LegalPrivacy Policy

Navigation

Trustory Privacy Framework

Privacy Policy

Trustory is designed as a workforce trust infrastructure with privacy, consent, and auditability at its core. This Privacy Policy explains how we collect, use, protect, and govern data across the Trustory platform.

Policy snapshot

Consent-first, audit-backed, security-minded.

Trustory does not treat employment history like ordinary social data. Access, verification, and visibility are governed through trust, legitimate use, and worker-centered controls.

Worker controlAudit trailData protection

1. Overview

Trustory (“Trustory”, “we”, “our”, or “us”) operates a digital workforce trust infrastructure that helps workers, institutions, and authorized stakeholders verify employment history and related trust records.

This Privacy Policy applies to our website, applications, dashboards, authentication flows, and related services.

By accessing or using Trustory, you acknowledge that your information may be processed as described in this policy.

2. Information We Collect

We collect only the information necessary to operate a secure, auditable, and permissioned trust registry.

2.1 Account and authentication information

We may collect phone numbers, email addresses, authentication credentials, OTP-related data, and user role information such as worker, institution, or administrator.

Worker authentication may also involve third-party identity services such as Google sign-in where enabled.

2.2 Worker profile and employment data

Workers may provide profile details, employment history, employer leads, job titles, dates of service, and supporting context necessary for verification.

2.3 Institution registration and verification data

Institutions may provide their name, registration number, website, domain, county, town, physical address, contact details, and information relevant to field verification.

2.4 Security, audit, and technical metadata

We may collect IP address, device information, user agent, activity logs, event telemetry, and internal audit metadata in order to secure the platform and preserve system integrity.

3. How We Use Information

We use collected information to:

• authenticate users and protect access

• operate worker, institution, and admin workflows

• verify employment records and institutional legitimacy

• enable worker-controlled consent decisions

• preserve audit trails and dispute history

• detect fraud, abuse, and suspicious behavior

• maintain and improve reliability, security, and performance

Trustory does not sell personal information and does not use sensitive employment trust records for unrelated advertising purposes.

4. Record Integrity and Transparency

Trustory operates as an integrity-focused trust registry. Certain records, audit logs, and dispute histories are preserved to maintain transparency and prevent silent manipulation.

In practical terms, this means some data may be retained in an append-only or historically visible form where necessary to:

• protect the integrity of verified records

• preserve dispute and rectification trails

• support accountability for institutions and users

• prevent hidden alteration of workforce history

6. Data Security

Trustory uses layered safeguards to protect personal information and trust records.

• encrypted communication over HTTPS

• role-based access control

• session and authentication controls

• consent logging and audit logging

• environment and infrastructure protection practices

• operational monitoring for suspicious activity

While no system is completely risk-free, we continuously improve administrative, technical, and organizational safeguards.

7. Data Retention

We retain data only for as long as reasonably necessary to:

• operate the Trustory platform

• preserve trust and verification integrity

• support worker and institution workflows

• respond to disputes and rectifications

• comply with legal, regulatory, or audit obligations

Some records may be retained longer where necessary to preserve system accountability or auditability.

8. User Rights

Depending on applicable law, users may have rights to:

• access their personal data

• request correction of inaccurate data

• request deletion where legally and technically appropriate

• manage visibility and consent permissions

• object to or limit certain processing in specific cases

These rights may be limited where information must be retained to preserve legal compliance, fraud prevention, or audit integrity.

9. Third-Party Services

Trustory may rely on third-party infrastructure or service providers such as authentication providers, cloud hosting, email delivery tools, storage systems, analytics tools, or security monitoring services.

These providers may process limited technical or operational data necessary for Trustory to function securely and reliably.

10. Children’s Privacy

Trustory is not intended for children under the age of 18.

We do not knowingly collect personal information from minors for independent use of the platform. If we become aware of such collection, we may take appropriate corrective action.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, operational, or product changes.

Where updates are material, we may provide additional notice through the platform or other appropriate channels.

The “Last Updated” date at the top of this page indicates the most recent revision.

12. Contact

If you have questions, concerns, or lawful requests related to this Privacy Policy or Trustory data handling, you can contact Trustory through the official channels listed on the platform.

Trustory

Email: privacy@trustory.org

Website: https://trustory.org

Last updated

March 2026

This Privacy Policy should be reviewed alongside your Trustory Terms of Service, Data Retention Policy, Data Governance Policy, and Security Incident Response Plan.

View Terms of Service Back to Trustory