Effective Date: May 18, 2026
Data Controller: Truevois LLC
Registered Jurisdiction: United States of America
Contact Email: [email protected]
1. INTRODUCTION AND OVERVIEW
1.1 Scope of this Policy
This General Data Protection Regulation (GDPR) Privacy Policy governing Truevois defines how Truevois LLC ("Truevois", "we", "us", or "our") processes, collects, secures, structures, and retains the personal data of data subjects located within the European Economic Area (EEA), the United Kingdom (UK), and Switzerland. Truevois operates an open-access digital review ecosystem connecting businesses and consumers globally.
1.2 Our Commitment
Although Truevois is a corporate entity registered, organized, and headquartered within the United States of America, we structurally incorporate data protection principles into our core infrastructure. Truevois recognizes the cross-border nature of digital interactions. This policy establishes our legal frameworks for handling European user profiles, merchant accounts, analytical metadata, and public review data.
1.3 Interface with General Terms
This document forms an inseparable component of the Truevois Master Service Agreement and the Truevois Business Terms and Conditions. Every user profile registered on Truevois and every corporate representative interacting via [email protected] is bound by these comprehensive privacy structures.
2. ORGANIZATIONAL DETAILS AND DATA CONTROLLER
2.1 Identity of the Controller
The sole legal data controller responsible for the processing operations executed across the global Truevois review ecosystem is:
· Corporate Legal Entity: Truevois LLC
· Country of Incorporation: United States of America
· Primary Communications Hub: business@Truevois.com
2.2 Data Protection Representative in the EU/UK
Pursuant to Article 27 of the GDPR, Truevois maintains a designated legal representative within the European Union and the United Kingdom to act as a localized point of contact for regulatory supervisory authorities and individual data subjects. All inquiries directed to these representatives must initially be routed through our centralized global data management inbox at [email protected] for rapid operational routing.
3. THE LEGAL BASES FOR PROCESSING UNDER GDPR
Truevois only processes personal data when a valid legal foundation under Article 6 of the GDPR applies. We categorize our primary processing frameworks under the four pillars outlined below.
┌────────────────────────────────────────────────────────┐
│ Truevois LEGAL BASES MATRIX │
└───────────────────────────┬────────────────────────────┘
│
┌─────────────────────────┼─────────────────────────┐
▼ ▼ ▼
┌──────────────────┐ ┌──────────────────┐ ┌──────────────────┐
│ 1. CONSENT │ │ 2. CONTRACT │ │ 3. LEGITIMATE │
│ Account creation │ │ Executing review │ │ Fraud, security, │
│ Marketing opt-in │ │ and portal terms │ │ B2B messaging │
└──────────────────┘ └──────────────────┘ └──────────────────┘
3.1 Consent (Article 6(1)(a) GDPR)
Truevois relies on unambiguous, affirmative, and freely given consent for specific consumer-facing activities. This includes creating an optional user profile, uploading a public avatar, opting into consumer marketing newsletters, or authorizing Truevois to access geolocation data via your web browser. You retain the right to withdraw this consent at any moment without penalty.
3.2 Performance of a Contract (Article 6(1)(b) GDPR)
Truevois must process specific datasets to execute the contract you enter when agreeing to our platform terms. This includes:
· Processing consumer information to publish, sort, and manage authentic reviews.
· Processing corporate data received at business@Truevois.com to deliver business dashboard access to claimed entities.
· Managing premium b2b software features for companies operating paid profiles on Truevois.
3.3 Legitimate Interests (Article 6(1)(f) GDPR)
Truevois processes data to protect, analyze, and scale our review marketplace, provided these activities do not override your fundamental rights and freedoms. Our legitimate business interests include:
· Platform Security: Defending Truevois against distributed denial-of-service (DDoS) attacks, malicious scripting, and vulnerability exploits.
· Review Integrity: Utilizing AI algorithms to analyze user behaviors to detect fake reviews, spam operations, paid corporate review campaigns, and coordinated defamation.
· B2B Growth: Reaching out to public businesses in the United States of America and Europe to invite them to claim their Truevois profile using business@Truevois.com.
3.4 Compliance with Legal Obligations (Article 6(1)(c) GDPR)
Truevois operates under the regulatory oversights of multiple corporate, taxation, and anti-fraud frameworks. We process and share transactions, corporate identities, and accounting data when required to satisfy statutory tax obligations, financial report compliance, judicial orders, or law enforcement mandates within the United States of America or international regulatory borders.
4. DETAILED CATEGORIES OF DATA Truevois COLLECTS
Truevois collects several categories of personal data to deliver a secure, scalable, and fully transparent review environment.
4.1 Consumer Data (The Reviewer Platform)
Account Creation Information
When a consumer establishes an account on Truevois, we require a verifiable first name, last name, unique email address, and secure password. Users may optionally provide an account avatar, geographical city location, and gender preference.
Public Review and Engagement Metrics
This encompasses the core user output published across Truevois:
· Written feedback, assigned star ratings, company names, and dates of transactions.
· Photographic evidence uploaded to support a consumer dispute.
· Platform engagement stats, including the number of helpful votes received, total reviews written, and reports submitted regarding platform abuse.
Technical and Device Telemetry
Truevois logs passive telemetry data when individuals navigate our web applications:
· Internet Protocol (IP) addresses, unique device identifiers (UUID), browser configurations, operating systems, and internet service provider (ISP) logs.
· Behavioral session mappings, including page click patterns, referral links, and duration metrics on specific Truevois business pages.
+-------------------------------------------------------------------------+
| SUMMARY OF USER DATA COLLECTED BY Truevois |
+--------------------------+----------------------------------------------+
| Category | Specific Data Elements |
+--------------------------+----------------------------------------------+
| Account Info | First/Last name, verified email, password |
| Review Content | Text, star rating, photos, metadata |
| Device Telemetry | IP address, browser type, cookies, device ID |
| B2B Representative | Work email, company role, business phone |
+--------------------------+----------------------------------------------+
4.2 Corporate and Business Data (The Merchant Platform)
Claim Verification Information
To safeguard business listings, Truevois validates the identity of corporate users. When a business claims its profile, we collect company registration documents, tax identifiers, registered business physical addresses, corporate telephone lines, and verified work emails matching the business destination domain.
Professional Communications Logs
Truevois monitors and archives communications directed to our formal corporate inbox at [email protected], along with internal ticketing communications transmitted through the Truevois Business Portal. This data includes full correspondence histories, system access logs, and employee profile assignments.
Financial and Premium Transactional Logs
For commercial entities upgrading to premium business packages on Truevois, we compile structured invoicing registries, purchase dates, product tiers, corporate tax identification numbers, and encrypted billing addresses. Truevois tokenizes payment methods; credit card fields are sent straight to PCI-DSS compliant processing centers without storing raw numbers on our servers.
5. SOURCE OF PERSONAL DATA
Truevois processes personal data derived from three distinct channels:
5.1 Direct Input
Information provided directly by you when filling in fields on Truevois, uploading images, sending operational queries to [email protected], or submitting verification details.
5.2 Automated Collection
Data compiled silently by our system architecture when you view or interact with Truevois. This includes platform session details and tracking cookies.
5.3 Third-Party Aggregation
Truevois gathers data from third parties to maintain an index of global companies. We source company names, commercial addresses, and industry categories from open public corporate registries in the United States of America, Europe, and public business directories.
This information lets consumers review a business even before a company representative officially claims their listing via [email protected].
6. COOKIE AND TRACKING POLICY
6.1 Purpose of Cookies
Truevois uses cookies, web beacons, and tracking pixels to optimize platform speeds, store your language preferences, track marketing campaigns, and evaluate platform health.
