Privacy Policy

This Privacy Policy applies to three categories of users:

• Subscribers — engineering firms and individuals who hold accounts on the Service and submit documents for review.
• Reviewers — consultants, contractors, clients, or other stakeholders who receive email links to review documents through the Service without creating an account.
• Visitors — anyone who visits trussreview.com without creating an account or reviewing a document.

We use the information we collect for the following purposes:

• To provide, operate, maintain, and improve the Service, including processing documents, routing review requests, generating transmittals, and maintaining the audit trail.
• To authenticate users, secure accounts, and prevent fraud or misuse.
• To process payments and manage subscriptions.
• To send transactional communications, including review invitations, reminders, transmittal notifications, security alerts, and administrative messages.
• To respond to support requests and communicate with you about the Service.
• To analyze usage, measure performance, develop new features, and improve user experience.
• To comply with legal obligations, enforce our Terms of Service, and protect the rights, property, or safety of the Company, our users, or others.
• To send marketing communications, where permitted by law and subject to your right to opt out.

To the extent the General Data Protection Regulation (GDPR) or similar laws apply, we process personal information on the following legal bases: (a) performance of a contract with you; (b) compliance with our legal obligations; (c) our legitimate interests in operating, securing, and improving the Service; and (d) your consent, where required.

We do not sell personal information. We share information only as described below:

• With Reviewers and other authorized recipients — when a Subscriber sends a document for review, we share the document, project metadata, and the Subscriber’s identifying information with the Reviewers identified by the Subscriber. When a Reviewer responds, we share their response (including identity and submissions) with the Subscriber and other authorized participants on the review.
• Service providers — we share information with vendors that help us operate the Service, including cloud hosting, storage, email delivery, payment processing, customer support, and analytics. These providers are bound by contractual obligations to use information only as needed to provide services to us.
• Legal and safety reasons — we may disclose information when required by law, subpoena, court order, or other legal process, or when we believe in good faith that disclosure is necessary to protect rights, property, or safety, to investigate fraud, or to enforce our Terms.
• Business transfers — in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred to a successor or affiliate.
• With your direction or consent — we may share information when you direct us to do so or otherwise consent.

We retain personal information and document content for as long as your account is active or as needed to provide the Service, maintain the audit trail, comply with legal obligations, resolve disputes, and enforce our agreements. Audit-trail data is retained for the life of the associated project and a reasonable period thereafter for evidentiary, legal, and contractual purposes. After termination of an account, we may retain residual copies in backups for a limited period before deletion in the ordinary course.

We use cookies and similar technologies to operate the Service, remember preferences, authenticate sessions, and analyze usage. You can control cookies through your browser settings, but disabling certain cookies may impair functionality. Where required by law, we will request your consent before placing non-essential cookies.

We implement administrative, technical, and physical safeguards designed to protect personal information and document content against unauthorized access, disclosure, alteration, or destruction. These safeguards may include encryption in transit, access controls, logging, and vendor diligence.

No method of transmission or storage is completely secure. Despite our reasonable efforts, we cannot and do not guarantee the absolute security of any information you submit to the Service. You acknowledge that you provide information at your own risk. Additional risk-allocation terms regarding data security incidents are set forth in our Terms of Service, which you agree to in addition to this Privacy Policy.

Depending on where you live, you may have rights regarding your personal information, including the right to:

• Access, correct, update, or request a copy of the personal information we hold about you.
• Request deletion of your personal information, subject to legal and contractual exceptions (including our need to retain audit-trail records).
• Opt out of marketing communications by following the unsubscribe instructions or contacting us directly.
• Restrict or object to certain processing, or request data portability, where applicable law provides such rights.
• Lodge a complaint with your data protection authority.

To exercise these rights, contact us using the information in Section 14. We will respond within the timeframe required by applicable law. We may need to verify your identity before fulfilling certain requests.

The Service is not directed to children under 16, and we do not knowingly collect personal information from children under 16. If we learn that we have collected such information, we will delete it promptly.

The Service is operated from the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States, which may have different data protection laws than your jurisdiction. By using the Service, you consent to such transfer and processing.

The Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices or content of those third parties. We encourage you to review their privacy policies.

We may update this Privacy Policy from time to time. The “Last Updated” date at the top reflects the most recent revision. Material changes will be communicated by posting the updated policy and, where appropriate, by additional notice (such as email). Your continued use of the Service after the effective date of changes constitutes acceptance of the updated policy.

If you have questions or requests regarding this Privacy Policy, contact: