Privacy Policy
Privacy Policy
Effective: January 1st, 2010
Last Update: January 24th, 2024
Introduction and Scope
Truth Technologies, Inc. (“Truth Technologies”, “we”, “us” and “our”) takes the protection of personal data very seriously. This privacy policy (this “Privacy Policy”) addresses data subjects whose personal data we may process in the course of providing services in connection with our Sentinel™ customer verification platform (the “Services”). This Privacy Policy does not apply to personal data we collect or receive by other means, such as directly through Truth Technologies’ publicly accessible website.
Categories of Personal Data and How We Receive It
Truth Technologies may receive certain personal data relating to you from our clients in connection with providing the Services. Such personal data may include biographical information, contact information, national identification number and other information that may be contained on an identification document, and other information our clients specifically provide to us on a case-by-case basis.
Basis and Purposes of Processing
Within the scope of this Privacy Policy, we act as a data processor and process personal data based on the documented instructions of the relevant data controllers. Personal data sent to Truth Technologies by our clients is used exclusively for the purposes of providing the Services to our clients according to the terms of our service agreement with each such client.
Data Retention
We delete personal data submitted to us by our clients within 90 days of the termination of the applicable service agreement unless applicable law requires a different retention period.
Sharing Personal Data with Third Parties
Other than as described below, personal data provided to Truth Technologies in connection with the Services is not disclosed, transmitted, shared, rented or sold to any third-parties.
We share personal data with our service providers who process personal data on behalf of Truth Technologies and who agree to use the personal data only to enable us to perform the Services for our clients. Our service providers include businesses that provide hosting services, cloud storage services and infrastructure services. We require these third parties to demonstrate that they also adhere to the EU-U.S. Data Privacy Framework Principles or provide at least the same level of privacy protection as is required by the EU-U.S. Data Privacy Framework. Truth Technologies remains responsible and liable under the EU-U.S. Data Privacy.
Framework if any third-party agents that it engages to process the personal data on our behalf do so in a manner inconsistent with the Principles, unless Truth Technologies is not responsible for the event giving rise to the damage.
Other Disclosure of Personal Data
Other than as described below, personal data provided to Truth Technologies in connection with the Services is not disclosed, transmitted, shared, rented or sold to any third-parties.
We share personal data with our service providers who process personal data on behalf of Truth Technologies and who agree to use the personal data only to enable us to perform the Services for our clients. Our service providers include businesses that provide hosting services, cloud storage services and infrastructure services. We require these third parties to demonstrate that they also adhere to the EU-U.S. Data Privacy Framework or provide at least the same level of privacy protection as is required by the EU-U.S. Data Privacy Framework.
Truth Technologies remains responsible and liable under the EU-U.S. Data Privacy Framework Principles if any third-party agents that it engages to process the personal data on our behalf do so in a manner inconsistent with the Principles, unless Truth Technologies is not responsible for the event giving rise to the damage.
Commitment to Security of Data
Truth Technologies employs reasonable and appropriate technical and organization precautions within our company – including physical, technical, and procedural safeguards – designed to help secure all of the personal data we process and protect it from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the personal data. Truth Technologies, Inc. participates in a SOC 2 audit of our security policies and procedures. As part of this independent audit, we re-examine all aspects of our operations to ensure strict adherence with the EU-U.S. Data Privacy Framework. Should you become aware of any violations of privacy or wish to inquire about how we secure private information, please contact us using the contact information found in the Contact Information Section of this Privacy Policy.
Access and Review
If you are a data subject about whom we store personal data, you may have a right to request access to your personal data, update, correct, or delete your personal data, and to object to processing, request restriction of processing, or exercise your right to data portability. To submit such requests or raise any other questions, please contact the organization that provided your personal data to us. We make a reasonable effort to provide our clients with the means to comply with the requests of their data subjects.
Privacy of Children
Our Services are not directed at, or intended for use by, children under the age of 13. We do not knowingly process personal data related to anyone under 18. Children should always get permission from a parent or guardian before sending their personal data over the Internet. If you believe your child may have provided us with personal data, please contact us at privacy@truthtechnologies.com.
EU-U.S. Data Privacy Framework
Truth Technologies, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce. Truth Technologies Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF, Truth Technologies, Inc. commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF should first contact Truth Technologies, Inc. at:
https://truthtechnologies.com/contact, or by postal mail at:
Truth Technologies, Privacy Officer 5150 Tamiami Trail N. Suite 500, Naples, FL, 34103.
Please allow us up to four weeks for a reply
Government Enforcement
Truth Technologies Inc. is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under Section 5 of the Federal Trade Commission Act (15 U.S.C. § 45), an organization’s failure to abide by commitments to implement the DPF Principles may be challenged as deceptive by the FTC. The FTC has the power to prohibit such misrepresentations through administrative orders or by seeking court orders.
Dispute Resolution
In compliance with the EU-U.S. DPF, Truth Technologies, Inc. commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Binding Arbitration
Where a complaint cannot be resolved by any of the recourse mechanisms mentioned above, individuals may have a right under certain conditions to invoke binding arbitration under the EU-U.S. Data Privacy Framework Panel (as provided for under EU-U.S. Data Privacy Framework Annex I) as recourse mechanism of “last resort”. If you are a resident of the European Union whose personal data we process, you may also have the right to file a complaint with a data protection regulator in one or more of the EU Member States.
Contact Information
We value your opinion about this Privacy Policy. Please feel free to contact us with any general questions, comments, or concerns about this Privacy Policy by email at: privacy@truthtechnologies.com. Or by postal mail:
Truth Technologies, Inc.
