Privacy Policy - TrustWise

Overview

This Privacy Policy establishes the information handling practices of TrustWise, a private trust creation and management platform operating as an auxiliary of Endogon Earth Trust. As a private jurisdiction entity within a faith-based organization, we are deeply committed to individual self-sovereignty, absolute privacy, and the sanctity of confidential trust information.

Key Points

• Complete recognition of individual self-sovereignty
• Minimal information collection only for requested services
• No third-party sharing except essential service providers under strict agreement
• Private jurisdiction data governance under equity and natural law
• User control over data retention and deletion
• Encrypted storage and transmission of sensitive trust information
• No government reporting or statutory compliance obligations

Our Commitment to Self-Sovereignty

TrustWise operates as a private jurisdiction entity and auxiliary of Endogon Earth Trust, a Private Membership Association and faith-based organization. We recognize and honor the inherent self-sovereignty of all individuals who interact with our platform. We understand that trust information is among the most sensitive and private data, warranting the highest levels of confidentiality and protection.

Information We Collect

Account Information

When you create a TrustWise account, we collect:

• Name and email address for account identification and communication
• Password credentials (encrypted and never stored in plain text)
• Optional contact information if you choose to provide it
• Subscription and payment information processed through secure third-party payment providers

Trust Profile Information

During conversational trust creation, we collect and process:

• Trust structure details (trust name, purpose, type)
• Information about trustees, beneficiaries, and their relationships
• Asset descriptions and trust property details
• Governance preferences and administrative instructions
• Any additional information you provide during the AI-guided creation process

Usage and Platform Data

We automatically collect:

• Login timestamps and session duration
• Feature usage patterns for platform improvement
• Device and browser information for compatibility and security
• Error logs and diagnostic data for troubleshooting

Communications

We retain records of:

• Support inquiries and correspondence
• Feedback and feature requests
• Platform notifications and administrative communications

How We Use Your Information

Service Delivery

We use your information to:

• Authenticate your access to the platform
• Generate customized trust documents based on your specifications
• Store and manage your trust profiles
• Process subscription payments and maintain billing records
• Provide AI-powered assistance and recommendations
• Deliver platform features and functionality

Platform Improvement

We use aggregated, anonymized data to:

• Enhance AI model performance and accuracy
• Improve user interface and experience
• Develop new features aligned with member needs
• Identify and resolve technical issues
• Optimize platform security and performance

We never use your specific trust details for training purposes or share identifiable information in aggregated datasets.

Communications

We use your contact information to:

• Send account notifications and security alerts
• Provide subscription and billing updates
• Share platform updates and new features
• Respond to support inquiries
• Deliver educational content you've opted to receive

You may opt-out of non-essential communications at any time while maintaining access to critical account and security notifications.

Information Sharing and Disclosure

Strict No Third-Party Sharing Policy

We maintain absolute privacy of all member and trust information. We do not sell, rent, trade, or disclose any personal or trust-related information to third parties for marketing, data brokerage, or any other commercial purpose.

Essential Service Providers

We work with carefully selected service providers who assist in platform operation under strict contractual confidentiality agreements:

Payment Processing:

• Payment processors (e.g., Razorpay) handle subscription billing
• They receive only information necessary to process transactions
• They operate under their own privacy policies and contractual terms with us
• We do not store full payment card details on our servers

AI and Cloud Services:

• AI model providers process trust information for document generation
• Cloud infrastructure providers (Supabase, Vercel) host platform and database
• These providers operate under data processing agreements with strict confidentiality terms
• Data is encrypted both in transit and at rest

Knowledge Graph and Memory Services:

• Memory management providers (Zep) help maintain conversational context
• Graph database providers support knowledge organization
• All providers operate under privacy-preserving agreements

Legal Requirements and Private Jurisdiction

As a private jurisdiction entity:

• We do not voluntarily report to government agencies
• We do not comply with statutory disclosure requirements
• We resist compelled disclosure through all available means
• We operate under principles of private contract and equity law

In the unlikely event of compelled disclosure:

• We will notify affected members to the fullest extent permitted
• We will limit disclosure to the absolute minimum legally required
• We will challenge any overly broad or improper demands

Business Transitions

In the event of business sale, merger, or transfer:

• Member data would be transferred only under equivalent privacy protections
• We would provide advance notice of any such transition
• You would have the option to export and delete your data before transfer

Data Security and Protection

Encryption and Access Controls

We implement robust security measures:

• End-to-end encryption for data transmission (TLS/SSL)
• Encryption at rest for database storage
• Multi-factor authentication options for account access
• Role-based access controls limiting internal data access
• Regular security audits and vulnerability assessments

Private Jurisdiction Architecture

Our infrastructure design reflects private jurisdiction principles:

• Data sovereignty through distributed architecture where feasible
• Minimal centralized storage of sensitive information
• User control over data retention and deletion
• Separation of identity data from trust content

Data Backup and Redundancy

We maintain:

• Regular automated backups for data protection
• Geographic redundancy to prevent data loss
• Disaster recovery procedures
• Backup encryption with the same standards as primary storage

Security Limitations

Despite best efforts, no system is impervious to breach. You acknowledge:

• Inherent risks in electronic data storage and transmission
• Your responsibility to maintain strong account credentials
• The importance of downloading and securely storing copies of critical trust documents
• Your option to maintain offline copies independent of the platform

Your Privacy Rights and Controls

Data Access and Portability

You have the right to:

• Access all information we hold about you
• Export your trust profiles and generated documents
• Request copies of your data in machine-readable formats
• Review your account activity and platform usage history

Data Correction and Modification

You may:

• Update your account information at any time
• Modify trust profiles and correct errors
• Request assistance with bulk data corrections
• Maintain historical versions of trust documents

Data Deletion and Account Closure

You may request:

• Deletion of specific trust profiles
• Removal of old or superseded trust versions
• Complete account closure and data deletion
• Selective retention of certain documents while deleting account

Upon account closure:

• We delete your account credentials immediately
• We purge personal information within 30 days
• We may retain anonymized usage statistics for platform improvement
• We maintain billing records as required for financial accountability

Communication Preferences

You control:

• Frequency and type of platform communications
• Educational content subscriptions
• Feature announcement notifications
• Marketing communications (always optional)

Essential account, security, and billing communications cannot be disabled while maintaining an active account.

Data Retention

Active Account Data

While your account is active:

• We retain all data necessary for service delivery
• You control retention of specific trust profiles and documents
• Historical versions are maintained for your reference and rollback capability

Closed Account Data

After account closure:

• Personal information is deleted within 30 days
• Trust documents may be retained if you've shared them with third parties (trustees, beneficiaries)
• Anonymized usage data may be retained indefinitely for analytics
• Billing records are retained as required for financial records

Legal Holds

In the event of active disputes or legal proceedings:

• We may suspend normal deletion procedures
• Affected data will be isolated and protected
• Retention will be limited to information directly relevant to the matter
• Normal deletion will resume upon matter resolution

Children's Privacy

TrustWise is not directed to individuals under the age of 18. We do not knowingly collect information from minors. If we discover that a minor has created an account:

• We will terminate the account immediately
• We will delete all associated information
• We will notify the account email address of the termination

International Data Considerations

Primary Jurisdiction

TrustWise operates primarily within private jurisdiction frameworks, specifically:

• Not subject to GDPR, CCPA, or other statutory privacy regimes
• Governed by principles of equity and natural law
• Respecting private contract terms over statutory requirements

Cross-Border Data

If you access TrustWise from outside our primary operational region:

• Your data may be transferred to and processed in different locations
• We maintain consistent privacy protections regardless of location
• You acknowledge and accept the private jurisdiction nature of our operations

Cookies and Tracking Technologies

Essential Cookies

We use cookies necessary for platform functionality:

• Session management and authentication
• Security and fraud prevention
• Platform functionality and user preferences

Optional Analytics

We may use analytics tools to understand platform usage:

• These are implemented with privacy-preserving approaches
• You may opt-out through browser settings or platform preferences
• We do not use cookies for advertising or cross-site tracking
• We do not share cookie data with third-party advertisers

Third-Party Integrations and Links

External Services

TrustWise may integrate with or link to external services:

• Payment processors for subscription billing
• Knowledge bases and educational resources
• Professional service directories (future feature)

These external services:

• Operate under their own privacy policies
• Are selected based on privacy and security standards
• Should be reviewed independently before use

No Responsibility for Third Parties

We are not responsible for:

• Privacy practices of external services
• Content or security of linked websites
• Data handling by trustees, beneficiaries, or advisors you share documents with

Changes to This Privacy Policy

TrustWise reserves the right to update this Privacy Policy:

• Changes will be posted to the platform with effective date notice
• Material changes will be communicated via email to active members
• Continued use after changes constitutes acceptance
• You may terminate your account if you disagree with modifications

We will never retroactively reduce privacy protections for existing data without explicit consent.

Privacy by Design

Foundational Principles

TrustWise is built on privacy-first architecture:

• Minimal data collection by design
• Purpose limitation for all data use
• Strong encryption as default
• User control and transparency
• Privacy protection throughout data lifecycle

Ongoing Commitment

We continuously:

• Review and improve privacy practices
• Update security measures against emerging threats
• Train team members on confidentiality obligations
• Engage privacy and security experts for guidance
• Listen to member concerns and feedback

Contact Information

For privacy-related inquiries, questions, or to exercise your privacy rights, please contact:

TrustWise Privacy Officer Through Endogon Earth Trust designated communication channels

Platform Support:

• In-platform support messaging
• Email: trustwise@endogon.org (when available)

Mailing Address: (To be provided upon request through secure channels)

Response Timeframes

We commit to:

• Acknowledge privacy inquiries within 48 hours
• Fulfill data access requests within 30 days
• Process deletion requests within 30 days
• Respond to security concerns immediately

Acknowledgment

By creating an account and using TrustWise services, you acknowledge that:

• You have read and understand this Privacy Policy
• You consent to the collection, use, and processing of information as described
• You understand the private jurisdiction nature of our operations
• You accept the responsibility to protect your own account credentials and downloaded documents
• You recognize the importance of reviewing this policy periodically for updates