Privacy Policy

This Privacy Policy explains how TrustProve.co (“TrustProve”, “we”, “us”, “our”) collects, uses, stores, and shares information when you use our website, application, public profiles, score badges, APIs, browser extension, and related services.

This policy applies to personal information we process as a service provider and platform operator. It should be read together with our Terms of Service.

TrustProve acts as a platform provider for users and organizations using commitment, verification, scoring, and trust display features. Depending on the feature and context, we may act as a service provider/processor, controller/business, or both under applicable law.

This Privacy Policy covers data processed through our website, app, public pages, APIs, browser extension, support channels, and operational systems used to run the Services.

Account and profile data: name, username, email address, password hash, avatar, bio, location, website, subscription tier, account settings, and privacy preferences.

Commitment and workflow data: commitment details, deadlines, domains, weights, signatures, status changes, fulfillment outcomes, dispute submissions, dispute responses, moderation outcomes, timestamps, and related event history.

Evidence and uploads: files, URLs, metadata (such as filename, content type, and size), and storage references for evidence and avatars.

Trust and scoring data: score values, score bands, score history, derived scoring signals, anti-gaming flags, and related analytics used to operate reliability scoring.

Payments and billing data: subscription status, billing events, plan changes, and payment processor references. Payment card data is generally processed by our payment provider (such as Stripe), not stored directly by TrustProve.

Technical and usage data: IP address, device/browser information, logs, API usage, authentication events, security events, cookies/session identifiers, and diagnostics.

Extension and integration data: limited profile context needed to resolve supported profiles (for example, platform and profile identifier), extension auth state, and integration connection metadata (such as GitHub account linkage).

Communications and support data: messages sent to support, contact form submissions, admin review notes, and records related to troubleshooting, disputes, or account recovery.

We collect information directly from you (for example, account registration, commitments, uploads, and settings), from your use of the Services (for example, logs and usage events), from counterparties and dispute participants, and from integrations you authorize.

We may also receive information from service providers or payment processors as needed to provide billing, fraud prevention, support, and operational functions.

TrustProve does not require you to provide sensitive personal information (such as government IDs, biometric identifiers, health information, or precise geolocation) to use core Services unless explicitly requested for a specific feature or legal requirement.

Please do not upload unnecessary sensitive personal information in evidence or dispute submissions. If such information is submitted, it may be processed as part of the relevant workflow subject to this Policy and our Terms.

We use information to provide and improve the Services, including account management, commitments, signatures, disputes, score calculation, badges, verification pages, extension features, APIs, and subscription billing.

We use data to secure the platform, detect abuse and score manipulation, enforce plan limits, prevent fraud, investigate incidents, and maintain auditability.

We use contact information to send transactional messages such as verification emails, password resets, deadline reminders, dispute notifications, billing notices, and service updates based on your preferences and account activity.

We may use aggregated or de-identified analytics to understand product usage and improve performance, reliability, and user experience.

Where permitted by law, we may use your contact details to send product announcements or service updates related to your plan or usage. You can manage marketing preferences where available.

Where required by law (for example, in certain jurisdictions), we process personal information based on legal grounds such as contract performance, legitimate interests, consent, and compliance with legal obligations.

Examples include: contract performance for account access and billing; legitimate interests for fraud prevention and service monitoring; consent for certain communications or optional features; and legal obligations for tax, accounting, or law-enforcement compliance.

TrustProve provides public profile pages, score badges, and verification pages that may display profile details, score values, score bands, and commitment-related information depending on your privacy settings and feature usage.

Your privacy controls affect what is shown publicly. Some data may still be visible where needed to operate verification workflows, fulfill legal obligations, prevent fraud, or enforce our Terms.

TrustProve uses automated processing to calculate score values, score bands, anti-gaming flags, and related TrustProve Signals based on commitment events, status changes, dispute outcomes, and other scoring inputs.

These outputs are intended as product functionality and informational signals. They may affect what is displayed in public profiles, badges, or internal product views, but they are not intended by default to be sole inputs for legally significant decisions.

We share information with service providers that help us operate the Services, such as hosting providers, databases, caching, object storage, email delivery services, payment processors, observability/monitoring tools, and infrastructure vendors.

We share data with counterparties and authorized users as part of commitment, dispute, and verification workflows (for example, commitment terms, status, and evidence submitted in a dispute).

We may share information when required by law, legal process, or to protect rights, safety, security, platform integrity, or users. We may also share information in connection with a merger, acquisition, financing, or sale of assets, subject to applicable law.

We do not sell personal information in exchange for money in the ordinary course of operating TrustProve.

We may share limited public profile or badge data through publicly accessible endpoints intended for verification and embedding where enabled by your settings and product functionality.

Our service providers may include cloud hosting and compute providers, databases and caching services, object storage providers, email delivery vendors, payment processors, observability and monitoring tools, analytics providers, support tooling, and infrastructure security services.