5150 Tamiami Trail N., Suite 500
Naples, FL 34103 USA
EU Representative
Damien Harding has been appointed as Truth Technologies’ representative in the European Union for data protection matters (“EU Representative”), pursuant to Article 27 of the General Data Protection Regulation of the European Union (the “GDPR”). In accordance with Article 27 of the GDPR, Harding may be contacted by supervisory authorities or data subjects in addition to Truth Technologies about matters related to the processing of personal data. Harding, in its capacity as our EU Representative, may be contacted using this contact form: https://truthtechnologies.com/contact-us/ Alternatively, Damien Harding, as our EU Representative, may be contacted by postal mail as follows: Truth Technologies, Inc. C/O Damien Harding 1 Rue Jean Piret, L-2350 Luxembourg
Changes to this Privacy Policy and the Policies and Procedures
Truth Technologies reserves the right to update and revise this Privacy Policy and the Policies and Procedures below, at any time. You can determine if this Privacy Policy or the Policies and Procedures have been revised since your last visit by referring to the date indicated in the “Last Update” under the title.
Policies and Procedures
Last Update: February 12, 2018
- Definitions. Capitalized terms used in, and not otherwise defined in these Policies and Procedures, have the meanings ascribed to them in the Agreement between Truth Technologies, Inc. (“TTI”) and Subscriber (“Agreement”).
- Performance. TTI will use commercially reasonable efforts to update, augment and maintain the Content, as compiled from selected public records
and other sources. Subscriber accepts all Service, Content and Data provided by TTI on a “AS IS” basis, with no warranty or guarantee as to the truth, accuracy or completeness of the Service, Content and Data. THERE ARE NO WARRANTIES, EXPRESS OR IMPLIED, BY TTI AND THE INFORMATION PROVIDERS IN CONNECTION WITH THE SERVICE, CONTENT OR DATA, INCLUDING, BUT NOT LIMITED TO, WARRANTIES FOR MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON- INFRINGEMENT OF THIRD PARTY RIGHTS, OR THAT THE SERVICE, CONTENT OR DATA IS CORRECT, ERROR FREE, COMPLETE, AND/OR CURRENT AND UP TO DATE, OR THAT THE SERVICE, CONTENT OR DATA WILL BE SECURE, TIMELY DELIVERED, UNINTERRUPTED, FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS, OR WILL SUFFICIENTLY OPERATE IN COMBINATION WITH ANY OTHER HARDWARE, SOFTWARE SYSTEM OR DATA. - Support. TTI will offer e-mail support through the Sentinel™ Web site at https://sentinel.truthtechnologies.com and https://cayman.TruthTechnologies.com. All support e-mails submitted during regular business hours will be answered within one (1) business day.
- Interruption of Service.
- Scheduled Interruptions. Subscriber acknowledges that the Service may be temporarily interrupted or curtailed due to equipment
modifications, upgrades, relocations, repairs and other similar activities during the operation and upgrade of the Service. Subject to the terms of Subscriber’s Agreement, no reduction of payments will be made in the case of scheduled interruption of the Service, provided such interruptions do not exceed 24 hours during any consecutive 30-day period, excluding planned maintenance (i.e. planned Downtime) or regularly scheduled and/or planned Content updates.
Data Source Update. TTI uses the following update schedule for data sources: Monday – Friday: World-Check, OFAC, HMT, EU.
- Force Majeure.TTI will not be liable for loss or damage resulting from any delay or non-performance due to any cause or causes beyond its reasonable control, including an act of the Subscriber, malfunctioning or nonfunctioning of equipment, a delay in transportation, acts of God, fire, flood, earthquake, storm, war, sabotage, riot, civil commotion, or because of any law, rule, regulation, order or other action by any public authority, provided TTI (i) gives the Subscriber written notice of such cause promptly, and (ii) uses its reasonable commercial efforts to correct such failure or delay.
- Internet connectivity. Because Subscriber will access the Service over the public Internet, temporary disruptions of network connectivity will occur from time to time. Internet traffic is usually routed through many different Internet backbone providers on the way to its destination. TTI will not be liable for interruption or delays in transmission or errors or defects in transmission or failure to transmit when caused by any Internet backbone provider.
- Liability. Except as otherwise expressly provided in Subscriber’s Agreement, in no event shall TTI be liable for any damages due to interruption of Service except for a pro-rata refund of fees actually paid by Subscriber for the Service and then only in any amount in proportion to the actual downtime attributable to such interruption of Service.
- Scheduled Interruptions. Subscriber acknowledges that the Service may be temporarily interrupted or curtailed due to equipment
- Audit. Subscriber understands and agrees that in order to ensure compliance with applicable law; TTI reserves the right to conduct periodic reviews of Subscriber’s activity and may, on a random basis, contact Subscriber to provide documentation of executed searches using the Service. TTI shall also investigate all legitimate reports of abuse or misuse of the Service.
- Notification.
- Data Breach. In the event of a data breach, Subscriber whose datawas affected by the breach will be notified by TTI.
- Law Enforcement Requests for Disclosure. Subscriber shall be notified of any legally binding request for disclosure of the Personal Data by a law enforcement authority unless otherwise prohibited, such as a prohibition under law to preserve the confidentiality of a law enforcement investigation.
- Conflict. In the event of any conflict between the terms of Subscriber’s Agreement and these Policies and Procedures, the terms of Subscriber’s Agreement shall control unless such Agreement provides otherwise.