Tracer Limited
Website privacy policy and cookies policy

Policy Statement

Your privacy is important to us and we take great care to protect any information you provide to us, including information that is shared whilst visiting our website. We will always use your personal information fairly and reasonably, in compliance with legislation and also adopting generally accepted principles governing data protection. We look to be transparent and open about how we use, share and collect your personal information. We will use reasonable steps to keep your information secure and protect it from misuse by putting suitable measures in place.

Who We Are And What We Do

Tracer Limited (trading as Tracer Insight) is an independent research and insight consultancy, working with businesses to help them better understand their customers through conducting market research or analysing data which already exists within their business.

Tracer Limited is the data controller of the personal information we collect and use for our own business purposes, including research projects, client communications, and operation of this website. In most cases, we act as a data controller when we collect personal information from research participants, clients, and website users.

In some circumstances, we may process personal data on behalf of a client and act either as a data processor or as a joint or independent data controller. For example, a client may provide us with personal data, such as a customer or contact list, for the purposes of research or service delivery. Where we act as a data processor, we will process personal data only in accordance with the client’s documented instructions and the client’s privacy notice will apply to you. Where we act as a joint or independent data controller, we will make decisions as to why and how we process personal data which will be in accordance with our own privacy notice.

The Information We Collect and How we use the Information

If you use our website

We may collect personal information about you when you visit our website or interact with its features. This may include:

  • Information you provide through forms, such as your name, company name, job title, email address or phone number.
  • Technical and usage information automatically collected through cookies and similar technologies, such as your IP address, browser type, time zone, and how you use our site.

We use this information to:

  • Respond to enquiries or requests you make.
  • Improve the website and user experience.
  • Maintain security and detect or prevent misuse of the website.
  • Provide you with updates or materials where you have requested them.
  • To contact you and/or provide you with general information, as well as information about our products and services from time to time.  
  • To share with trusted third-party processors to perform functions on our behalf (please refer to the ‘Who we share the information with’ section for further details).
  • To respond to duly authorised information requests of governmental authorities or where otherwise required by law.
  • To investigate suspected fraudulent activity in connection with the website or violation of another party’s rights.

We rely on the following lawful bases for processing:

Legitimate interests, to maintain and improve our website, manage our business operations, and communicate with visitors who make contact.

Consent, where you have agreed to receive marketing communications or accepted non-essential cookies.

Please see the Cookies section below for more details about how we use cookies and how you can control them.

Our website is not directed at persons under the age of 18. Should we become aware that personal information from a child under 18 has been collected without the consent of a parent or guardian, we will use all reasonable efforts to delete the information.

If you contact us electronically

When you communicate with us by email, messaging services or other electronic means, we may collect:

  • Your name, email address, phone number, and any other information you include in your message.
  • Technical information such as your IP address or message metadata (for example, the date and time sent).

We use this information to:

  • Respond to your enquiry or provide requested information.
  • Keep business and project records.
  • Manage our professional relationships.
  • Provide you with updates or materials where you have requested them.
  • To contact you and/or provide you with general information, as well as information about our products and services from time to time.  
  • To share with trusted third-party processors to perform functions on our behalf (please refer to the ‘Who we share the information with’ section for further details).
  • To respond to duly authorised information requests of governmental authorities or where otherwise required by law.
  • To provide you with updates or materials where you have requested them.

We rely on the following lawful bases for processing:

Legitimate interests, to respond to enquiries, maintain contact with clients, suppliers and collaborators, and operate efficiently as a business.

Performance of a contract, where your message or request relates to an existing or potential client engagement or service provision.

If you take part in our research projects

When you participate in one of our research studies, your contact details will sometimes have been collected by an independent recruitment agency or sub contractor working on our behalf. The recruitment agency gathers your consent to share your details with us for the purpose of inviting you to take part in a market research project. We may also collect your personal data directly.

Once we receive your details, we act as an independent data controller for the personal data we collect directly from you during the research process.

We may collect:

  • Personal details provided by the recruitment agency (for example, your name, age, contact details, and relevant profile information needed for the study).
  • Information you provide directly during interviews, group discussions or online activities.
  • Audio, video or photographic recordings of interviews or research sessions.
  • Written or digital materials you submit (for example, diaries, questionnaires or online community posts).

We use this information to:

  • Conduct and analyse the research project.
  • Summarise findings and share results with the client.
  • Share selected, anonymised or limited video/audio clips with clients
  • To share with trusted third-party processors to perform functions on our behalf (please refer to the ‘Who we share the information with’ section for further details).
  • To respond to duly authorised information requests of governmental authorities or where otherwise required by law.  

We rely on the following lawful bases for processing:

Consent, obtained from participants before any recording or data collection takes place.

Legitimate interests, to conduct and report on research commissioned by clients in ways consistent with the participant’s consent and expectations.

All personal contact details provided by the recruitment agency or other third party are securely deleted within three months of project completion. Other identifiable data (such as recordings) are stored in anonymised form for a maximum of two years before secure deletion.

