Book a demo
See how canaries can enhance your security
Andy Smith
CEO, Tracebit
Sam Cox
CTO, Tracebit
Schedule a 45 minute personalised demo of Tracebit with one of our co-founders to:
- Discuss your specific security challenges
- Cover the range of canaries Tracebit can deploy for your use case
- Walk through a simple Tracebit deployment
How we use and protect your data at Tracebit
Last updated: 26th November 2025
Introduction
Tracebit Limited (‘Tracebit’) is a security product company.
We understand that you are aware of and care about your own personal privacy interests, which we take seriously. This Privacy Notice describes Tracebit’s policies and practices regarding its collection and use of your personal data and sets out your privacy rights. We recognise that information privacy is an ongoing responsibility, so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.
Data Protection Officer
Tracebit is headquartered in London, in the United Kingdom. Tracebit has appointed an internal data protection officer for you to contact if you have any questions or concerns about Tracebit’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to Tracebit’s data protection officer. Tracebit’s data protection officer’s name and contact information are as follows:
Sam Cox: sam.cox@tracebit.com
How we collect and use (process) your personal information
Tracebit collects personal information about its website visitors and customers. With a few exceptions, this information is generally limited to:
- name
- job title
- employer name
- work address
- work email
- work phone number
We use this information to provide prospects and customers with services.
We do not sell this personal information to anyone and only share it with third parties who are facilitating the delivery of our services.
From time to time, Tracebit receives personal information about individuals from third parties. Typically, information collected from third parties will include further details on your employer or industry. We may also collect your personal data from a third party website (e.g. LinkedIn).
Use of the Tracebit Website
Tracebit has a legitimate interest in understanding how members, customers and potential customers use its website. This assists Tracebit with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs. Where required by law, we rely on your consent for the use of cookies and similar technologies.
Tracebit uses website analysis services (e.g. Google Analytics, HubSpot, Unify GTM) that collect data regarding traffic on our website and general information about website visitors, including information about the device you are using and its characteristics, information about technical features of the website visit, the number of page visits and statistically relevant behaviour of our visitors on the website. We use these tools to collect statistics to improve the experience of our website visitors and to improve our service to our customers. We use cookies to facilitate these insights, with your consent. For further information (and the ability to withdraw consent for cookies other than those which are strictly necessary for the operation of the website), please set your cookie preferences by using the link in the footer.
Sharing information with third parties
The personal information Tracebit collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. On occasion, Tracebit engages third parties to send information to you, including information about our products, services, and events.
A list of our third party sub processors can be found here: https://trust.tracebit.com
We do not otherwise reveal your personal data to non-Tracebit persons or businesses for their independent use unless: (1) you request or authorise it; (2) it’s in connection with Tracebit-hosted and Tracebit co-sponsored conferences as described above; (3) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (4) the information is provided to our agents, vendors or service providers who perform functions on our behalf; (5) to address emergencies or “acts of God”; or (6) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.
The Tracebit website connects with third party services such as Facebook, LinkedIn, Twitter and others. If you choose to share information from the Tracebit website through these services, you should review the privacy policy of that service. If you are a member of a third party service, the aforementioned connections may allow that service to connect your visit to our site to your personal data.
International transfers
While Tracebit has its headquarters inLondon, we may transfer your personal data outside the United Kingdom, including to service providers located in the European Economic Area or the United States.
Where we do so, we ensure that appropriate safeguards are in place to protect your personal data. These safeguards may include reliance on the UK Extension to the EU-US Data Privacy Framework (also known as the UK-US Data Bridge) or the use of the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses, where the UK-US Data Bridge is not available. We may also carry out a data transfer risk assessment where required under UK data protection law.
For more information or if you have any questions, please contact us at support@tracebit.com
Data Subject rights
The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right of data portability
- Right to object
- Rights related to automated decision making including profiling
This Privacy Notice is intended to provide you with information about what personal data Tracebit collects about you and how it is used.
If you wish to confirm whether Tracebit is processing your personal data, or to have access to the personal data Tracebit may have about you, please contact us.
You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Tracebit might have received the data from Tracebit; what the source of the information was (if you didn’t provide it directly to Tracebit); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Tracebit if it is inaccurate. You may request that Tracebit erase that data or cease processing it, subject to certain exceptions. You may also request that Tracebit cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Tracebit processes your personal data. When technically feasible, Tracebit will—at your request—provide your personal data to you.
Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Tracebit will provide you with a date when the information will be provided. If for some reason access is denied, Tracebit will provide an explanation as to why access has been denied.
For questions or complaints concerning the processing of your personal data, you can email us at support@tracebit.com. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.
Data storage and retention
Your personal data is stored by the Tracebit on its servers, and on the servers of the cloud-based database management services the Tracebit engages, located in the United States. The Tracebit retains service data for the duration of the customer’s business relationship with the Tracebit and for a period of time thereafter, to analyse the data for Tracebit’s own operations, and for historical and archiving purposes associated with Tracebit’s services. Tracebit retains prospect data until such time as it no longer has business value and is purged from Tracebit systems. All personal data that Tracebit controls may be deleted upon verified request from Data Subjects or their authorized agents. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at: support@tracebit.com
Children’s data
We do not knowingly attempt to solicit or receive information from children.
Questions, concerns or complaints
If you have questions, concerns, complaints, or would like to exercise your rights, please contact us at:
Tracebit
86-90 Paul Street
London
England
EC2A 4NE
