← Back to Truveil

This Privacy Policy explains how Truveil, we, us, our, collects, uses, and protects information when you use our AI agent accountability platform.

1. Information We Collect

Account Information

When you sign up, we collect your email address and a password (stored only as a cryptographic hash, never as plain text). Optionally, you may provide your name and organisation.

AI Agent Data

When you use the Truveil SDK to log AI agent decisions, we collect:

• The actions and decisions your agent makes
• Risk classifications and metadata (timestamps, agent names, project names)
• Context details you choose to include in logs

Usage Information

We collect technical information about how you use Truveil, including IP address, browser type, device information, pages visited, and feature usage. This helps us improve the service and detect abuse.

Payment Information

If you subscribe to a paid plan, payment processing is handled by our payment provider (Stripe or Razorpay). We do not store your full credit card details. We retain only billing records and the last four digits of the card for invoicing.

2. How We Use Your Information

We use your information to:

• Provide, maintain, and improve the Truveil service
• Generate audit reports based on your AI agent logs
• Process payments and manage subscriptions
• Send service-related communications (account verification, billing, security alerts)
• Send product updates and announcements (you can opt out of marketing emails)
• Detect, prevent, and address fraud, abuse, or security issues
• Comply with legal obligations

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area, United Kingdom, or other jurisdictions with similar laws, we rely on the following legal bases:

• Contract: Processing necessary to provide the Service you signed up for
• Legitimate interests: Improving the Service, security, fraud prevention
• Consent: Marketing communications, optional features (you can withdraw consent at any time)
• Legal obligation: Tax records, regulatory compliance

4. How Truveil Generates Audit Reports

Truveil's audit engine is built in two layers:

• Deterministic core: Risk classification, gap detection, accountability scoring, and failure type identification are performed by rule-based algorithms designed by our engineering team. These produce consistent, reproducible results.
• Language layer: To translate technical findings into plain-language reports, we use enterprise-grade large language models from Anthropic. The AI handles natural language generation only, not the audit logic itself.

For the language generation step, your logs are sent to Anthropic with strict data protections:

• No use of your data to train AI models
• Data retention limited to the duration necessary to generate the response
• Industry-standard encryption in transit
• SOC 2 Type II certified processing infrastructure

5. How We Share Your Information

We do not sell your personal information or AI agent logs.

We share information only with:

• Service providers who help us run Truveil (hosting, database, AI processing, payment, email). All are bound by confidentiality and data protection agreements.
• Legal authorities if required by law, court order, or to protect rights, safety, or property.
• Business transfers: If Truveil is acquired or merged, your information may transfer to the new entity (you will be notified).

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. However, no system is perfectly secure, and we cannot guarantee absolute security.

If a data breach occurs, we will notify affected users and relevant authorities within 72 hours where required by law.

7. Data Retention

We retain your information for as long as your account is active. After account closure:

• Personal account data is deleted within 30 days
• AI agent logs are deleted within 30 days
• Billing records are retained for 7 years for tax and accounting compliance
• Anonymised usage analytics may be retained indefinitely

8. Your Rights

You have the right to:

• Access the information we hold about you
• Correct inaccurate information
• Delete your account and associated data
• Export your data in a portable format
• Object to certain types of processing
• Withdraw consent for processing based on consent
• Lodge a complaint with a supervisory authority

To exercise these rights, contact us at info@truveil.app. We will respond within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in different jurisdictions depending on where our cloud infrastructure providers operate. We use appropriate safeguards including Standard Contractual Clauses where applicable to protect international data transfers.

10. Children's Privacy

Truveil is not intended for users under 18. We do not knowingly collect data from children. If you believe a child has provided us information, contact us immediately for deletion.

11. Cookies and Tracking

We use minimal cookies, only those necessary for authentication and session management. We do not use third-party advertising or analytics cookies that track you across the web.

12. Region-Specific Notices

For California Residents (CCPA/CPRA)

You have the right to know what personal information we collect, request deletion, opt out of sale (we do not sell), and not be discriminated against for exercising these rights.

For Indian Residents (DPDP Act 2023)

We process your personal data in accordance with the Digital Personal Data Protection Act, 2023. You have the right to access, correct, delete, and grievance redressal.

For European Residents (GDPR)

You can contact our data controller at info@truveil.app. You also have the right to lodge a complaint with your local data protection authority.

13. Changes to This Policy

We will notify you of material changes via email or in-app notice at least 30 days before they take effect.

14. Contact Us

For privacy questions or to exercise your rights:

Email: info@truveil.app

© 2026 Truveil. All rights reserved.