Last updated: 4th June, 2026
AXITRAQ is a product of Aditech Pty Ltd (ABN 73 614 893 473). References to "AXITRAQ", "we", "us" or "our" in this policy refer to Aditech Pty Ltd and the AXITRAQ platform operated at axitraq.com, axitraq.com.au, axitraq.uk and axitraq.app.
For customers who access AXITRAQ through axitraq.uk, Aditech Pty Ltd acts as the data controller of personal information collected from United Kingdom customers and users. This policy outlines how we collect, use, store, and protect your personal information, and explains the rights you have under the UK General Data Protection Regulation (UK GDPR) as retained in UK law by the European Union (Withdrawal) Act 2018, and the Data Protection Act 2018. We know that providing personal information is an act of trust and we take that trust seriously.
AXITRAQ will never sell, rent or otherwise disclose any of your personal information, including your email address, to any unassociated third party without your prior and explicit consent. Unless you give us specific consent to act otherwise, the following privacy policy will govern how we handle the personal information that you provide to us.
This policy applies to data that identifies you and is provided by you (or your organisation) in the course of using the AXITRAQ platform. You should read it in conjunction with the AXITRAQ Terms of Service, of which this Privacy Policy forms part.
When you or your organisation sign up for a subscription to AXITRAQ, we collect and store:
We store the account, organisation and billing information above so we can operate your account, manage your subscription, and issue receipts. We do not store your credit or debit card number. When you subscribe, your card details are entered into and held securely by Paddle.com, our Merchant of Record for SaaS subscriptions (see Section 3).
Your organisation may enter the following data about employees and contractors into the platform:
In the course of using the platform, the following data may be collected:
When using the AXITRAQ mobile or tablet application, GPS coordinates may be collected at the time of:
Location data is collected to provide operational visibility to your organisation's managers and is only accessible within your organisation's account.
AXITRAQ offers AI-assisted features including optical character recognition (OCR) for invoices, compliance plates, and registration labels. When you use these features, the images you submit are transmitted to third-party AI services for processing (see Section 4). Images are processed in real time and are not retained by these third-party providers beyond the duration of the request.
If you use the in-app help or support chat, we collect your messages, the page context from which you initiated the chat, and your user/company details to provide assistance.
AXITRAQ uses cookies on its websites to facilitate the login process and for security purposes. A cookie is a small amount of data sent to your web browser from our server and stored on your device.
Our marketing website may use analytics to understand visitor engagement and improve our service. This data is aggregated and does not personally identify individual visitors.
Most browsers are initially set to accept cookies. You can configure your browser to refuse cookies or alert you when one is sent; however, some features of the platform may not function correctly if cookies are disabled.
For full details of the cookies and similar technologies we use, see our Cookie Policy.
We use the information we collect to:
We may contact you from time to time with product updates, new features, or relevant service information. You may opt out of marketing communications at any time, but transactional notifications required for the operation of your account cannot be unsubscribed from.
AXITRAQ does not store your credit or debit card number. All card data is captured and held by our PCI-DSS compliant payment providers. We use two different providers depending on what you are buying.
Our subscription plans (Basic, Standard, Premium, Custom and any subscription add-ons such as mobile number rentals) are sold through Paddle.com Market Limited ("Paddle"), who acts as the Merchant of Record for these transactions. This means Paddle is the seller of record and is responsible for processing payment, handling card data, calculating and remitting applicable taxes, and managing billing and renewals.
When you subscribe, you provide your payment details directly to Paddle. Your credit/debit card number is stored and processed by Paddle, not by AXITRAQ. We receive only the information needed to operate your account and manage your subscription — for example your company and billing contact details, the plan you selected, the masked card type and last four digits, billing country, subscription status, renewal dates, and transaction receipts. Paddle may appear as the merchant on your card or bank statement. Paddle's handling of your information is governed by the Paddle Buyer Privacy Notice.
Physical products (asset labels, QR tags) and consumable stock-list materials are sold directly by Aditech Pty Ltd — not through Paddle. These purchases are billed through Zoho Subscriptions and processed by Stripe. Card details for these purchases are transmitted directly to, and tokenised by, Stripe and are never stored on AXITRAQ servers. The privacy and security policies of Stripe and Zoho apply to the handling of that payment information.
To deliver our services, we engage the following categories of third-party providers:
We only share the minimum information necessary for each provider to deliver their specific service. We do not sell or provide your personal information to third parties for their own marketing purposes.
