Privacy Policy
How TraceOne-Nexus collects, uses, and protects personal data across the recovery network.
Introduction
TraceOne-Nexus ("we", "us", "our") operates a European community platform that helps Vehicle Owners report stolen vehicles and helps community members share safety-first Sightings and Leads.
This Privacy Policy explains what personal data we process, why we process it, who can see it, and what choices you have. It applies to traceone.com and related TraceOne-Nexus services.
Scope and roles
TraceOne-Nexus processes personal data as a controller for account, platform, moderation, safety, and operational purposes described here.
Vehicle Owners remain responsible for the accuracy of Case information they submit. Community members must submit only information they observed safely and lawfully.
Data we collect
Account data: name, email address, password hash, role, security settings, and authentication events.
Profile data: public handle, display name, optional bio, city, country, operating radius, identity verification status, Trust Score signals, badges, and Contribution Score history.
Case and vehicle data: vehicle identity, plates, VIN (stored encrypted with only the last four characters shown publicly), make, model, year, color, distinctive details, incident timing, ownership or authorization evidence, moderation state, and Case status events.
Location data: exact coordinates and address components stored privately; privacy-reduced public labels and coordinates shown on Feed, Grid, Search, and Map according to our location privacy rules.
Evidence and contributions: photos, uploads, Sighting and Lead content, confidence, timestamps, moderation outcomes, and audit events for authorized access.
Communications: secure Case- and Lead-scoped messages, notifications, delivery attempts, and support or abuse reports.
Technical data: device and browser information, IP address, request logs, cookies or local storage used for session, theme, and security, and product analytics needed to operate the service.
How we use data
We use personal data to create and secure accounts, publish and moderate Cases, deliver urgent Leads and Sightings to authorized Vehicle Owners, provide privacy-aware discovery, calculate Trust Score and Contribution Score, send notifications you control, prevent abuse, and comply with law.
We do not sell personal data. We do not expose exact private locations, ownership documents, or unredacted Lead Evidence on public endpoints.
Legal bases
Where applicable under GDPR, we rely on: performance of a contract (providing the service you request); legitimate interests (security, fraud prevention, moderation, and improving recovery workflows); consent (optional marketing or non-essential cookies where required); and legal obligation.
Location privacy
Exact addresses, live coordinates, and sensitive home locations remain private by default. Public views use approximate labels and privacy-reduced coordinates that may be displaced, clustered, or omitted based on Case risk and your role.
Each stored location records the active privacy policy version so we can explain how public geography was derived.
Sharing and processors
We share data only with authorized participants (for example, Vehicle Owners reviewing Leads for their Cases), service providers under contract, or authorities when required by law or to protect safety.
Current processors may include hosting and database providers, private object storage for Evidence, email or push delivery providers, and Meta when an approved public Case is published to TraceOne-Nexus’s official Facebook Page or Instagram account.
Social publication includes only privacy-safe captions, the public Case URL, approximate city or country, public vehicle identity, safety guidance, and one approved public Evidence image. Drafts, rejected Cases, exact locations, Leads, and private Evidence are never sent to Meta.
Retention
We retain data while your account is active and as needed to operate Cases, Leads, audit trails, safety controls, and legal obligations.
When a vehicle is Recovered, active alerts stop and privacy-retention processes begin according to operational rules and applicable law.
Your rights
Depending on your location, you may request access, correction, deletion, restriction, portability, or objection to certain processing, and withdraw consent where processing is consent-based.
You can manage many privacy and notification settings in your account. Contact us using the details below to exercise other rights. You may also lodge a complaint with your local supervisory authority.
Security
We use encryption in transit, access controls, audit logging for protected actions, and private storage for sensitive Evidence. No online service can guarantee absolute security; report suspected account compromise promptly.
International transfers
TraceOne-Nexus is built for Europe. If data is processed outside your country, we use appropriate safeguards such as standard contractual clauses where required.
Children
TraceOne-Nexus is not directed at children under 16. Do not create an account or submit a Case if you are under the minimum age required in your country.
Changes
We may update this policy when our product or legal requirements change. Material updates will be reflected by version and date. Continued use after notice means you accept the updated policy where permitted by law.
Contact
Privacy questions or requests: privacy@traceone.com