Privacy Policy

Trevion Group ("Trevion Group", "we", "us", or "our") is committed to protecting personal data and handling information in a transparent, lawful, and responsible manner. This Privacy Policy explains how we collect, use, store, disclose, and otherwise process personal data in connection with our website, business communications, and related activities.

By using this website or contacting us through the channels provided on it, you acknowledge that your personal data may be processed in accordance with this Privacy Policy.

1. Who We Are

Trevion Group is a European B2B company engaged in the trading and supply of biofuels, renewable feedstocks, circular raw materials, and related commodities.

If you have any questions regarding this Privacy Policy or the way your personal data is handled, you may contact us using the details above.

2. Scope of This Privacy Policy

This Privacy Policy applies to personal data processed:

• through our website
• in connection with business inquiries and communications
• during pre-contractual and commercial discussions
• in connection with supplier, partner, customer, and counterparty interactions
• through technical systems used to maintain website functionality, security, and analytics, where applicable

This Privacy Policy does not apply to third-party websites, platforms, or services that may be linked from our website and that operate under their own privacy policies.

3. Categories of Personal Data We May Collect

Depending on your interaction with us, we may collect and process the following categories of personal data:

3.1 Contact and Identification Data

• full name
• company name
• job title or position
• email address
• telephone number
• business address
• country and market-related details
• other contact details voluntarily provided by you

3.2 Business Communication Data

• inquiry content
• correspondence records
• meeting notes
• commercial requests
• transaction-related preliminary information
• documents and information shared with us in connection with potential cooperation

3.3 Technical and Usage Data

• IP address
• browser type and version
• device identifiers
• operating system
• pages visited
• referral source
• session behavior
• approximate location derived from technical data
• date and time of website access
• logs and security-related data

3.4 Compliance and Due Diligence-Related Data

Where relevant to legitimate business operations, legal compliance, or pre-contractual assessment, we may process limited information required for counterparty verification, business due diligence, sanctions screening, compliance reviews, or transaction feasibility assessments.

4. How We Collect Personal Data

We may collect personal data:

• directly from you when you contact us
• when you communicate with us by email, phone, or other business channels
• when you provide information in the context of a commercial inquiry
• automatically through website logs, cookies, or analytics technologies, where applicable
• from publicly available business sources where appropriate and lawful
• from professional advisers, service providers, or counterparties in the course of business interactions

5. Purposes of Processing

We may process personal data for the following purposes:

5.1 Website Administration and Security

• maintaining website availability, integrity, and security
• identifying technical issues
• preventing misuse, unauthorized access, or malicious activity
• monitoring performance and system stability

5.2 Business Communication

• responding to inquiries
• communicating regarding products, services, and potential cooperation
• managing ongoing business correspondence
• arranging calls, meetings, and follow-up communication

5.3 Pre-Contractual and Commercial Purposes

• assessing business opportunities
• evaluating requests for supply, sourcing, or cooperation
• conducting preliminary transaction discussions
• supporting commercial negotiations and relationship management

5.4 Compliance, Risk Management, and Legal Obligations

• complying with applicable laws, regulations, and industry requirements
• performing internal compliance checks and due diligence
• supporting documentation, traceability, and business integrity processes
• responding to legal claims, regulatory requests, or law enforcement obligations

5.5 Internal Business Improvement

• improving the content, structure, and functionality of our website
• understanding general website usage trends
• improving communications and user experience
• maintaining internal records and audit trails

6. Legal Bases for Processing

Where applicable under the GDPR or other relevant data protection laws, we process personal data on one or more of the following legal bases:

6.1 Consent

Where you voluntarily provide information and consent is required, we may process your data on the basis of your consent.

6.2 Legitimate Interests

We may process personal data where necessary for our legitimate interests, including:

• conducting and developing our business
• managing commercial relationships
• protecting our website and systems
• ensuring operational security
• responding to business inquiries
• assessing commercial opportunities
• maintaining documentation and internal controls

6.3 Contract or Pre-Contractual Measures

We may process personal data where necessary to take steps prior to entering into a contract or to perform obligations related to a contract.

6.4 Legal Obligation

We may process personal data where required to comply with applicable legal, regulatory, tax, accounting, compliance, or reporting obligations.

7. Data Sharing and Disclosure

We do not sell personal data. We may disclose personal data only where necessary and appropriate, including to:

• IT service providers and website hosting providers
• analytics, maintenance, and security service providers
• professional advisers, including legal, compliance, tax, or audit advisers
• business partners or counterparties where required in the context of legitimate business discussions
• public authorities, regulators, courts, or law enforcement bodies where required by law or legitimate legal process
• other service providers engaged under confidentiality and data protection obligations

Where third parties process personal data on our behalf, we seek to ensure appropriate contractual and organizational safeguards.

8. International Data Transfers

Where personal data is transferred outside the European Economic Area, we will seek to ensure that such transfer is subject to appropriate safeguards in accordance with applicable law, including where relevant:

• adequacy decisions
• standard contractual clauses
• other lawful transfer mechanisms

9. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes for which it was collected, including for:

• responding to inquiries
• managing business relationships
• documenting pre-contractual and commercial interactions
• compliance and audit purposes
• defending or establishing legal claims
• meeting legal and regulatory retention requirements

Retention periods may vary depending on the nature of the data, the purpose of processing, and legal obligations applicable to us.

10. Data Security

We take reasonable technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access.

Such measures may include:

• access controls
• internal confidentiality practices
• secure systems and infrastructure
• limited data access on a need-to-know basis
• monitoring and administrative safeguards appropriate to the nature of the data processed

However, no method of electronic transmission or storage is entirely secure, and we cannot guarantee absolute security.

11. Your Rights

Subject to applicable law, you may have the right to:

• request access to your personal data
• request correction of inaccurate or incomplete data
• request erasure of your personal data
• request restriction of processing
• object to certain processing activities
• request data portability where applicable
• withdraw consent where processing is based on consent
• lodge a complaint with a competent supervisory authority

Where you wish to exercise any of these rights, please contact us using the contact details provided in this Privacy Policy. We may need to verify your identity before responding to such requests.

12. Cookies and Similar Technologies

Our website may use cookies or similar technologies for essential website functions, analytics, performance measurement, or user experience improvement.

Where required by law, cookies that are not strictly necessary should be used only with appropriate notice and consent mechanisms. If a separate cookie notice or cookie banner is implemented, it should be read together with this Privacy Policy.

13. Third-Party Links

Our website may contain links to external websites or platforms operated by third parties. We are not responsible for the privacy practices, content, or policies of such third-party resources. We encourage users to review the privacy policies of those third parties before providing any personal data.

14. Children's Data

This website and our services are intended for business and professional use. We do not knowingly collect personal data from children or target this website to minors.

15. Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time in order to reflect legal, regulatory, operational, or website-related changes. Any updated version will be published on this page with an updated revision date.

16. Contact and Data Protection Requests

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact:

We will make reasonable efforts to respond to privacy-related requests in accordance with applicable law.