← Back to Home

Privacy Policy

Your privacy and data protection are fundamental to how we operate

Last Updated:January 15, 2025

At a Glance

TrustMe Platform is a blockchain-based credential management and verification system. We collect only the data necessary to provide our services, protect it with enterprise-grade security, and never sell your personal information.

  • We use your data solely to provide credential issuance and verification services
  • Your credentials are cryptographically secured and blockchain-anchored
  • You have full rights to access, correct, or delete your personal data
  • We comply with GDPR, CCPA, and applicable data protection regulations

Table of Contents

1. Introduction

Welcome to TrustMe Platform ("TrustMe," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our blockchain-based credential management and verification services.

TrustMe Platform provides infrastructure for issuing, verifying, and managing verifiable credentials using blockchain technology. We serve educational institutions, financial services, government agencies, and enterprises that need to issue and verify digital credentials securely.

Controller Information: TrustMe Inc., operating as TrustMe Platform, is the data controller responsible for your personal information. Our registered address and contact details are provided in the Contact Us section below.

2. What Data We Collect

We collect different types of information depending on how you interact with our platform:

2.1 Account Information

  • Full name and email address
  • Organization or institution affiliation
  • Job title and role information
  • Authentication credentials (hashed passwords, cryptographic keys)
  • Multi-factor authentication data

2.2 Credential Data

  • Credential subject information (names, IDs, attributes)
  • Issuer information and institutional data
  • Credential metadata (issuance dates, expiration, status)
  • Cryptographic signatures and blockchain anchors
  • Verification requests and results

2.3 Technical Information

  • IP addresses and device identifiers
  • Browser type, version, and language preferences
  • Operating system and device information
  • API usage logs and request/response data
  • Performance metrics and error logs

2.4 Usage Information

  • Pages visited and features used
  • Time spent on platform and interaction patterns
  • Search queries and filter preferences
  • Document issuance and verification history

2.5 Communication Data

  • Support tickets and customer service interactions
  • Email correspondence and feedback
  • Survey responses and product feedback

3. How We Use Your Data

We use your personal information for the following purposes:

Service Delivery

  • Provide credential issuance and verification services
  • Maintain and manage your account
  • Process and fulfill your requests
  • Enable secure authentication and access control
  • Generate blockchain anchors and cryptographic proofs

Platform Operations

  • Monitor and improve platform performance
  • Detect and prevent fraud, abuse, and security threats
  • Conduct system maintenance and troubleshooting
  • Provide customer support and technical assistance
  • Ensure compliance with legal and regulatory requirements

Analytics & Improvement

  • Analyze usage patterns and user behavior
  • Develop new features and improve existing ones
  • Conduct research and statistical analysis
  • Optimize user experience and interface design

Communications

  • Send service-related notifications and updates
  • Provide security alerts and important announcements
  • Respond to inquiries and support requests
  • Send marketing communications (with your consent)

5. Data Security, Storage & Retention

5.1 Security Measures

We implement industry-leading security measures to protect your data:

Encryption

End-to-end encryption for data in transit (TLS 1.3) and at rest (AES-256)

Access Controls

Role-based access control (RBAC) and principle of least privilege

HSM Protection

FIPS 140-3 certified Hardware Security Modules for cryptographic keys

Audit Logging

Comprehensive audit trails and blockchain-anchored immutable logs

Penetration Testing

Regular security assessments and third-party penetration testing

SOC 2 Compliance

SOC 2 Type II certified with continuous compliance monitoring

5.2 Data Storage

Your data is stored in secure, geographically distributed data centers with:

  • Multi-region redundancy and automated failover
  • Regular automated backups with point-in-time recovery
  • Physical security controls and 24/7 monitoring
  • ISO 27001 certified infrastructure partners

5.3 Data Retention

We retain your data only as long as necessary:

