The Company is domiciled solely in the United States of America and all hosting infrastructure is also located solely within the United States of America, and thus governed by the laws and regulations of the United States of America.
Data related to the opening of an account
Any emails provided to Trustwire through either our waiting list, optional email verification, or optional notification/recovery email setting in your account, are considered personal data.
Such data will only be used to contact you with important notifications about Trustwire, to send you an invitation link to create your Trustwire account, to verify your Trustwire account, or to send you password recovery links if the option is available.
In order to maintain the integrity of the service, Trustwire must take measures to avoid creation of accounts by spammers. This is because if spammers use Trustwire to send messages, Trustwire’s IP addresses can become blocked by major mail providers such as Gmail, Yahoo, Outlook, etc.
In order to prevent the creation of accounts by spam bots or human spammers, Trustwire uses a variety of human verification methods. You may be asked to verify using either reCaptcha (or similar technology), Email, or SMS.
Our company’s overriding policy is to collect as little user information as possible to ensure a completely private and anonymous user experience when using the Service. We also have no technical means to access your encrypted message contents.
Service's user data collection is limited to the following:
- Visiting our website: We employ a local installation of an analytics tool, on the home page only. Analytics tool is not employed on any of the internal pages. It is not possible to link analytics data (such as IP addresses) to Trustwire accounts.
- Account creation: We do not require ANY personal information to create an account but you may provide an external email address for notification or password recovery purposes. Should you choose to provide it, we do associate another email address with your account (for password recovery, or notifications).
- Account activity: We do NOT have access to encrypted message or file contents but we need to know, at the minimum, the recipient’s Trustwire account identifier when sending messages and/or files to another Trustwire user. We also have access to the following records of account activity: number of messages and files sent, amount of storage space used, total number of messages and files, last login time. We are unable to scan messages or files for virus due to the encryption technologies we use. Users are responsible for installing and updating anti-virus software on their local devices.
- Communicating with Trustwire: Your communications with the Company, such as support requests, bug reports, or feature requests may be saved by our staff.
- IP Logging: Trustwire does not log the IP addresses used to access our Service unless this feature is specifically enabled by the user (it is disabled by default).
- Payment Information: The Company relies on third parties to process credit card, PayPal, and Bitcoin transactions so the Company necessarily must share payment information with third parties. Anonymous cash or bitcoin payments and donations are accepted however.
We do not have any advertising on our site. Any data that we do have will never be shared except under the circumstances described below in Data Disclosure. We do NOT do any analysis on the limited data we do possess.
All servers used in connection with the provisioning of the Service are located in the United States of America and wholly owned and operated by the Company. Data is ALWAYS stored in encrypted format on our servers. Offline backups may be stored periodically, but these are also encrypted. We do not possess the ability to access any user encrypted file or message content on either the live servers or in the backups.
When a Trustwire account is closed, data is immediately deleted from production servers. Active accounts will have data retained indefinitely. Deleted files and messages are also instantly deleted from production servers. Deleted data may be retained in our backups for up to 14 days.
We will only disclose the limited user data we possess if we receive notice from the United States of America government regarding a court order that is coming from the authorities we are legally obligated to recognize. While we may comply with electronically delivered notices (see exceptions below), the disclosed data can only be used in court after we have received an original copy of the court order by registered post or in person, and provide a formal response.
If a request is made for encrypted message content that Trustwire does not possess the ability to decrypt, the fully encrypted message content may be turned over. If permitted by law, Trustwire will always contact a user first before any data disclosure if permitted by law.
Trustwire may from time to time, contest court orders if there is a public interest in doing so. In such situations, the Company will not comply with the court order until all legal or other remedies have been exhausted. Therefore, not all court orders will lead to data disclosure.
This Agreement shall be governed in all respects by the substantive laws of the State of Maryland and the United States of America. Any controversy, claim, or dispute arising out of or relating to the Agreement shall be subject to the jurisdiction of the competent courts of the State of Maryland, USA.