TruSondrBack to Home

Data Protection

Last updated: May 5, 2025

At TruSondr, we believe privacy isn't just a compliance checkbox—it's our core value and the foundation of authentic connection. This document outlines our comprehensive approach to data protection.

Our Data Protection Commitment

TruSondr was built with data protection as a foundational principle, not an afterthought. We believe that meaningful human connection requires a secure environment where privacy is respected and data is protected.

Our approach to data protection goes beyond legal compliance—it's central to our mission of enabling authentic connections without sacrificing privacy.

Encryption Technology

TruSondr implements end-to-end encryption across all community communications. Here's how our encryption protects your data:

  • End-to-End Encryption: Messages are encrypted on your device before transmission and can only be decrypted by the intended recipients
  • Community-Specific Encryption: Each community has its own unique encryption keys
  • RSA Key Exchange: Secure key exchange protocol for establishing encrypted connections
  • AES Content Encryption: Industry-standard encryption for message content
  • Automatic Key Rotation: Regular refresh of encryption keys to enhance security

Your messages are secured with end-to-end encryption and can only be read by community members

Data Minimization

We follow the principle of data minimization, collecting only what's necessary to provide our service. We specifically:

  • Only collect personal information that's required for the functioning of the platform
  • Give users control over what personal information they share with communities
  • Allow anonymous participation by default
  • Enable progressive identity revelation under user control
  • Don't track user behavior for advertising purposes
  • Don't sell user data to third parties

Identity Control: You remain anonymous by default and have full control over if, when, and to whom you reveal your identity within a community.

Data Storage and Processing

We implement strict protocols for how your data is stored and processed:

  • Secure Infrastructure: All data is stored on secure servers with industry-standard protections
  • Encrypted Storage: Data at rest is encrypted using advanced encryption standards
  • Limited Retention: We retain your data only for as long as necessary
  • Geographic Restrictions: Communities are formed based on country-level location data to ensure compliance with local data protection laws
  • Data Isolation: Community data is logically isolated to enhance security

Third-Party Access

We limit third-party access to your data to only what's essential for providing our service:

  • We don't sell your personal data to third parties
  • Service providers only receive the minimum data necessary to perform their functions
  • We require strict security and confidentiality from all service providers
  • We regularly audit third-party access and compliance
  • We only use service providers with appropriate data protection safeguards

Your Data Rights

We respect and uphold your data protection rights, including:

  • Right to Access: You can request a copy of your personal data
  • Right to Rectification: You can correct inaccurate or incomplete information
  • Right to Erasure: You can request deletion of your personal data
  • Right to Restrict Processing: You can request limits on how we use your data
  • Right to Data Portability: You can request your data in a machine-readable format
  • Right to Object: You can object to certain types of processing

To exercise these rights, contact us at privacy@trusondr.com.

Data Export: TruSondr provides tools for you to download your personal data in standard formats, giving you control over your information.

AI and Data Protection

TruSondr uses AI technology to match users into communities and provide moderation. Our AI implementation follows these data protection principles:

  • AI matching algorithms run on anonymized or pseudonymized data
  • AI systems are designed with privacy by design principles
  • We regularly audit our AI systems for fairness and data protection compliance
  • We minimize profiling and automated decision-making
  • We are transparent about when and how AI is used in our services

Security Measures

We implement comprehensive security measures to protect your data:

  • Technical Controls: Access controls, firewalls, intrusion detection, and prevention systems
  • Regular Security Testing: Vulnerability scanning and penetration testing
  • Authentication: Secure JWT-based authentication with token blacklisting
  • Automatic Key Rotation: Regular refresh of encryption keys
  • Security Monitoring: Real-time monitoring for suspicious activities
  • Incident Response: Documented procedures for security incidents

International Data Transfers

TruSondr creates communities of users within the same country to minimize international data transfers. However, when international transfers are necessary:

  • We implement appropriate safeguards in accordance with applicable data protection laws
  • We use standard contractual clauses or other legally recognized transfer mechanisms
  • We assess the data protection laws of recipient countries
  • We inform users when their data may be transferred internationally

Data Breach Response

In the unlikely event of a data breach, we are committed to:

  • Promptly identifying and containing the breach
  • Notifying affected users and relevant authorities within the legally required timeframe
  • Providing clear information about the breach and potential impacts
  • Taking steps to mitigate potential harm
  • Conducting a thorough investigation to prevent future breaches

Contact Our Data Protection Team

For questions about our data protection practices or to exercise your data rights, please contact us at: privacy@trusondr.com