.

  • Members-Only Vault
  • Applies after purchase + login
  • Last updated: October 2025

Quick Summary (Plain English)

  • We collect only what’s needed to create your account, process payments, run the Vault, and support you.
  • Payments are processed by Gumroad (our current provider). We never see or store full card numbers.
  • We log Vault activity (e.g., lessons viewed, downloads) to secure the platform and improve content.
  • We do not sell your personal information. Limited sharing with service providers only.
  • You can access, update, or delete certain data, control marketing, and exercise state/international privacy rights.

Scope & Controller

This Privacy Policy applies to personal information processed when you purchase access on Gumroad and use the Tradeline Authority Vault after login. The data controller for Vault operations is Tradeline Authority (“we,” “us,” “our”).

What We Collect

  • Account & Profile — name, email, password (hashed), company, role.
  • Billing — purchase history and non-sensitive billing tokens from Gumroad (brand/last4/expiration). We do not store full PAN/CVV.
  • Vault Activity — pages viewed, progress, search queries, downloads, quiz attempts, timestamps, IP/device info (for security and analytics).
  • Support & Communications — emails, tickets, chat messages, call notes.
  • Files You Upload — documents you attach in tools or support (you control what you upload).
  • Cookies & Similar Tech — essential session cookies; optional analytics/marketing cookies (see Cookies & Tracking).

Cookies & Tracking

  • Essential — required for login, session continuity, and CSRF protection.
  • Analytics — to understand usage and improve content (we use aggregated reports).
  • Preferences — remember settings like dark mode or playback speed.

You can control cookies in your browser. Blocking essential cookies may sign you out or limit features. We do not “sell” or “share” data for cross-context behavioral advertising. If we ever introduce optional analytics/marketing cookies, you’ll have a clear choice to opt in where legally required.

How We Use Information

  • Provide the Vault — create and maintain accounts, authenticate sessions, deliver lessons, tool access, and certificates. Legal basis: contract/legitimate interests.
  • Payments & Invoicing — process transactions through Gumroad, prevent fraud, handle refunds/chargebacks. Basis: contract/legal obligation.
  • Support — respond to requests, fix issues, and customize guidance. Basis: contract/legitimate interests.
  • Improve & Secure — product analytics, QA, abuse and intrusion monitoring. Basis: legitimate interests.
  • Communications — account/transactional emails; optional product updates (you can unsubscribe). Basis: contract/consent where required.
  • Compliance — meet legal, tax, and audit requirements. Basis: legal obligation.

Sharing & Disclosures

We share personal information only as needed to run the Vault or as required by law:

  • Service Providers (processors): hosting/CDN, Gumroad for payments, email delivery, analytics, customer support. They must protect your data and use it only on our instructions.
  • Legal & Safety: to comply with valid legal requests, enforce terms, or protect users, our platform, or the public.
  • Business Transfers: as part of a merger or acquisition with appropriate safeguards.

We do not sell your personal information and do not “share” it for cross-context behavioral advertising.

Data Retention

  • Account & purchasesWhile account is active + up to 7 years (tax/audit)
  • Support tickets & emails3 years from last interaction
  • Vault analytics (aggregated)26 months (then de-identified)
  • Access logs & security events12–24 months (shorter where feasible)
  • Uploaded filesYou may delete; backups roll off on a schedule

Your Choices & Rights

  • Access/Update — edit profile details from your account or contact us.
  • Delete — request deletion of your account and eligible data (some records kept as required by law).
  • Marketing — unsubscribe from non-transactional emails at any time.
  • Verification — we may ask for reasonable information to confirm your identity before fulfilling requests.

To exercise rights, email info@reportprimarytradelines.com.

US State Privacy Notices (including California)

  • Right to Know/Access/Correction/Deletion — you may request access to, correction of, or deletion of personal information we maintain, subject to exceptions.
  • Sensitive data — we do not use sensitive personal information to infer characteristics.
  • Sale/Sharing — we do not “sell” personal information or “share” it for cross-context behavioral advertising; honoring Global Privacy Control (GPC) is therefore not applicable to advertising here.
  • Authorized agents — if you use an agent, we may require proof of authorization and your verification.
  • Non-discrimination — we will not discriminate against you for exercising your privacy rights.
  • Financial incentives — we do not offer programs that require you to waive privacy rights.
  • “Shine the Light” (CA Civ. Code §1798.83) — we do not disclose personal information to third parties for their direct marketing.

EU/UK GDPR Information

If you are in the EEA/UK, you have rights to access, rectify, erase, restrict, or object to processing and to data portability, and the right to lodge a complaint with your supervisory authority. Our typical legal bases are contract, legitimate interests, legal obligation, and consent where required. Contact us at info@reportprimarytradelines.com.

Security

We use administrative, technical, and physical safeguards (TLS in transit, access controls, least-privilege, monitoring, and regular backups). Payments are handled through Gumroad, which is responsible for PCI DSS compliance. No method is 100% secure; please use a strong unique password and enable device protections. If we learn of a breach affecting you, we will notify you as required by law.

International Transfers

Data may be processed in the United States. Where required, we rely on Standard Contractual Clauses or comparable safeguards for transfers.

Children

The Vault is for adults and professional learners. We do not knowingly collect data from children under 13 (or under 16 in certain regions). If you believe a child has provided personal information, contact us to remove it.

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects about you.

Changes to This Policy

We’ll post updates here and adjust the “Last updated” date above. Material changes may also be announced in-app or via email.

Contact Us

Questions or privacy requests: info@reportprimarytradelines.com · Tradeline Authority, Privacy Team, Your Mailing Address.

Educational Notice: The Vault provides education and tools, not legal advice. For legal questions, consult qualified counsel.