Effective Date: Oct 2021
When you (“customer,” or “you”) visit and interact with our website, contact and communicate with us or use any of our products and services, TruU may collect, use, and process information related to you (“Personal Data”). “TruU”, “We”, “Us”, “Our” or the “Company, refer to TruU, Inc. TruU offers a solution that may be comprised of: a cloud service, customer managed software, and software on customer devices. These components, along with the website, are referred to as “Services” in this policy.
This Privacy Statement applies to the following activities:
- Visiting our website;
- Visiting our offices;
- Communicating with us, including emails, text or fax;/li>
- Registering for our events;
- Using our Services.
Our website (https://truu.ai) and other websites under the truu.ai domain, include links to other websites, applications and services maintained by third parties. The information protection and privacy practices of these external websites, applications and services are governed by the privacy statements of the respective third-party. We encourage you to review these privacy statements to better understand the privacy practices of each third party.
Personal Data Collected
The Personal Data we directly collect, process and/or store from you may include the categories listed below. By visiting our website, or inquiring about or using our Services, TruU or its partners, subcontractors, and service providers may collect Personal Data from you and your registered device(s) and you hereby consent to allow collection and use of this information in accordance with this policy.
- Information Request: If you request for information about our Services, register for a trial, download our software, request for support or use the “Contact Us” feature on our website, we generally require contact information such as your name, email address, company name, title and telephone number.
- Website Interaction: If you use and interact with our website, we may collect your usage information through cookies, web beacons and similar tracking technologies that may qualify as Personal Data.
- Office Visit: If you visit our offices, you may be required to sign-in with your name, email address, telephone number, company, title, purpose of visit and date/time of arrival.
- Customer Personal Identification Information (PII): Customer first / last name, GUID, biometric data, email address (if available), UPN, mobile device info (HW version, OS version, etc.), and public key trust associations during an interaction between the identity server and TruU cloud when a user is registered to use TruU authentication service. TruU does not have direct visibility into this category of data and it is within the customer to grant TruU access to such data, provided that you acknowledge and agree that TruU may not be able to provide certain support services without such access and TruU shall have no liability to the extent TruU is unable to perform such services without access to this data.
- Device Information: Such information, collected with customer consent, includes the peripheral data, gyroscope and accelerometer motion data, and network signals, which are used to assess presence, risk, and identity.
Cookies, Log Files & Web-Beacons
We use common information-gathering tools, such as cookies, log files and web-beacons that may collect Personal Data about you, to make interactions with our website more meaningful.
We use both session and persistent cookies. Session cookies only exist during a session and disappear from your computer when you close your browser or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. Most browsers automatically accept cookies however, if you choose to disable cookies, it may limit your use of certain features and functions on our website or service.
As with most websites, we automatically gather certain information in log files as you navigate our website. This information may include your Internet Protocol (IP) address, your Internet Service Provider (ISP), your device identification numbers, your location, your browser, your mobile carrier, your searches on our website, your pages and files viewed, your operating system and date/time stamps of your usage. We analyze this information to help us improve our website and to guarantee proper functionality and security.
We may also use web-beacon technologies such as clear gifs that help us better manage content on our website and emails. Clear gifs are tiny graphics with a unique identifier that help track the online movement of users on the website. We do not tie information gathered from clear gifs to Personal Data.
Data Collected Through TruU Services
At the core of our Services, sensor data from a registered device(s) is collected and processed by the TruU platform in order to formulate a unique identity of a customer. If a customer authorizes or opts in, such sensor data may come from the peripheral data, gyroscope, accelerometer, network data from the device, which is processed by the TruU platform consisting of a cloud, customer managed software component, and device applications. Other sensor data, including barometric sensor, Location, Magnetometer, and Compass from a registered device may be collected for delivering TruU services. TruU will never collect data from a device without the customer’s permission. Some TruU applications may offer ‘Privacy Mode’ where a customer can on a scheduled or on an ad-hoc basis disable all data collection by TruU. However, administrators do have the ability to require or disable any of sensor data collection parameter via policy controls, based on the customer’s internal policies.
Customer’s administrator can control who uses TruU service from their management console. For a user who is enrolled into using TruU service, TruU uses data such as first / last name, GUID, email address (if available), biometric data, UPN, mobile device info (HW version, OS version, etc.). This data is obtained from the corporation or users as part of using the TruU service. By default, TruU staff cannot see who at the customer site is using TruU service. We see only the aggregate user count for billing purposes.
TruU can get your information if you apply for a job at TruU.
Data NOT Collected by TruU:
TruU has no need of data about very personal traits and does not collect data about:
- Mentally Ill People
- Asylum seekers
- The Elderly
- Race or ethnic origin
- Religious or philosophical beliefs
- Political opinions
- Trade union memberships
- Genetic data
- Health data
- Health data Data related to sexual preferences, sex life or sexual orientation
Employment Information Exception:
TruU may have some information about a subject when requesting employment. TruU does not collect this information from end customers.
- Criminal convictions or offences (unless volunteered during employment screening)
- Government issued identification numbers required for employment verification as protected by the law
- Bank, credit card or other financial details required for sending or receiving payments
How We Use Your Data
We collect, process and store your Personal Data for the purposes and on the legal bases identified below:
- Improving Website: We collect and process Personal Data to analyze trends and track your usage of our website for our legitimate interest in further improving and developing our website and to provide you with more relevant and meaningful content.
