Version: 1.0
Effective Date: 18 Nov 2025
Owner: Data Protection Officer
Reviewed: 18 Nov 2025
1. Purpose
This policy outlines how long Tradoly retains personal data collected through its platform, in compliance with:
- The General Data Protection Regulation (GDPR), including Article 5(1)(e) (storage limitation) and Article 6 (lawful basis for processing), and
- Applicable Spanish law.
The purpose is to ensure that personal data is not stored longer than necessary and is securely deleted or anonymized when no longer needed.
Tradoly operates as a digital marketplace enabling users to create vehicle listings, communicate with other users, and complete transactions. Data retention periods defined in this policy reflect how data is generated, shared, and persisted within this marketplace environment.
This includes fixed-price vehicle listings, dealer-trader negotiation flows via in-app chat, escrow-based transactions through PayProff, subscription-based services via Stripe, API-driven vehicle data enrichment (ASG services), and logistics coordination via TransConnect or similar API-based providers.
2. Scope
This policy applies to all personal data collected from:
- Registered users (buyers and sellers),
- Visitors,
- Business partners and dealers.
It includes data collected via:
- Website usage (including cookies and tracking technologies),
- User profile creation,
- Communication (email, platform chat, in-application messaging system),
- Listings, uploaded content, and transactions.
It covers all systems and formats (e.g. databases, logs, backups, email servers).
Marketplace Data Visibility: Certain personal data (such as listing details, profile information, and communications) may be visible to or shared with other users as part of the platform's functionality. Once shared with other users, such data may persist independently of Tradoly's systems and may not be fully retrievable or deletable by Tradoly.
This is particularly relevant for:
- Messages sent between users
- Listings viewed or made exclusive by other users
- Contact information shared upon interaction
Users may save wishlists within their account, and such saved data is stored within their user profile for personalisation and platform functionality purposes. No external export or download of other users' personal data is provided by default, except where explicitly enabled through platform features such as transaction invoices or user-generated report exports.
3. Retention Schedule
| Data Category | Purpose | Retention Period | Action After Expiry |
|---|---|---|---|
| User Account Information (name, email, phone, address, preferences) | User identification and service delivery | Until account deletion OR 5 years of inactivity + 1 month notice period | Deleted or anonymized |
| User-to-User Shared Data (messages, shared contact details, listing interactions) | Facilitating marketplace communication | Not controlled by Tradoly after delivery | May remain accessible to recipients even after deletion by sender |
| Chat Messages | Buyer-seller communication and support | 6 months after last interaction | Deleted (Note: messages shared with other users may remain accessible to recipients) |
| Vehicle Listings | Marketplace functionality and discovery | 6 months after listing expiration OR until manually deleted | Deleted or anonymized (however, cached or shared versions may persist) |
| Uploaded Content (images, documents, descriptions) | Supporting listings and user interaction | Until deleted by user or account deletion | Content shared with other users may remain accessible to them. Third-party based CDN storage is used. |
| Payment Records (receipts, transaction data) | Legal and accounting compliance | Retained in accordance with applicable Spanish legal obligations | Secure deletion |
| Support Communications (tickets, emails, calls) | Customer service and dispute handling | 12-24 months | Deleted |
| Access & Activity Logs (IP, login, session data) | Security and system performance | 12 months (Legal basis: GDPR Art. 6(1)(f)) | Deleted |
| Marketing Consent Records | Proof of consent for marketing | Until consent is withdrawn or 2 years after last interaction | Deleted |
| Newsletter Subscription Data | Marketing communication | Until consent is withdrawn | Deleted |
| Fraud and Abuse Records | Legal defense and fraud prevention | Up to 3 years after case closure | Deleted or securely archived |
| User Reviews and Comments | Platform integrity and transparency | Duration of account + 6 months | Deleted or anonymized |
| Third-Party Data (e.g. public registers, partners) | User verification and compliance | As long as necessary for compliance purposes | Deleted or updated |
| Analytics / AI Data (anonymized or pseudonymized) | Service improvement and analytics | Indefinite only if fully anonymized | No action required |
| Behavioral & Interaction Data (clicks, searches, saved listings) | Platform optimization and recommendation systems | Up to 12 months | Deleted or anonymized |
| Moderation and Trust & Safety Data (flagged listings, reports, violations) | Platform integrity and abuse prevention | Up to 3-5 years depending on severity | Deleted or restricted |
4. Data Minimization and Anonymization
Tradoly applies data minimization principles in accordance with GDPR Article 5(1)(c) and ensures that personal data is adequate, relevant, and limited to what is necessary.