We only share identifiable materials (for example, recordings or video clips) with our client for the purposes of research and clients are contractually required to use them solely for this purpose.

Other Ways We May Use Your Information

We may also use your information in connection with the sale, assignment, or other transfer of the business or this website to which the information relates, in which case we will require any such buyer to agree to treat personal data in accordance with this Privacy Policy.  

We do not use your personal data for any automated decision-making or profiling.

Who We Share The Information With

All of your personal information is treated as confidential. We will never intentionally disclose this information to any third parties unless you request or consent to sharing your identifying information with them for a specified purpose.

We will not sell your personal information to third parties. Your information is not normally shared with anyone, except employees of Tracer Limited and trusted third-party processors who perform functions on our behalf, such as professional services such as accountants or lawyers, hosting our databases, or data processing services, any sub contractors we may use in the performance of services or for carrying out research functions on our behalf or clients whereby your consent has been sought.  They will have access to the information needed to perform their functions but may not use it for other purposes. They will never use your information to send you marketing. They must also process the personal information as set out in this Privacy Policy and as permitted by applicable data protection legislation.

How Long We Keep Your Information

We only keep personal information for as long as it is needed for the purpose for which it was collected, or as required by law. We apply specific retention periods depending on the type of data and how it was obtained as follows:

  • Research participants’ personal contact information (for example, names, phone numbers and email addresses received from third parties or recruitment agencies) is deleted within three months of the project being completed.
  • Research recordings, transcripts and other identifiable materials are retained in anonymised form for up to two years after project completion, after which they are securely deleted.
  • Client, supplier and sub-contractor contact details are retained for the duration of the working relationship and for up to six years afterwards for business and tax record purposes.
  • Website, enquiry and email correspondence data is kept for up to three years after the last interaction unless a longer retention period is required by law or necessary to resolve ongoing matters.
  • Financial records and invoices are kept for six years after the end of the relevant financial year to comply with HMRC and accounting requirements.

When information is no longer required, it is securely deleted from our systems and, where applicable, any physical documents are shredded or securely destroyed.

We review our retention schedules periodically to ensure personal data is not held longer than necessary and that our storage and deletion practices remain compliant with current data protection legislation.

Confidentiality and Security

The security of your personal information is very important to us. We take appropriate technical and organisational measures to protect it against unauthorised or unlawful processing, accidental loss, destruction or damage, in line with UK data protection legislation.

Our security measures are proportionate to the type and volume of personal data we handle and include:

  • Your personal information is normally stored and processed in the United Kingdom or EEA by using secure cloud storage and software through trusted UK- or EEA-based providers that meet recognised information security standards.
  • Password protection and multi-factor authentication for all user accounts and devices.
  • Encryption and restricted access to files containing personal information.
  • Regular review and deletion of data in line with our retention policy.
  • Any third parties we use being bound by confidentiality obligations and data protection compliance.

We assess risks to personal data before introducing new systems, services or processes and take steps to address any identified vulnerabilities.

All third parties who process personal information on our behalf (for example, cloud service providers, recruitment agencies or freelance researchers) are required to do so under written contracts that ensure they apply security standards and privacy safeguards equivalent to our own.

In the event of a personal data breach, we will follow our internal Data Breach Response Procedure and, where legally required, notify the Information Commissioner’s Office (ICO) and any affected individuals without undue delay..

We will only transfer your personal information to countries that have been assessed as having data protection standards that are not materially lower than those required under UK data protection legislation.

If we need to transfer data to a country that has not been formally assessed by the UK Government, we will:

  • Use UK International Data Transfer Agreements (IDTAs) or Addendums to the EU Standard Contractual Clauses (SCCs) approved by the Information Commissioner’s Office (ICO);
  • Carry out a transfer risk assessment to confirm that the destination country’s laws and practices are not materially lower than UK standards; and
  • Apply any additional technical and organisational safeguards necessary to ensure equivalent protection.

We do not rely on your consent as a lawful basis for international data transfers we rely on other lawful bases such as to fulfil a contract or legitimate interest.

Your Rights

Your rights concerning your personal data are listed below.  If you wish to exercise any of these rights, please submit your request and we will carry out any request to the extent required by applicable law.

  • The right of access – you can ask to see the personal information we hold about you, and we will show you free of charge, subject to those constraints provided by law. We will need you to verify who you say you are.
  • The right to rectification – if the information we have about you is inaccurate or incomplete, you are entitled to have it rectified. If we have shared your information with others, we’ll let them know about the rectification where possible. If you ask us, we will also tell you who we’ve shared your information with.
  • The right to erasure – you can ask us to delete or remove your information in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable). If we’ve shared your information with others, we will let them know about the erasure where possible.
  • The right to restrict processing – you can ask us to ‘block’ or suppress the processing of your information in certain circumstances, such as where you contest the accuracy of that information or object to us processing it. It will not stop us from storing your information but we will tell you before we lift any restriction. If we’ve shared your information with others, we will let them know about the restriction where possible.
  • The right to data portability – you have the right, in certain circumstances, to obtain information you’ve provided us with (in a structured, commonly used and machine readable format) and to reuse it elsewhere.
  • The right to object – you can ask us to stop processing your information if we are:
    • relying on our own or someone else’s legitimate interests to process your information;
    • processing your information for direct marketing; or
    • processing your information for research without consent.
  • The right to withdraw consent – if we rely on your consent (or explicit consent) as the legal basis for processing your information, you have the right to withdraw that consent at any time.