AXITRAQ will not disclose your personally identifiable information to third parties other than our service providers as stated above, except where:
In the event of unlawful use of the platform, AXITRAQ reserves the right to suspend or delete the associated account and provide relevant information to the appropriate authorities upon request.
If Aditech Pty Ltd is acquired by, merges with, or sells assets to a third party, personal data held by AXITRAQ may be transferred as part of that transaction. Any such transfer will remain subject to the commitments made in this Privacy Policy or its equivalent at the time of transfer.
Data collected through the AXITRAQ platform is stored within the region you select at sign-up and never crosses that border. For United Kingdom customers, your data is hosted in the UK on secure servers (AWS London) and stays in the United Kingdom. We operate active dual-region hosting within each region for high availability. You can view the region your data is held in at any time on the Company page inside the platform.
We employ the following security measures:
While we take every reasonable measure to protect your data, no transmission over the Internet can be guaranteed to be 100% secure. You transmit information to us at your own risk.
AXITRAQ operates as both a data controller and a data processor, depending on the context:
When we act as a data controller. We are the data controller for personal information we collect directly from Account Owners, Managers, and billing contacts — for example, when you register an account, manage a subscription, or contact us for support. We determine the purposes and means of processing this information.
When we act as a data processor. When your organisation uses the AXITRAQ platform to store and manage information about your employees, contractors, and clients, your organisation acts as the data controller of that information. We process it only on your behalf, under your instructions, and as described in this policy. If you or a member of your team has questions about how your organisation processes your personal information through AXITRAQ, please contact your company administrator directly.
A Data Processing Addendum (DPA) is available for organisational customers on request. Please contact hello@axitraq.com.
Under UK GDPR, we are required to identify a lawful basis for each type of personal data we process. The table below sets out our processing activities, the personal data involved, and the lawful basis we rely on.
| Processing Activity | Personal Data Involved | Lawful Basis (UK GDPR Article 6) |
|---|---|---|
| Account registration and setup | Name, email, company name, address, phone number | 6(1)(b) — Performance of contract; taking steps to enter a contract at your request |
| Subscription billing and management | Billing contact details, subscription plan, billing history | 6(1)(b) — Performance of contract |
| Delivering the AXITRAQ platform and its features | Account data, asset data, operational records, GPS location data | 6(1)(b) — Performance of contract |
| Customer support and responding to enquiries | Contact details, support messages, account context | 6(1)(b) — Performance of contract; 6(1)(f) — Legitimate interests (providing effective support) |
| Sending transactional notifications (billing alerts, maintenance due dates, security alerts) | Email address, notification preferences | 6(1)(b) — Performance of contract |
| Processing AI-assisted OCR (invoice scanning, compliance plate recognition) | Images submitted for processing; data extracted from those images | 6(1)(b) — Performance of contract |
| Security monitoring, fraud prevention, and platform integrity | Account activity, login history, IP addresses | 6(1)(f) — Legitimate interests (protecting our platform, customers, and business from fraud and unauthorised access) |
| Product improvement and analytics | Aggregated, de-identified usage data | 6(1)(f) — Legitimate interests (improving our services) |
| Marketing communications (product updates, feature announcements) | Email address, subscription details | 6(1)(a) — Consent (you may withdraw consent at any time by unsubscribing) |
| Compliance with legal obligations (tax, financial records, law enforcement requests) | Relevant account and transaction data | 6(1)(c) — Legal obligation |
Legitimate Interests. Where we rely on legitimate interests (Article 6(1)(f)), we have assessed that our interests are not overridden by your interests or fundamental rights. If you would like more information about our legitimate interests assessments, please contact us at hello@axitraq.com.
Withdrawing Consent. Where we rely on consent as the lawful basis, you have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out before you withdrew consent. To withdraw consent for marketing communications, click the unsubscribe link in any marketing email or contact hello@axitraq.com.
Special Category Data. We do not intentionally collect or process special category personal data (such as health data, biometric data, racial or ethnic origin, political opinions, religious beliefs, trade union membership, or sexual orientation) through the AXITRAQ platform. If your organisation inadvertently enters such data, you should ensure you have an appropriate lawful basis for doing so under your own UK GDPR obligations.
You play an important role in keeping your information secure:
Your organisation's nominated manager(s) can access and update employee, contractor, and organisational information through the AXITRAQ dashboard. Under the UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal information:
Right of Access (Subject Access Request). You have the right to obtain confirmation of whether we process personal information about you, and to receive a copy of that information, together with details of the purposes of the processing, the categories of data, and the recipients of the data. We will respond to subject access requests within one calendar month of receipt (extendable by a further two months for complex or multiple requests, with notice provided within the first month).
