Skip to main content

Privacy Policy

How Trustaige collects, uses, and protects your data.

Effective Date: February 1, 2025

Trustaige (“we”, “our”, “us”) operates the Trustaige Identity Platform. This Privacy Policy explains how we collect, use, and protect information when you use our website and services.

Information We Collect

Website Visitors

When you visit trustaige.com, we may collect:

  • Browser and device information such as browser type, operating system, and screen resolution
  • Usage data such as pages visited and time spent on site

Trial Sign-Up

When you request a trial through our website, we collect:

  • Contact information: your name and business email address
  • Organization information: organization name and size range
  • Use case information: your primary security challenge and interested pricing tier

Platform Users

When your organization uses the Trustaige Identity Platform, we process:

  • Account information: email address, display name, and organizational role
  • Authentication data: WebAuthn public key credentials (public keys only — private keys never leave your device)
  • Session data: device type, browser, operating system, IP address, and session timestamps
  • Audit logs: authentication events, profile changes, and administrative actions

How We Use Your Information

We use collected information to:

  • Provide and maintain the Trustaige Identity Platform
  • Process trial requests and communicate with prospective customers
  • Authenticate users and manage sessions
  • Generate audit logs for security and compliance purposes
  • Improve our services and user experience
  • Respond to support requests

What We Never Collect

Trustaige is designed with privacy at its core:

  • Private keys: WebAuthn private keys are generated and stored on your device’s secure element. They never leave the device and are never transmitted to our servers.
  • Biometric data: Biometric verification happens locally on your device. We never receive, store, or process biometric data.
  • Passwords: Trustaige is a passwordless platform. We do not store passwords or shared secrets.

Data Storage and Security

  • All data is encrypted in transit using TLS 1.2 or higher
  • Data at rest is encrypted using industry-standard encryption
  • Sessions are managed through secure, server-side session stores
  • Content Security Policy (CSP) with per-request nonces protects against injection attacks
  • HTTP Strict Transport Security (HSTS) is enforced in production

Data Retention

  • Trial sign-up data: Retained for the duration of your trial evaluation and up to 12 months afterward
  • Platform account data: Retained for the duration of your organization’s active subscription
  • Audit logs: Retained per your organization’s configured retention policy
  • Session data: Automatically purged upon session expiration or revocation

Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Delete your personal data (subject to legitimate retention requirements)
  • Export your data in a portable format
  • Object to processing of your personal data

To exercise these rights, contact us at privacy@trustaige.com.

Cookies

Trustaige uses strictly necessary session cookies to maintain authenticated sessions. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

Third-Party Services

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on this page with a revised effective date.

Contact

For privacy-related inquiries: