This Privacy Policy is effective as of October 10, 2024.

1. Introduction

At Trustvisory, we are committed to protecting your privacy and ensuring the security of your personal data, in full compliance with the General Data Protection Regulation (GDPR). This Privacy Policy outlines how we collect, use, disclose, and protect the information you share with us. By using our platform, you consent to the practices described in this policy.

2. Information We Collect

We may collect the following types of information, adhering to GDPR principles of data minimization and purpose limitation:

1. Personal Information:
• Name, email address, phone number, and other contact details.
• Government-issued identification documents for verification purposes.
2. Usage Data:
• Information about how you use the platform, including IP address, browser type, device information, and pages visited.
3. Communications:
• Records of interactions with our support team or participation in surveys.
4. Cookies and Tracking Technologies:
• Data collected through cookies and similar technologies to enhance your user experience. Explicit consent for the use of cookies is obtained in compliance with GDPR requirements. Users are provided with clear information about the cookies used and have the option to accept or manage their preferences through our Cookie Policy.

3. How We Use Your Information

We use your data for the following purposes, based on the corresponding legal bases under GDPR:

1. To provide and improve our services.
2. To verify user identities and ensure platform security.
3. To communicate important updates or changes to our services.
4. To comply with legal and regulatory obligations.
5. To personalize your experience on the platform.

4. Data Sharing and Disclosure

We may share your data in the following circumstances, ensuring that all data sharing agreements with third parties are GDPR-compliant and explicitly outline the data processors' obligations to protect and handle your data securely:

1. Service Providers:
• With trusted third-party vendors who assist in operating our platform.
2. Public Interest Disclosures:
• Information included in our Unauthorized Practitioners & Illegal Networks List Database (UAP-INLD) is shared publicly to protect users and ensure compliance.
3. Legal Obligations:
• When required by law or to protect our legal rights.
4. Business Transactions:
• In connection with a merger, sale, or acquisition of our business assets.

5. Your Rights

You have the following rights regarding your personal data:

1. Access: Request access to the personal data we hold about you.
2. Correction: Request correction of inaccurate or incomplete data.
3. Deletion: Request deletion of your personal data, including exercising your "Right to be Forgotten," subject to legal obligations. Users can submit their requests via [email protected], and we will respond within 30 days as mandated by GDPR. All data subject to deletion will be securely erased from our systems, except where retention is required by law.
4. Data Portability: Request the transfer of your data to another service provider.
5. Objection: Object to the processing of your data in certain circumstances.

To exercise your rights, contact us at [email protected].

6. Data Security

We implement advanced security measures to safeguard your data, including:

1. Encryption of data at rest and in transit.
2. Regular security audits and vulnerability assessments.
3. Strict access controls to limit data access to authorized personnel.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy, or as required by law. Specifically, personal data will be retained for no longer than 7 years unless a longer retention period is required for compliance with legal or regulatory obligations. The criteria used to determine retention periods include the nature of the data, the purpose for which it was collected, and applicable legal requirements. Once no longer needed, we securely delete or anonymize your data.

8. Cookies and Tracking

Our platform uses cookies and similar technologies to improve user experience and gather usage statistics. For more information, please refer to our detailed Cookie Policy, which includes information on obtaining explicit consent and managing preferences in compliance with GDPR. You can manage your cookie preferences through your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Users will be informed of significant updates in advance via email or platform notifications, and they will be provided with a way to review the changes before they take effect. Users will be notified of significant changes via email or platform notifications.

10. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]

11. Governing Law

This Privacy Policy is governed by the laws of Alberta, without regard to its conflict of laws principles.

12. Public Interest Disclosures Specifics

1. The Unauthorized Practitioners & Illegal Networks List Database (UAP-INLD) serves a purpose of public interest to inform users of unauthorized practitioners and entities (UAPs/UACEs), Human Trafficking Networks (HTNs), Impersonation Scams and Frauds (ISFs).
2. The inclusion of individuals or entities in the UAP-INLD is based on verified evidence.
3. Users can request a review or correction of their inclusion through a formal reconsideration process.