Where possible, personal data is anonymized or pseudonymized once the original purpose has been fulfilled.
Fully anonymized data may be retained for:
- Service improvement (e.g. analytics and AI training),
- Statistical reporting,
- Research and development.
Application in Product Design: Tradoly implements data minimization by:
- Allowing users to control what personal data is included in listings
- Limiting mandatory fields to only those required for marketplace functionality
- Providing options for masked contact exposure until mutual interaction is initiated (in-app chat-based communication instead of direct contact disclosure, and optional masked contact routing for transactional communication where applicable)
5. Backups
While backup data is scheduled for deletion, it may not be immediately removed from all backup systems.
Backup data:
- Is isolated from production systems
- Is not used for active processing
- Will be overwritten automatically within backup lifecycle limits (maximum 30 days)
Full deletion from backups occurs only upon system overwrite cycles.
6. Responsibilities
- Data Protection Officer (DPO): Responsible for overseeing compliance, audits, and policy enforcement.
- IT Department: Responsible for implementing technical controls, including automated deletion and secure storage.
- Business Teams: Responsible for defining data purposes and notifying relevant stakeholders of changes affecting retention.
- Third-Party Processors: External partners processing data on behalf of Tradoly act only under documented instructions and are bound by data processing agreements and confidentiality obligations.
Marketplace-Specific Responsibility: Users (buyers and sellers) are independently responsible for personal data they share with other users. Tradoly does not control retention of personal data once it has been accessed, stored, or processed by another user outside the platform.
This includes API driven data exports by traders or dealers (transaction/order history exports or inventory downloads), where such data may be stored independently by the receiving party outside Tradoly's systems.
7. Review and Updates
This policy is reviewed annually or upon major changes in legal, regulatory, or operational requirements.
8. Contact
For questions about this policy, contact:
9. Data Subject Rights
Users have the following rights under the GDPR:
- Right of access: To obtain confirmation and access to personal data processed by Tradoly.
- Right to rectification: To correct inaccurate or incomplete data.
- Right to erasure: To request deletion of personal data where applicable.
- Right to restriction: To limit processing under certain conditions.
- Right to object: To object to processing, particularly for direct marketing.
- Right to withdraw consent: At any time where processing is based on consent.
- Right to lodge a complaint: With the Spanish Data Protection Authority (Agencia Espanola de Proteccion de Datos).
How Users can Exercise Rights:
- Delete their account via platform settings
- Manage listings and uploaded content directly
- Request full data deletion via support@tradoly.com
Tradoly may retain certain data where legally required or where necessary for the establishment, exercise, or defense of legal claims.
10. Profile Deletion Clarification
When a user deletes their profile:
- Personal data controlled by Tradoly will be deleted or anonymized according to this policy
- Listings will be removed from active display
- Associated personal data will be scheduled for deletion
However, the following may persist:
- Messages already delivered to other users
- Listings or content already viewed, cached, or stored by other users
- Data required for legal compliance or dispute resolution
Tradoly cannot guarantee deletion of data retained independently by other users.
This reflects the nature of a marketplace platform where data is actively shared between participants.
11. Automated Retention Enforcement
Tradoly implements automated systems to enforce retention periods, including:
- Scheduled deletion cron jobs for inactive accounts and expired listings
- Automated anonymisation of analytics data
- Periodic review of stored datasets
Automated enforcements are implemented through AWS cloud lifecycle policies, scheduled server-side cleanup jobs (cron-based systems), and database-level retention rules applied across production and backup environments.
Manual intervention may be required in certain cases (legal holds or disputes).
12. Legal Holds and Exceptions
Tradoly may retain personal data beyond standard retention periods where necessary to:
- Comply with legal obligations
- Respond to regulatory requests
- Establish, exercise, or defend legal claims
Such data will be retained only for as long as necessary and will be securely restricted.