┌────────────────────────────────────────────────────────┐
│ Truevois COOKIE ARCHITECTURE │
└───────────────────────────┬────────────────────────────┘
│
┌─────────────────────────┼────────────────*********┐
▼ ▼ ▼
┌──────────────────┐ ┌──────────────────┐ ░░░░░░░░░░░░░░░░░░┐
│ 1. ESSENTIAL │ │ 2. ANALYTICAL │ ░ 3. MARKETING ░
│ Session state │ │ Session heatmaps │ ░ Retargeting ░
│ Fraud prevention │ │ Error tracking │ ░ Third-party ads ░
└──────────────────┘ └──────────────────┘ ░░░░░░░░░░░░░░░░░░┘
(User Opt-in Only) (User Opt-in Only)
6.2 Classification of Cookies Used
Essential Cookies
These files are required to navigate Truevois securely. They manage active user login sessions, distribute traffic load, and run our security systems. The platform cannot operate without these files, so they do not require user opt-in.
Performance and Analytical Cookies
Truevois uses tools like Google Analytics to compile anonymous metrics on page popularity, referral sources, and platform errors. These files are blocked by default for European users until you click "Accept All" or opt in via our cookie management banner.
Marketing and Behavioral Advertising Cookies
Truevois displays ads to keep our consumer services free. We and our advertising partners use tracking cookies to show you relevant ads based on your browsing history. These cookies are entirely optional and require your active consent before deploying.
6.3 Universal Opt-Out Mechanisms
You can manage your cookie preferences at any time through our on-site privacy dashboard. You can also block cookies across the web by updating your browser settings (Chrome, Safari, Firefox, Edge). Truevois respects Global Privacy Control (GPC) signals sent by browsers that automatically request data minimization.
7. THIRD-PARTY DISCLOSURES AND DATA SHARING
Truevois never sells consumer personal histories or review data to third-party data brokers. We share data only with the trusted service providers and partners outlined below.
7.1 Cloud Hosting and Technical Infrastructure Partners
Truevois uses secure, global data hosting providers (such as Amazon Web Services and Google Cloud Platform) with servers located in the United States of America to manage our data traffic, website assets, and reviews.
7.2 Anti-Fraud and Security Providers
To keep Truevois clear of spam and fake accounts, we share technical data (like IP addresses and browser fingerprints) with automated security tools. These platforms run real-time checks to catch automated bots, malicious actors, and coordinated review fraud.
7.3 Corporate Business Entities
When a consumer posts a public review on Truevois, the company being reviewed can view that content, the star rating, and the reviewer's public name.
If a business needs to confirm a transaction, they can contact the reviewer through our secure, private message portal. They can also contact Truevois support directly at [email protected] to request an internal evaluation of a review.
7.4 Legal Mandates and Law Enforcement
Truevois may share account information with law enforcement or regulatory authorities if required by law. This occurs if we receive a valid subpoena from a court in the United States of America, or an enforceable court order from an international jurisdiction with legal authority over our platform operations.
8. INTERNATIONAL TRANSFERS OF PERSONAL DATA
8.1 The US-EU Transatlantic Reality
Truevois processes and stores its core databases within the United States of America. This means the personal data of European data subjects is transferred outside of the EEA, UK, or Switzerland to a country that does not have an identical adequacy decision from the European Commission.
┌──────────────────────────────┐ ┌──────────────────────────────┐
│ EUROPEAN UNION │ │ UNITED STATES OF AMERICA │
│ (Data Subjects / Users) │ │ (Truevois HQ / Databases) │
└──────────────┬───────────────┘ └──────────────▲───────────────┘
│ │
│ TRANSATLANTIC DATA TRANSFER │
└─────────────────────────────────────────────┘
- Standard Contractual Clauses (SCCs)
- Technical Encryption Protocols (TLS / AES)
- Direct Operations Managed via business@Truevois.com
8.2 Our Safe Transfer Frameworks
To guarantee your data remains secure when moving across borders, Truevois uses the following legal safeguards:
Standard Contractual Clauses (SCCs)
Truevois incorporates the European Commission’s approved Standard Contractual Clauses directly into our internal data workflows and vendor agreements. This requires all parties to protect European data with the same security standards used within the EU.