If you do contact us to request a copy of any of your personal data that we hold (where such data is held). Under the data protection legislation, no fee is payable, we are required to reply to you within one month, and we will provide any and all information in response to your request free of charge, provided the request is reasonable. If we require clarification to help us locate the information you are seeking, we may pause the one-month response period until we receive that clarification. We will also carry out a search that is reasonable and proportionate based on the scope and nature of your request. Please contact us using the details below.

How to contact us

The data controller responsible for your personal information for the purposes of the applicable data protection legislation which is Tracer Limited. You may contact us at:

Tracer Limited
39 Victoria Road
Bromsgrove
Worcestershire
B61 0DW

Email:  iona@tracerinsights.com

Telephone: 07775 823334

If you have any questions about this Privacy Notice or our data collection practices, please contact us at the address, telephone number or email listed above and specify your country of residence and the nature of your question.

The right to complain – If you have any concerns about how we collect or use your personal data, we encourage you to contact us in the first instance using the details above so that we can try to resolve the issue. We aim to respond to all complaints within 30 days. Where your concern is complex or requires more time, we will let you know and keep you updated on progress. If you are not satisfied with our response, or if you would prefer not to speak to us first, you can contact the UK’s data protection authority: Information Commissioner’s Office (ICO) www.ico.org.uk or by telephone 0303 123 1113.

COOKIES

What is a cookie?

Cookies and similar technologies are very small text documents or pieces of code, which often include an anonymous unique identifier.  When you visit a website or use a mobile application, a computer asks your computer or mobile device for permission to store this file on your computer or mobile device and access information from it.  

Information gathered through cookies and similar technologies may include the date and time of visits and how you are using a particular website or mobile application. Cookies are used by us as part of our Website and they are also used by some of our third party partners.

Consent To Our Use Of Cookies

By using the Website you acknowledge that we may store and access essential cookies on your computer or other device. Essential / strictly necessary cookies are cookies which are essential for the operation of our Website.

Furthermore, where you give permission, we may also store and access certain non-essential cookies on your computer or other device. These cookies are not essential to the operation of our Website but allow us to provide additional functionality or to gather additional information about your use of our Website. You are not obliged to give consent to our use of non-essential cookies and we will not place such cookies until you have given your consent.

If you wish to block or delete cookies, or you would like to withdraw consent to our use of nonessential cookies, you can find out how to do so below.

What do we do with cookies?

Essential Cookies

We use such cookies where they are essential for the operation of the Website, for example to remember that you are signed in to the Website (when applicable)

Session Cookies

We use such cookies to allow the Website to uniquely identify your browsing session on our Website, which allows us to coordinate this information with data from our Website server.

Analytics Cookies

It is important for us to understand how you use Our Site, for example, how efficiently you navigate around it and which features you interact with: Where permitted by law, We may use certain analytics cookies that help Us gather this information without requiring your consent. These cookies are used solely to improve the performance and usability of Our Site and do not collect information that identifies you personally. Where analytics cookies are used for any other purpose or involve tracking, We will always request your consent.

The following first and third party Cookies may be placed on your computer or device:

Name of Cookie

Purpose

Strictly  Necessary

_cfuvid

Cloudflare sets this cookie to track users across sessions to optimize user experience by maintaining session consistency and providing personalized services

Third party necessary cookie

cookieyes-consent

CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on their subsequent visits to this site. It does not collect or store any personal information of the site visitors.

First party necessary cookie

__cf_bm

This cookie, set by Cloudfare, is used to support Cloudfare Bot Management

First party necessary cookie

What Happens When You Refuse, Block Or Delete Cookies?

In order to use some parts of our Website you will need to accept cookies. If you choose to withhold consent to our use of cookies, or you subsequently block or delete cookies, some aspects of our Website may not work properly and you may not be able to access all or part of our Website.

Can You Block Cookies?

You can block the use of cookies altogether by activating the relevant settings in your browser.

LINKS

For the convenience of users of this website, there may be links to third-party websites. Please be aware that any third-party websites that you may link to from this website are out our control and we are not responsible for their privacy practices or content. We suggest contacting those websites directly for information on their privacy policies.

UPDATES

We keep this policy under regular review and will update it where necessary to reflect changes in the law or Our data practices. Any updates will be added to this policy. This policy was last updated on: 22nd October 2025.

CONTACT DETAILS

If you have any queries concerning this policy, please contact us at:


Tracer Ltd.,
39 Victoria Road,
Bromsgrove,
Worcestershire,
B61 0DW,


Email:iona@tracerinsights.com
Telephone: 07775 823334