trua.cloud

Privacy Policy

Last Updated: January 2026
Effective Date: January 2026

Nothing is collected unless it's necessary for a specific request, and nothing is shared unless you approve it. Everything stays linked to your Trua credential.

What is trua.cloud?

trua.cloud is a secure extension surface operated by Trua, Inc. ("Trua," "we," "us," or "our"). It enables authenticated holders to complete supplemental, purpose-specific validations that extend their Trua credential without breaking trust continuity.

trua.cloud does not:

  • Replace your Trua credential
  • Authenticate you independently
  • Establish identity from scratch
  • Create a parallel trust system

Instead, it receives an authenticated holder, facilitates a specific additional validation, and returns the outcome under the Trua trust umbrella.

How We Collect Information Differently

We don't just collect less data — we collect data differently:

  • With context: Every request is linked to a specific purpose and requesting organization
  • With consent: You see what's being requested and why before you proceed
  • With boundaries: Information is purpose-bound and not reused for other purposes
  • With continuity: Everything stays anchored to your existing Trua credential

Information We Collect

Information You Provide

Depending on the specific validation requested, you may provide:

  • Identity confirmation: Name, date of birth
  • Employment information: Employer names, job titles, dates, supervisor names
  • Education information: Schools, degrees, dates of attendance
  • Address history: Current and previous addresses
  • Professional credentials: Licenses, certifications
  • Attestations and signatures: Electronic confirmations

You are only asked for what's needed for the specific request — nothing more.

Information Collected Automatically

  • Session information: To maintain your session while completing a request
  • Device information: Browser type, operating system (for compatibility)
  • Log data: Access times, IP address (for security)

Information from Trua

When you arrive at trua.cloud, we receive authentication context from Trua that links this session to your existing credential. This ensures continuity without requiring you to re-verify your identity.

How We Use Your Information

Information collected through trua.cloud is used to:

  • Complete the specific validation you were directed here for
  • Link the outcome to your existing Trua credential context
  • Communicate with you about the request status
  • Maintain security and prevent fraud
  • Comply with legal obligations

Information is not used for:

  • Marketing or advertising
  • Purposes beyond the specific request
  • Building profiles for unrelated use

Information Sharing

With the Requesting Organization

The organization that directed you here (the "relying party") receives:

  • The information you submitted for this specific request
  • The validation outcome

Results are shared only with the organization that requested them, and only for the stated purpose.

With Trua

Outcomes are linked back to your Trua credential context to maintain trust continuity.

With Service Providers

We use service providers for infrastructure (cloud hosting, email delivery) who are contractually bound to protect your information and use it only to provide services to us.

Legal Requirements

We may disclose information if required by law, court order, or government request.

Your Rights and Control

You have the right to:

  • See what's requested: Before you proceed, you can review what information is being asked for and why
  • Access your information: Request a copy of what we have
  • Correct inaccuracies: Request correction of incorrect information
  • Request deletion: Ask us to delete your information (subject to legal retention requirements)
  • Withdraw: You can stop at any time before submitting

To exercise these rights, contact support@trua.cloud.

Data Security

We protect your information with:

  • Encryption: Data encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls: Role-based access, authentication required
  • Infrastructure: SOC 2 compliant cloud infrastructure
  • Monitoring: Continuous security monitoring

Email Communications

You may receive:

  • Access codes: To begin a validation (required)
  • Confirmations: When you complete a request (required)
  • Status updates: When something changes (required)
  • Reminders: If you haven't completed a request (can be opted out)

To opt out of reminders, email support@trua.cloud. Transactional emails (access codes, confirmations) cannot be opted out as they are necessary for the service.

Data Retention

  • Completed validations: Retained as required by law and agreements with requesting organizations
  • Incomplete requests: Deleted after 90 days of inactivity
  • Access logs: Retained for 12 months for security purposes

Staging Environment Retention

This instance of trua.cloud operates as a staging environment for integration testing and user acceptance validation. Data submitted in this environment is temporary and is used solely for testing and validation purposes. All submissions and associated data are automatically terminated after 90 days. No staging data persists beyond this retention window, and no manual deletion request is required.

Cookies

We use only essential cookies:

  • Session cookies: To maintain your session (expires when you close your browser)
  • Security cookies: To prevent cross-site request forgery

We do not use advertising or third-party tracking cookies.

Changes to This Policy

We may update this policy. Material changes will be communicated by updating the date at the top of this page and, where appropriate, by email.

Contact Us

Questions about this policy or your privacy:

Trua, Inc.
Email: support@trua.cloud