PRIVACY POLICY

Last updated: October 16, 2025

1. Introduction

This Privacy Policy describes how Trophic UG (“Trophic”, “we”, “our”, or “us”) collects, uses, and protects your personal information when you use our products, services, websites, or applications (collectively, the “Trophic Platform”).
We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR).

2. Information We Collect

The type of information we collect depends on how you interact with Trophic and our products.

2.1 Information you provide directly

We collect personal and business information that you share with us when:

  • You sign up for an account or submit a contact form

  • You request a demo or consultation

  • You communicate with our team

  • You use any of our products (e.g., our venture platforms, dashboards, or applications)

This may include your name, email address, company information, phone number, project details, and messages you send.

2.2 Usage data

We automatically collect information about how you use our platform, including:

  • Log data such as IP address, browser type, device information, operating system, and timestamps

  • Product usage metrics (e.g., pages viewed, actions performed, time spent)

  • Interaction data for debugging and performance improvement

2.3 Transactional and communication data

If you make payments or purchases through our platform, we collect relevant transaction data (e.g., payment method, billing details, subscription plan).
We also collect information related to communications, support requests, and feedback.

2.4 Data provided by third parties

We may receive business contact information or usage data from partners, public databases, or third-party integrations (e.g., analytics or CRM systems).

3. How We Use Your Information

We use the information we collect to:

  • Operate and maintain the Trophic Platform

  • Provide and improve our products and services

  • Customize and personalize your user experience

  • Communicate with you (product updates, support, and offers)

  • Analyze performance and usage for business development

  • Ensure compliance, security, and fraud prevention

We do not sell personal information to third parties.

4. How We Share Information

We may share your data only when necessary to provide our services or comply with legal obligations:

  • Service providers: We work with trusted vendors who provide hosting, infrastructure, analytics, communications, and security services. All vendors are GDPR-compliant.

  • Business partners: In some cases, we collaborate with partners or clients (e.g., venture co-investors) as part of project delivery.

  • Legal authorities: We may disclose data if required by law, regulation, or to protect the rights and safety of Trophic and its users.

  • Business transfers: In the event of a merger, acquisition, or restructuring, your information may be securely transferred as part of that process.

All data sharing is conducted under confidentiality and data processing agreements (DPAs).

5. Legal Basis for Processing (GDPR)

We process your personal data based on one or more of the following legal bases:

  • Performance of a contract: to deliver products or services you have requested

  • Legitimate interests: to maintain, secure, and improve our operations and client relationships

  • Consent: where you have explicitly agreed (e.g., for marketing communications)

  • Legal obligation: to comply with applicable laws and regulations

We do not sell personal information to third parties.

6. Data Retention and Deletion

We retain data only as long as necessary for business, legal, or security reasons.
When information is no longer required, we securely delete or anonymize it.
You may request data deletion at any time by contacting hey@trophic.io.

7. Your Rights Under GDPR

You have the right to:

  • Access, correct, or delete your personal data

  • Withdraw consent where processing is based on consent

  • Request data portability (export of your data)

  • Object to processing in certain cases (e.g., direct marketing)

  • File a complaint with a data protection authority

To exercise your rights, contact us at privacy@trophic.ai.

8. Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit and at rest

  • Access controls and authentication

  • Regular security audits and monitoring

Despite these measures, no digital system is completely secure, and users should exercise caution when sharing personal information online.

9. International Data Transfers

All primary data processing occurs in the European Union (EU).
Where data is transferred outside the EU (e.g., for cloud hosting or service integrations), we ensure adequate safeguards such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.

10. Changes to This Policy

We may update this Privacy Policy periodically.
If significant changes are made, we will notify you via email or a notice on our website before the new policy takes effect.

11. Contact Us

If you have questions or concerns about this Privacy Policy or how Trophic handles your data, please contact:
Codemellow UG
Email: hey@trophic.io
Address: Susannenstraße 21A, Hamburg