Skip to content
TruthVouch Docs

Privacy Policy

Last Updated: January 2024

TruthVouch (“we,” “us”) respects your privacy. This policy explains how we collect, use, disclose, and safeguard your information.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email, company, role, phone
  • Billing Information: Credit card (processed by Stripe, not stored by us)
  • Content: Truth nuggets, policies, knowledge base content
  • Communications: Support tickets, feedback, surveys

1.2 Automatically Collected

  • Usage Data: Features used, timestamps, IP address
  • Device Information: Browser type, OS, device type
  • Cookies: Session ID, preferences, analytics
  • Error Logs: Crash reports, debugging information

1.3 From Third Parties

  • LLM Responses: When monitoring AI models, we collect responses
  • Analytics: From Google Analytics and Mixpanel
  • Fraud Prevention: From payment processors

2. How We Use Your Information

We use information to:

  • Provide and improve TruthVouch
  • Process payments and send invoices
  • Send product updates and security alerts
  • Monitor service quality and prevent abuse
  • Comply with legal obligations
  • Support customer service requests
  • Personalize your experience

We do not sell your information to third parties.

3. Data Sharing

We share data with:

3.1 Service Providers (Sub-Processors)

  • AWS: Cloud infrastructure (compute, storage, databases)
  • Stripe: Payment processing
  • SendGrid: Email delivery
  • DataDog: Logging and monitoring
  • Auth0: Authentication

See Sub-Processors for full list.

We may disclose information if required by:

  • Court orders
  • Subpoenas
  • Law enforcement requests
  • GDPR Data Subject Requests

We will notify you of legal requests unless prohibited by law.

3.3 Business Transfers

If TruthVouch is acquired, merged, or sold, your information may be transferred as part of that transaction.

4. Data Retention

  • Account Data: While account is active + 60 days
  • Payment Records: 7 years (tax/legal requirement)
  • Audit Logs: 7 years (compliance requirement)
  • Usage Analytics: 24 months

You can request deletion anytime (see Your Rights below).

5. Your Rights

5.1 Access

You can download your data anytime from Settings → Data Export. Includes all content, settings, and usage history.

5.2 Correction

You can update your account information in Settings.

5.3 Deletion (GDPR Right to Erasure)

You can request deletion of:

  • Your account and all personal data
  • Specific content or files

Send request to privacy@truthvouch.com. We’ll delete within 30 days.

5.4 Portability (GDPR Right to Portability)

You can export your data in machine-readable format (JSON, CSV) anytime from Settings → Data Export.

5.5 Objection to Processing

You can object to certain uses of your data. We’ll honor requests unless we have legal basis to continue processing.

6. International Data Transfers

6.1 US Storage (Default)

Data stored in AWS us-east-1 (Virginia, USA).

6.2 EU Storage (GDPR Compliant)

If you select EU region, data stored in AWS eu-west-1 (Ireland).

6.3 Cross-Border Transfers

If your data is transferred internationally, we rely on:

  • Standard Contractual Clauses (included in DPA)
  • Privacy Shield (if applicable)
  • Your explicit consent

7. Security

7.1 Encryption

  • At Rest: AES-256 encryption
  • In Transit: TLS 1.3 HTTPS
  • Backups: Encrypted with separate keys

7.2 Access Controls

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA) required for admin access
  • All access logged and monitored

7.3 Incident Response

If we discover a breach:

  • We notify you within 24 hours
  • We report to authorities within 72 hours (GDPR requirement)
  • We provide guidance on protective measures

7.4 Annual Audits

  • Third-party penetration testing (annual)
  • SOC 2 Type II audit (annual)
  • Vulnerability scanning (monthly)

8. Children’s Privacy

TruthVouch is not intended for individuals under 18. We don’t knowingly collect data from children. If we discover you’re under 18, we’ll delete your account.

9. California Residents (CCPA)

If you live in California, you have rights under CCPA:

9.1 Right to Know

You can request what personal information we collect and how we use it.

9.2 Right to Delete

You can request deletion of personal information (with exceptions for legal compliance).

9.3 Right to Opt-Out

You can opt-out of the “sale” of your personal information (we don’t sell, but CCPA broadly defines “sale”).

9.4 Right to Non-Discrimination

We won’t discriminate if you exercise your CCPA rights.

To Exercise CCPA Rights: Email privacy@truthvouch.com with your request.

10. Cookies

We use cookies for:

  • Session Management: Keeping you logged in
  • Preferences: Saving your settings
  • Analytics: Understanding how you use TruthVouch

You can disable cookies in your browser settings, but some features may not work.

TruthVouch may contain links to third-party websites. We’re not responsible for their privacy practices. Review their privacy policies before providing information.

12. Changes to This Policy

We may update this policy anytime. Changes are effective:

  • Immediately for new users
  • 30 days after notice for existing users

Continued use means acceptance.

13. Contact Us

Privacy Questions or Requests:

Data Protection Officer (for GDPR subjects):

Dispute Resolution: For disputes, you can file a complaint with your local data protection authority.

Last Updated: January 2024