Right to Rectification. You have the right to request that we correct any inaccurate personal information we hold about you, and to have incomplete personal information completed.
Right to Erasure ("Right to be Forgotten"). You have the right to request that we delete personal information we hold about you where: it is no longer necessary for the purposes for which it was collected; you withdraw consent and there is no other lawful basis; you object to processing and there are no overriding legitimate grounds; the data has been unlawfully processed; or deletion is required to comply with a legal obligation. This right does not apply where we are required to retain data by law or to establish, exercise, or defend legal claims.
Right to Restriction of Processing. You have the right to request that we restrict the processing of your personal information in certain circumstances — for example, where you contest the accuracy of the data, while we verify it.
Right to Data Portability. Where we process your personal information by automated means on the basis of your consent or a contract, you have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.
Right to Object. You have the right to object to processing of your personal information where we rely on legitimate interests as the lawful basis. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or unless the processing is for the establishment, exercise, or defence of legal claims. You have an unconditional right to object to processing for direct marketing purposes.
Rights Related to Automated Decision-Making. You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significantly affects you. AXITRAQ does not make automated decisions of this nature in relation to our customers or users.
How to Exercise Your Rights. To exercise any of the rights above, contact us using the details in Section 11 below. We will respond to all verified requests within one calendar month. We will not charge a fee for reasonable requests; however, we may charge a reasonable administrative fee, or refuse, manifestly unfounded or excessive requests. We may need to verify your identity before processing your request, and will ask you to provide information to confirm your identity and, where applicable, your authorised representative's authority.
Your personal information may be transferred to, and processed in, countries outside the United Kingdom. When this occurs, we take steps to ensure that appropriate safeguards are in place to protect your personal information.
Transfers to Australia. AXITRAQ is operated by Aditech Pty Ltd, an Australian company. Certain personnel and systems in Australia may access your data in order to administer your account, provide support, and operate the platform. The United Kingdom has not made an adequacy decision in respect of Australia. We rely on UK International Data Transfer Agreements (IDTAs) as the mechanism for these transfers, which provide binding contractual protections equivalent to those required under the UK GDPR.
Anthropic (Claude — AI Processing). When you use AI-assisted features (invoice OCR, compliance plate recognition), images are transmitted to Anthropic, Inc., a company based in the United States. The United States does not have a UK adequacy decision. We rely on the UK International Data Transfer Agreement (IDTA) framework to protect these transfers. Images are processed in real time and are not retained by Anthropic beyond the duration of the request.
Amazon Web Services (AWS). Your data is hosted in AWS London (UK region). However, certain AWS services that we use (such as AWS Textract for document processing) may process data in other regions. AWS maintains UK GDPR-compliant data processing addenda and relevant transfer mechanisms.
Paddle.com Market Limited. Paddle is registered in England and Wales. Billing processing by Paddle is not a transfer outside the UK.
Google Maps. Google LLC (US) provides mapping features. Google maintains standard contractual clauses and UK transfer addenda for these services.
You may request a copy of the relevant transfer safeguards we rely on by contacting hello@axitraq.com.
We retain your personal information for as long as your account is active or as needed to provide our services. If your account is closed, we may retain certain information as required by law, to resolve disputes, or to enforce our agreements. De-identified or aggregated data that cannot identify you may be retained indefinitely for analytical purposes.
We may update this policy from time to time to reflect changes in our services, legal requirements, or business practices. The "Last updated" date at the top of this page will be revised accordingly. We encourage you to review this policy periodically. Continued use of the AXITRAQ platform after changes are posted constitutes acceptance of the updated policy.
If you have any questions about this Privacy Policy, your personal information, or your dealings with AXITRAQ, please contact us:
Under the UK GDPR and the Data Protection Act 2018, you have the right to request a copy of the personal information we hold about you and to exercise the other rights described in Section 8. We will respond to all legitimate requests within one month, as required by the UK GDPR.
If you are a United Kingdom resident and have concerns about how we handle your personal information, you have the right to lodge a complaint with the UK's data protection supervisory authority:
Information Commissioner's Office (ICO)
We would appreciate the opportunity to address your concerns before you approach the ICO. Please contact us first at hello@axitraq.com and we will make every effort to resolve the matter promptly.
Our platform and website may contain links to third-party websites. AXITRAQ is not responsible for the privacy practices or content of those external sites. We recommend reviewing the privacy policies of any third-party website before providing your personal information.