Legal

Privacy Policy

Last updated: February 1, 2026

1. Introduction

TrustOps SAS ("TrustOps", "we", "our", or "us") operates the TrustOps Autopilot platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, company name, and role. If you sign in via OAuth providers (Google, GitHub), we receive basic profile information from those services.

2.2 Usage Data

We automatically collect information about how you interact with the platform, including pages visited, features used, questionnaires processed, and performance metrics.

2.3 Content Data

Documents you upload (security policies, certifications, questionnaires) are stored securely and processed to build your knowledge base. This data remains yours and is never shared with other customers.

3. How We Use Your Information

  • Provide, maintain, and improve our services
  • Process and complete security questionnaires using AI assistance
  • Send transactional communications (account verification, billing, support)
  • Analyze usage patterns to improve the product
  • Comply with legal obligations

4. Data Sharing

We do not sell your personal data. We share data only with subprocessors necessary to operate the service (see our Security page for the full list). All subprocessors are bound by data processing agreements.

5. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we remove all personal data and uploaded content within 30 days. Anonymized analytics data may be retained longer.

6. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to processing
  • Withdraw consent at any time

To exercise these rights, contact us at contact@trustopsautopilot.com.

7. Security

We implement industry-standard security measures including encryption in transit and at rest, role-based access control, and regular security audits. See our Security Overview for details.

8. Contact

For privacy-related inquiries, contact our Data Protection Officer at contact@trustopsautopilot.com.