Privacy Policy

Last updated: January 17, 2026

1. Introduction

TrueCerta ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital certificate verification platform.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, organization name
  • Certificate Data: Recipient names, course information, completion dates
  • Profile Information: Professional bio, location, profile photo
  • Payment Information: Billing details processed securely through Stripe

2.2 Information Collected Automatically

  • Device and browser information
  • IP address and location data
  • Usage patterns and analytics
  • Cookies and similar technologies

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain our services
  • Process certificate issuance and verification
  • Send transactional emails and notifications
  • Improve and personalize user experience
  • Ensure platform security and prevent fraud
  • Comply with legal obligations

4. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third parties that help us operate our platform (Supabase, Vercel, Stripe, Resend)
  • Verification Requests: Certificate details are publicly accessible via verification pages
  • Legal Requirements: When required by law or to protect our rights

We do not sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption at rest and in transit (TLS 1.3)
  • Regular security audits
  • Access controls and authentication
  • Secure data centers (EU-based)

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Certificate records are retained indefinitely to ensure verification availability. You may request deletion of your account and personal data at any time.

7. Your Rights (GDPR)

Under the GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Object to processing
  • Data portability
  • Withdraw consent

To exercise these rights, contact us at privacy@truecerta.com.

8. Cookies

We use cookies to enhance your experience. You can manage cookie preferences through your browser settings. Essential cookies are required for the platform to function.

9. International Transfers

Your data may be transferred to and processed in countries outside the EU. We ensure appropriate safeguards are in place through Standard Contractual Clauses or adequacy decisions.

10. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification.

12. Contact Us

For privacy-related questions or concerns, contact our Data Protection Officer: