Privacy & consent
The Privacy & Consent page puts you in control of how Traceable processes your data. This includes AI processing consent, data exports under GDPR, cookie preferences, and email notification preferences. Navigate to Settings → Privacy & Consent to manage these settings.
AI Processing Consent
What It Means
Traceable's Document AI feature uses Anthropic Claude to analyse compliance documents you upload — for example, to extract battery chemistry data from a manufacturer's test report, identify missing fields in a Declaration of Conformity, or summarise a supplier's technical file. This involves sending the content of uploaded documents to Anthropic's API for processing.
AI processing is governed by Anthropic's data processing terms. Document content sent for AI analysis is not used to train AI models. However, because third-party processing is involved, explicit consent from your organisation is required before this feature activates.
Document AI does not activate until you give consent. Without consent, all other Traceable features work normally — only the Document AI capabilities are unavailable.
Giving Consent
Consent can be given in two ways:
- First-use modal — the first time any user on your account navigates to a Document AI feature, a consent dialogue is displayed. The user must click I accept to proceed. This records consent on behalf of the account.
- Settings page — navigate to Settings → Privacy & Consent and toggle AI Document Processing to the on position. Confirm in the dialogue that appears.
Consent is recorded at account level, not per user. Any Admin or Manager user can give or revoke consent on behalf of the account.
Revoking AI Consent
To revoke consent:
- Navigate to Settings → Privacy & Consent.
- Toggle AI Document Processing to the off position.
- Confirm the revocation in the dialogue.
Revocation takes effect immediately:
- Document AI features are disabled across all users on your account.
- No further documents are sent to Anthropic for processing.
- Documents that were already processed are not retroactively deleted — the extracted data already stored in your DPPs is not affected. Only future processing is stopped.
Data Export (GDPR Article 20)
Under Article 20 of the General Data Protection Regulation (GDPR), you have the right to receive a copy of the personal and organisational data Traceable holds about you in a portable, machine-readable format.
Requesting a Data Export
- On the Privacy & Consent page, click Request data export.
- Confirm the request in the dialogue.
- Traceable generates your export and emails a download link to your registered account email address within 24 hours.
What the Export Contains
The export is a structured JSON archive containing:
- Your company profile data (legal name, address, contact details).
- Your account metadata (creation date, plan history, last activity).
- All products and DPP data associated with your account.
- All compliance documents (as file references; binary files can be separately requested via support).
- All verifiable credentials issued or received by your account.
- Your full account audit log.
- Your team member list and invitation history.
The export does not include third-party data (e.g., other companies' DPPs that you have viewed, or supplier data that belongs to another account).
Download Link Validity
The download link sent by email is valid for 48 hours. If it expires before you download the file, return to the Privacy & Consent page and submit a new export request.
Cookie Consent
The cookie consent panel lets you manage which categories of cookies Traceable sets in your browser when using the Operator Portal.
| Category | Description | Can be disabled? |
|---|---|---|
| Strictly necessary | Session cookies required for authentication and core platform functionality. | No — required for the platform to function. |
| Performance | Anonymous analytics cookies that help Traceable understand how the platform is used. | Yes |
| Functional | Cookies that remember your preferences (e.g., sidebar state, table sort order). | Yes |
| Marketing | Cookies used to measure the effectiveness of marketing campaigns. | Yes |
Toggle each optional category on or off. Changes take effect immediately and are stored against your account so that your preferences persist across devices and browsers.
Email Preferences
Email preferences let you configure which types of automated emails Traceable sends to your registered email address. Each category can be toggled independently.
| Category | Description |
|---|---|
| Product alerts | Notifications about your own DPPs — e.g., a DPP approaching its review date, a certificate expiring soon. |
| Team alerts | Notifications about team member activity — e.g., a team member has published a DPP or been added to the account. |
| Supply chain updates | Notifications about your supply chain — e.g., a supplier has responded to a data request, a verifier has completed a task. |
| Campaign notifications | Notifications about campaigns — e.g., a campaign acknowledgement received, a recall campaign with outstanding recipients. |
| Marketing | Product updates, feature announcements, and educational content from Traceable. |
To update your preferences:
- Toggle each category on or off as required.
- Click Save preferences.
Transactional emails that are required for account security — such as email verification messages, password reset emails, and two-factor authentication codes — are not subject to email preferences and cannot be disabled.