Technical Security Standards
We protect transferred data using Transport Layer Security (TLS) encryption during transit and Advanced Encryption Standard (AES-256) encryption at rest within our US server infrastructure.
Operational Privacy Contacts
Our data protection team handles cross-border privacy inquiries directly. European users and regulators can reach us at [email protected] regarding international data processing frameworks.
9. COMPREHENSIVE DATA RETENTION PROTOCOLS
Truevois stores your personal data only as long as necessary to run a secure review ecosystem, manage active business listings, or meet financial and legal requirements.
9.1 Active Profiles and Public Content
· User Accounts: We keep consumer profile details as long as the account remains active. If an account is inactive for five consecutive years, Truevois flags it for a review check.
· Public Reviews: Reviews stay live on Truevois indefinitely to help our community, unless the user chooses to delete their account or remove the post.
If a business listed on Truevois closes or changes ownership, we archive the historic review history and reset the profile for the new entity.
9.2 Inactive and Deactivated Accounts
When a consumer closes their Truevois profile, we start an automated cleanup cycle. Within thirty (30) days, the account information is permanently erased or fully anonymized.
Once anonymized, the text of the review stays on the platform to preserve community history, but the author's name and profile image are replaced with a generic "Anonymous User" label, completely separating the text from your real-world identity.
9.3 B2B Correspondence and Financial Records
· Business Emails: All corporate messages and validation requests sent to business@Truevois.com are kept for seven (7) years to protect against fraud and resolve legal disputes.
· Invoices and Payments: Billing logs for premium business accounts are retained for seven (7) years to comply with federal tax laws in the United States of America.
10. TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES
Truevois maintains strong security systems to protect personal data from accidental loss, unauthorized access, or disclosure.
10.1 System Security and Encryption
· Data in Transit: All traffic to Truevois is encrypted using HTTPS and Transport Layer Security (TLS 1.3).
· Data at Rest: Databases, user credentials, and corporate verification records are encrypted using AES-256 standards.
· Credential Protection: User passwords are secured using cryptographic hashing algorithms (such as bcrypt) before they are saved to our database, meaning Truevois employees cannot see your raw password.
10.2 Internal Controls and Access Rights
· Role-Based Access Control (RBAC): Access to private user data is restricted to authorized Truevois technicians who need it to manage support requests or fraud investigations.
· Access Monitoring: All employee access to user profiles or business validation histories is logged in a secure audit trail.
· Staff Training: Every employee managing support queues or responding to messages via business@Truevois.com completes annual data protection training covering GDPR rules and secure data handling.
11. YOUR EXPLICIT DATA SUBJECT RIGHTS UNDER GDPR
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the GDPR regarding your data on Truevois.
+--------------------------------------------------------------------------+
| GDPR DATA SUBJECT RIGHTS ON Truevois |
+----------------------+---------------------------------------------------+
| Right | Operational Implementation on Truevois |
+----------------------+---------------------------------------------------+
| 1. Access | Download full account activity file from profile |
| 2. Rectification | Update name, email, and reviews in dashboard |
| 3. Erasure | Direct "Delete Account" option clears data in 30d |
| 4. Portability | Export data in machine-readable JSON format |
| 5. Restriction | Freeze profile visibility during active disputes |
| 6. Objection | One-click link to stop all promotional marketing |
+----------------------+---------------------------------------------------+
11.1 Right of Access (Article 15 GDPR)
You have the right to request a full copy of the personal data Truevois holds about you. You can check your account settings or contact our support team to see your profile details, login history, and review records.
11.2 Right to Rectification (Article 16 GDPR)
If any information on your account is incorrect or incomplete, you can update it at any time. Consumers and business users can edit their profile details directly through their respective Truevois dashboards.
