materiq
Sign InRegister

Privacy Policy

Last updated: April 2026

1. Data Controller

materiq is the data controller for personal data collected through this platform. We process personal data in accordance with UK GDPR and the Data Protection Act 2018.

2. Data We Collect

We collect: company registration details (name, address, registration number); contact information (name, email, phone); food safety certification details; material category preferences; platform usage data; billing and payment information (processed by Stripe); and audit trail data for compliance purposes.

3. Legal Basis for Processing

We process personal data on the following bases: (a) contract performance — to provide platform services; (b) legitimate interests — to maintain platform security, prevent fraud, and improve services; (c) legal obligation — to comply with UK food safety and business regulations; (d) consent — where specifically requested.

4. Data Sharing

We share data only as necessary: with Stripe for payment processing (see section 5); with trading counterparties when workflow rules permit (e.g., after interest acceptance); with our hosting providers (Supabase, Vercel) for platform operation. We do not sell personal data. Seller identity is protected until workflow rules allow release.

5. Payment Processing & Stripe

Platform fee payments are processed by Stripe Payments Europe, Ltd. (“Stripe”). When you make a payment on materiq, the following data is shared with Stripe:

  • Your payment card details (entered directly into Stripe's secure form — materiq never sees or stores full card numbers)
  • Transaction amount and currency
  • Your company name and email address (for receipt and fraud prevention purposes)
  • Your IP address and browser metadata (collected by Stripe for fraud detection via Stripe Radar)

Stripe processes this data as an independent data controller under its own Privacy Policy. Stripe is PCI DSS Level 1 certified and stores card data on its own infrastructure. materiq receives only: payment status, a truncated card reference (last four digits and brand), transaction ID, and receipt URL. This data is retained in our billing records.

The legal basis for sharing data with Stripe is contract performance (processing the payment you have requested) and legitimate interest (fraud prevention).

6. Data Storage and Security

Data is stored on UK/EU-hosted infrastructure. We implement row-level security, encryption at rest and in transit, role-based access controls, and audit logging. Access to personal data is restricted to authorised personnel only.

7. Your Rights

Under UK GDPR, you have the right to: access your personal data; rectify inaccurate data; request erasure (subject to legal retention requirements); restrict processing; data portability; object to processing; and withdraw consent. Contact us to exercise these rights.

8. Data Retention

We retain personal data for as long as necessary to provide platform services and comply with legal obligations. Audit trail data is retained for a minimum of 6 years. You may request deletion of your account, subject to our legal retention requirements.

9. Contact

For data protection enquiries, contact us at privacy@materiq.io.