Account DataDuration of account + 90 days
Credential RecordsAs required by institutional policy or regulation (typically 7-10 years)
Blockchain AnchorsPermanently on blockchain (by design)
Technical Logs90 days (security logs: 1 year)
Support Communications3 years from last interaction

6. Sharing Your Data with Third Parties

We do not sell your personal information. We may share your data in the following limited circumstances:

Service Providers

Trusted third-party vendors who assist in operating our platform (e.g., cloud hosting, email delivery, analytics)

All service providers are bound by data processing agreements and security requirements

Credential Verifiers

When you or your institution shares credentials for verification, necessary data is disclosed to the verifying party

You control which credentials are shared and with whom

Legal Requirements

Law enforcement, regulatory authorities, or courts when required by law or to protect rights and safety

We will notify you of such requests unless prohibited by law

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity

You will be notified and given options regarding your data

Important: We never share your data with advertisers or data brokers. Your credentials are yours, and we act only as a secure custodian and facilitator.

7. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage:

7.1 Types of Cookies We Use

Essential Cookies

Required

Required for platform functionality (authentication, security, session management)

Retention: Session or up to 1 year

Performance Cookies

Optional

Analytics and performance monitoring to improve our services

Retention: Up to 2 years

Functional Cookies

Optional

Remember your preferences and settings

Retention: Up to 1 year

Marketing Cookies

Optional

Track marketing campaign effectiveness (with consent)

Retention: Up to 1 year

7.2 Managing Cookies

You can control cookies through:

  • Our cookie consent banner (shown on first visit)
  • Your browser settings (most browsers allow you to refuse cookies)
  • Your account preferences (for logged-in users)
  • Third-party opt-out tools (e.g., Network Advertising Initiative)

Note: Disabling essential cookies may impact platform functionality.

8. Your Privacy Rights

Depending on your location, you have the following rights regarding your personal data:

Access

Request a copy of all personal data we hold about you

Correction

Update or correct inaccurate or incomplete data

Deletion

Request deletion of your personal data (subject to legal obligations)

Portability

Receive your data in a structured, machine-readable format

Restriction

Limit how we process your data in certain circumstances

Objection

Object to processing based on legitimate interests or for marketing

Withdraw Consent

Withdraw consent for processing at any time

Lodge Complaint

File a complaint with your local data protection authority

How to Exercise Your Rights: Contact us at privacy@trustme.dev or use the Privacy Request form in your account settings. We will respond within 30 days (or as required by applicable law).

9. International Data Transfers

TrustMe Platform operates globally, and your data may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs)

We use EU Commission-approved SCCs for transfers from the EEA

Adequacy Decisions

We transfer data to countries recognized as providing adequate protection

Data Processing Agreements

All service providers sign agreements ensuring equivalent data protection

Regional Data Residency

Enterprise customers can opt for data residency in specific regions

For more information about our international data transfers, please contact our Data Protection Officer.

10. Children's Privacy

TrustMe Platform is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children without parental or institutional consent.

When educational institutions use our platform to issue credentials to students under 18, the institution acts as the data controller and is responsible for obtaining necessary parental consents.

If you believe we have inadvertently collected data from a child without proper consent, please contact us immediately at privacy@trustme.dev

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations.

When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email (to your registered email address)
  • Display a prominent notice on our platform
  • Request your consent if required by law

We encourage you to review this policy periodically. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email

privacy@trustme.dev

Privacy & Data Protection Inquiries

Data Protection Officer

dpo@trustme.dev

GDPR & Compliance Matters

Mailing Address

TrustMe Inc., 123 Blockchain Ave, San Francisco, CA 94105, USA

Physical Correspondence

Support Portal

https://support.trustme.dev

Technical Support & Documentation

Supervisory Authority

EEA residents have the right to lodge a complaint with their local data protection authority. A list of EU data protection authorities is available at https://edpb.europa.eu

Questions About Your Privacy?

Our privacy team is here to help. Reach out anytime with questions about how we handle your data.

Contact Privacy Team
Privacy Policy | TrustMe Platform