11.3 Right to Erasure / "Right to be Forgotten" (Article 17 GDPR)
You can ask Truevois to permanently delete your personal data. When you request account deletion, we remove your profile details and personal info within thirty days, except where we are legally required to keep records for financial or tax purposes.
11.4 Right to Restrict Processing (Article 18 GDPR)
You can ask Truevois to pause processing your data without deleting it entirely. This applies if you are challenging the accuracy of your data or disputing how it is used, allowing us to keep the data frozen while your request is reviewed.
11.5 Right to Data Portability (Article 20 GDPR)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format (such as JSON or CSV), allowing you to easily transfer your data to another platform.
11.6 Right to Object (Article 21 GDPR)
You can object to Truevois processing your data for marketing campaigns or analytical research. You can opt out of marketing emails instantly by clicking the "Unsubscribe" link at the bottom of any message we send.
12. STEP-BY-STEP PROCESS FOR EXERCISING PRIVACY RIGHTS
Truevois has a dedicated framework to handle privacy requests quickly and securely.
┌────────────────────────────────────────────────────────┐
│ DATA SUBJECT REQUEST FLOW (Truevois PROCESS) │
└───────────────────────────┬────────────────────────────┘
│
Step 1: Submit Request to business@Truevois.com
│
▼
Step 2: Security & Identity Verification Check
│
▼
Step 3: Internal Review & Data Compilation
│
▼
Step 4: Secure Delivery within 30 Days (No Fee)
Step 1: Submit Your Request
Send an email to our data protection team at [email protected] with a clear subject line, such as "GDPR Privacy Request" or "Right to Erasure".
Step 2: Identity Verification
To protect your privacy, Truevois must verify your identity before processing your request. We will ask you to confirm your request via the registered email address associated with your Truevois profile, or provide proof of your business registration if you are updating a corporate listing.
Step 3: Processing Timeframe
Truevois processes valid privacy requests free of charge within thirty (30) calendar days. If a request is highly complex or if we receive a large volume of inquiries at once, we may extend this window by up to sixty (60) additional days, and we will keep you updated on our progress.
Step 4: Outbound Delivery
We deliver data reports through a secure digital download link sent directly to your verified email address, protecting your personal details from unauthorized interception.
13. AUTOMATED DECISION-MAKING AND REVIEW MODERATION
13.1 AI Fraud Detection
Truevois uses automated software algorithms to monitor the authenticity of reviews across our platform. These tools analyze review text patterns, user connection speeds, IP locations, and account ages to flag potential spam, paid content, or fake reviews.
13.2 Human Review Safeguards
Our automated filters help protect the platform, but they do not make final, irreversible decisions on user accounts without oversight.
If our system flags a review as suspicious, it may temporarily hide the post for safety. Account holders can contact our support team at [email protected] to request a manual human review if they believe a post was hidden in error.
14. MATERIAL UPDATES AND REVISIONS TO THIS POLICY
14.1 Continuous Revisions
Truevois updates this GDPR Privacy Policy periodically to reflect changes in data privacy law, new features on our platform, or updates to our corporate structure in the United States of America.
14.2 Notice Frameworks
When we make significant changes to this policy, we will post a prominent notice on the Truevois homepage and update the "Last Updated" date at the top of this document. For major updates that change how we use your personal information, we will notify registered users directly via email before the changes take effect.
We encourage you to review this policy periodically to stay informed about how Truevois protects your privacy.
15. CONTACT AND REGULATORY OVERSIGHT CONTACTS
If you have questions, concerns, or feedback about this privacy policy or our data management practices, please reach out to our team:
· Primary Email Support: [email protected]ruevois.com
· Subject Line: Data Protection Inquiry
· Corporate Office Registry: Truevois LLC, United States of America
If you are located in the EEA or UK and believe Truevois has not addressed your privacy concerns adequately, you have the right to file a complaint with your local Data Protection Authority (DPA). You can find contact details for European authorities on the European Data Protection Board website, and UK residents can contact the Information Commissioner’s Office (ICO).
