This Privacy Policy explains how TrustCheck collects, uses, stores, shares, and protects personal information and customer data when you use the platform.
1. Information We Collect
- Account data: name, email, password hash, role, preferences, support requests, login activity, and verification status.
- Organization data: company name, website, industry, team members, billing plan, verification records, authorization documents, and points of contact.
- Asset and scan data: domains, URLs, APIs, repositories, IPs, social handles, brand names, email domains, scan settings, findings, reports, monitoring runs, screenshots, and evidence files.
- Billing data: transaction references, invoice records, plan details, add-ons, and payment status. Payment card details are handled by payment providers and are not intentionally stored by TrustCheck.
- Integration data: provider names, configuration metadata, delivery logs, test results, and encrypted credentials or tokens where required.
- Technical data: IP address, device/browser metadata, cookies, logs, API requests, audit events, and security telemetry.
2. How We Use Information
We use information to create accounts, authenticate users, verify organizations and assets, run scans, monitor assets, detect impersonation, generate reports, issue badges, manage billing, deliver alerts, provide support, prevent abuse, improve reliability, comply with legal obligations, and secure the platform.
3. Security And Sensitive Data
Security findings, uploaded evidence, authorization documents, scan results, and reports may contain sensitive information. We restrict access to authorized organization users and TrustCheck personnel who need access to operate, support, secure, or audit the service.
4. AI And Automated Insights
TrustCheck may generate risk summaries, recommendations, and prioritization insights from your scan data. AI-generated guidance is informational and should be reviewed by qualified personnel before action.
5. Sharing And Disclosure
We do not sell customer data. We may share limited information with hosting, email, payment, analytics, security, monitoring, support, and integration providers that help operate the service. Public badge and trust profile pages only show approved public-facing information such as organization name, badge status, tested scope, issue date, expiry, and public verification details.
6. Cookies And Tracking
We use cookies and similar technologies for login sessions, security, preferences, analytics, and product reliability. See the Cookie Policy for more detail.
7. Retention
We retain data while your account is active or as needed for security, billing, audit, legal, contractual, and operational purposes. You may request deletion, but some data may be retained when required for legal, security, dispute, fraud-prevention, or compliance reasons.
8. Your Choices And Rights
You can update account details, manage notifications, revoke API keys, remove integrations, delete eligible evidence, and request privacy assistance. Depending on your location, you may have rights to access, correct, delete, restrict, export, or object to certain processing.
9. International Processing
TrustCheck and its service providers may process information in countries other than your own. Where required, we rely on contractual, operational, or legal safeguards for international transfers.
10. Children
TrustCheck is intended for business users and is not directed to children. Do not create an account if you are not legally permitted to use business security services.
11. Changes
We may update this Privacy Policy. Material updates may be announced in the product or by email.
12. Contact
For privacy questions or requests, contact support@trustcheck.io.