These providers are generally authorized to process data only as necessary to provide services to TrustProve and are subject to contractual or technical controls where applicable.

We use cookies and similar technologies for authentication, session continuity, security, preference storage, and core product functionality. Some parts of the website may also use local storage for UX features (such as saved form preferences).

Disabling cookies may affect sign-in, session management, and other product functionality.

The TrustProve browser extension may process page URL/profile identifiers and session/auth state needed to fetch and display TrustProve information on supported pages. Extension processing is limited to supported platform contexts and TrustProve service functionality.

Extension data may be stored locally in browser extension storage for session continuity and configuration. You can remove the extension and clear browser extension storage at any time.

We collect operational logs, performance metrics, and diagnostics to maintain reliability, debug issues, secure the Services, and monitor abuse. These records may include timestamps, request metadata, device/browser details, and error events.

We may use monitoring and observability vendors to process limited diagnostic data on our behalf subject to contractual or technical controls where applicable.

Some browsers provide “Do Not Track” (DNT) signals. Because there is no uniform standard for DNT interpretation, TrustProve does not currently respond to DNT signals in a standardized way.

Where required by applicable law and technically supported, we may honor recognized browser-based privacy preference signals (such as Global Privacy Control) for applicable rights requests or settings.

We retain information for as long as needed to provide the Services, operate commitments and dispute records, maintain billing and audit records, enforce our Terms, resolve disputes, and meet legal, security, and compliance obligations.

Retention periods may vary by data type (for example, account records, billing events, security logs, and uploaded evidence). We may delete or de-identify data when it is no longer needed, subject to backups and legal requirements.

Backups may persist for a limited retention period before rotation or deletion. During that period, deleted records may remain in backup archives until backup expiration.

If you deactivate or request deletion of your account, we may delete or anonymize certain information, subject to legal, billing, fraud prevention, audit, dispute resolution, security, and backup retention requirements.

Some records related to commitments, transactions, disputes, or public verification workflows may be retained where necessary to preserve platform integrity, resolve claims, comply with law, or maintain audit trails.

We use technical and organizational measures designed to protect information, including authenticated access controls, encrypted transport, signed workflows where supported, upload validation, logging, and security monitoring.

No system is completely secure. You are responsible for protecting your credentials, devices, API keys, signing keys, and extension sessions.

If we become aware of a security incident affecting personal information, we will investigate, take reasonable containment and remediation steps, and provide notifications as required by applicable law.

To report a suspected vulnerability or security issue, use our contact/support channel and include steps to reproduce where possible.

You can update profile and privacy settings, manage email preferences, and control certain public profile visibility options from your account settings.

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal information, or to object to certain processing. You may also request a copy of your data where applicable by law.

To exercise privacy requests, contact us through the TrustProve contact page or support channel. We may need to verify your identity before fulfilling a request.

Where allowed by law, you may designate an authorized agent to submit requests on your behalf. We may require proof of authorization and identity verification before fulfilling the request.

If we deny a request, you may have the right to appeal the decision depending on your jurisdiction. Contact us through our support/privacy channel and reference the original request.

You can manage certain communication preferences in your account settings, including some email notifications. Transactional messages related to security, billing, account access, commitments, disputes, and service operations may still be sent as needed to provide the Services.

Residents of certain U.S. states may have rights to know, access, correct, delete, or obtain information about categories of personal information collected, used, or disclosed, subject to exceptions.

If applicable law grants you these rights, you may submit a request through our contact/support channel. We will not discriminate against you for exercising legal privacy rights, except as permitted by law.

TrustProve is not intended for children under the age required by applicable law to consent to online services. If you believe a child has provided personal information to TrustProve without appropriate consent, contact us so we can investigate and take appropriate action.

TrustProve and our service providers may process information in multiple countries. By using the Services, you understand that your information may be transferred to and processed in jurisdictions that may have different data protection rules than your home jurisdiction, subject to applicable legal safeguards.

Where required by law, we use appropriate transfer mechanisms or safeguards for international transfers of personal information, which may include contractual protections or other legally recognized transfer tools.

You may contact us for more information about applicable transfer safeguards, subject to confidentiality and legal limitations.

Our Services may link to third-party sites or display content from third parties. This Privacy Policy does not apply to third-party websites, services, or embedded content that we do not control.

Please review the privacy policies of third-party services you use in connection with TrustProve (including payment processors and integrated platforms).

We may update this Privacy Policy to reflect changes in our Services, legal obligations, or data practices. We will post the updated policy on this page and update the “Last updated” date. Material changes may also be communicated through the product or email where appropriate.

If you have privacy questions, security concerns, or data rights requests, contact us through the website contact page or support channel listed on TrustProve.co.

To protect users and prevent unauthorized disclosures, we may request information needed to verify your identity before processing privacy requests. If we cannot verify your identity, we may deny or limit the request as permitted by law.

We aim to respond within timeframes required by applicable law. Complex requests may require additional time, and we will notify you where required.