- General Inquiries: We collect and process Personal Data to respond to inquiries and information requests, and to send materials such as whitepapers, datasheets and pricing through email, postal mail or telephone.
- Marketing Communications: We collect and process your Personal Data to send advertisements, newsletters, product updates, events and promotions necessary for our legitimate interest in providing Services on a commercial basis.
- Employment Opportunities: We collect and process your Personal Data for current and future potential employment.
- Delivering Core Services: We collect and process Personal Data through enabled sensors on your registered device(s) in order to provide core Services of the TruU solution.
- Customer Support: We collect and process Personal Data to respond to your request for assistance, to resolve technical issues you encounter, to analyze crash information and to repair and improve our Service.
- Office Visitors: We collect and process Personal Data of all personnel who visit our offices, for security purposes.
- Legal: We collect and process your Personal Data to cooperate and comply with public and government authorities, courts, and lawful requests in accordance with our legal obligations under applicable laws that require processing or disclosure of Personal Data to protect our rights.
You may opt-out of receiving promotional communication and personalized advertisements by managing cookies in your browser and referring to the “Contact Us” section below. Please note, however, that by disabling cookies and similar technologies, you may not be able to take full advantage of features and functionality on our website. You can also withdraw your opt-in consent at any time by referring to the “Contact Us” section below.
TruU Services are not intended for personal use. The administrator of a customer’s business is responsible for all user accounts and/or Services purchased from TruU. TruU is not responsible for the information protection and privacy practices defined and implemented by the customer. Please direct all questions to your customer administrator, as your use of TruU Services is subject to customer policies implemented by your administrator.
Administrators are able to:
- Access information in and about your account;
- Access or retain information stored as part of your account;
- Restrict, suspect or terminate your access to the Services;
- Enable policies that require certain sensor data (e.g. Bluetooth) to use the Services;
- Install or uninstall third-party apps or other integrations;
- Change your information, including profile information;
- Restrict your ability to edit, modify or delete information.
TruU Services are not directed at children under the age of 16. We do not knowingly collect personal information from children under the age of 16. If you are a parent or guardian and believe your child has provided TruU with Personal Data without your consent, please contact by referring to the “Contact Us” section below. TruU will take steps to delete such Personal Data from our systems.
Personal Data Retention Period
All data retention is managed as per data retention policy. We retain Personal Data for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Service. TruU also retains certain Personal Data required to comply with legal obligations, resolve disputes and to enforce our agreements, to support business operations and to continue to develop and improve our Services. Where TruU retains information for Service improvements, TruU takes every step to eliminate information that directly identifies you, and only use the information to uncover collective insights about the use of our Service, not to specifically analyze personal characteristics about you.
You have certain rights when it comes to your Personal Data, subject to local data protection laws. These rights include the right to:
- Access to your Personal Data held by TruU (right to access)
- Rectify inaccurate Personal Data (right to rectification)
- Erase or delete your Personal Data, as permitted by legal obligations (right to be forgotten)
- Restrict our processing of your Personal Data (right to restriction of processing)
- Transfer your Personal Data to another controller to the extent possible (right to data portability)
To exercise your rights, please refer to the “Contact Us” section of this document. We will try to respond to all legitimate requests within one month of the request and may contact you if we need additional information to honor the request.
TruU takes every precaution to protect against unlawful or accidental loss, theft, alteration, disclosure or unauthorized access to any Personal Data. While TruU follows generally accepted standards to protect Personal Data, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Privacy Statement Changes
TruU reserves the right to update our Privacy Statement at any time to reflect changes in our internal practices, technologies and legal requirements. If changes are made to the Privacy Statement, the “Effective Date” at the top of this Privacy Statement will be updated. Your continued use of our Services after we post any modifications to the Privacy Statement described on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the most-current Privacy Statement.
If you have any questions or concerns about this Privacy Statement or to exercise your rights regarding your Personal Data, please contact us at:
720 University Ave, Suite 200
Palo Alto, CA 94301
Any violation of this policy may result in termination of your agreement with TruU, and may result in legal action. TruU reserves the right to notify the appropriate law enforcement authorities of any unlawful activity and to cooperate in any investigation of such activity. TruU does not consider conduct in violation of this policy to be within an employee’s or partner’s course and scope of employment, or the direct consequence of the discharge of the employee’s or partner’s duties. Accordingly, to the extent permitted by law, TruU reserves the right not to defend or pay any damages awarded against any party, including its employees or partners, that result from violation of this policy.
Any employee or partner who is requested to undertake an activity which he or she believes is in violation of this policy should provide a written or verbal complaint to his or her customer administrator, as well as any other customer manager or the Human Resources Department as soon as possible. You may additionally notify TruU of any questions by utilizing the process set forth in the Contact Us section above.
ISO/IEC 27001:2013 – Clauses 9.2(g) Internal Audit and others
AT 101 – SOC 2: CC1.0– The Control Environment
AT 101 – SOC 2: CC2.0 – Communication and Information
AT 101 – SOC 2: CC4.0 – Monitoring of Controls
PCI DSS v3.1