Our security is certified by an independent CPA. The AICPA SOC 2 Type 1 report shows that Trustworthy implemented strict information security policies and procedures, and meets or exceeds defined levels of processes and controls for the security of customer data.
Security
World-class security is the foundation
of your Family Operating System®
Your information is protected for all of life's important moments
Level up your family information security.
The Family Operating SystemⓇ is designed to shield you from breaches, identity theft, and other threats. Tokenization, AES 256-bit encryption, and multi-factor authentication are part of every Trustworthy account.
Exceeding security standards that matter
AICPA SOC 2 Type 1 Certified
GDPR Compliant
We meet the toughest privacy and security standard for personal data in the world. While GDPR is only required in the European Union, we provide GDPR protections for all our customers.
HIPAA-Compliant
We meet the security and privacy standard that hospitals use to protect your medical records and health information. HIPAA is a compliance framework designed to protect sensitive personal and health information, especially information held electronically.
How we keep your information secure:
Tokenization
Tokenization protects your information from hackers. The process removes sensitive data from Trustworthy servers and replaces it with a corresponding alias (token). Tokenization keeps your sensitive information separate from your account so only you can retrieve it.
256-Bit Encryption
Data is protected from the moment you upload it with Advanced Encryption Standard (AES) 256-bit encryption. This is the foundation of our security stack.
Regular Audits
We work with leading independent security experts to proactively identify vulnerabilities through penetration testing and security audits. They work tirelessly with our internal team to protect our members.
Multi-factor Authentication
Research suggests your accounts are 99.9% less likely to be compromised if you use two-factor authentication. Trustworthy’s mandatory two-factor authentication verifies your identity via SMS, voice, authenticator, biometric (mobile only) or security key before granting access to your account.
The Trustworthy Business Model
You are the sole owner and arbiter of your data. Trustworthy revenue comes from subscribers — not advertisers. We will never share or sell your personal information.
Learn MoreFrequently Asked Questions
As a Trustworthy member, you own your data, documents, and information and can add, delete, or download your digital property at will. We offer two options if you decide to unsubscribe from Trustworthy:
Delete your information: We have built our platform to fully delete all information upon request.
Download your information: Trustworthy future plans include an account owner feature to download their information at will.
Please email experts@trustworthy.com to delete or download your information.
If you would like to download your data, please contact our Experts team at experts@trustworthy.com.
If your subscription lapses, Trustworthy won’t delete your data until we confirm that you would like to cancel your account. However, you will need to resubscribe to access your account information.
To resubscribe or cancel your subscription, please contact us at experts@trustworthy.com.
In an emergency, Trustworthy can help your emergency contact(s) access your account. The Trustworthy team cannot access your most sensitive data, even in an emergency.
It is important to note that emergency contacts have no access to your account outside of emergencies.
Trustworthy uses aliasing to protect your information. Unlike encrypted data, aliased data cannot be “solved” — even by the Trustworthy team. As such, the Trustworthy team cannot see information like passwords, account numbers, social security numbers, and notes.
Additionally, the Trustworthy team has severely limited internal access to our data. All requests to access the production servers are routed, verified, and authorized by two members of the Trustworthy executive team. These team members have undergone rigorous background checks and have a legal, vested interest in keeping customer data safe and secure. Upon completion of server maintenance, access is immediately revoked.
For the limited pieces of information the Trustworthy code can “see”, our service returns value to you in the form of personalized actions and reminders. Personalization and reminders help you keep your information current and useful and save money on late fees, fines, rush fees, and other charges. Personalization and reminders are an important part of the value Trustworthy provides.
If you have any questions or concerns, please get in touch with us at: security@trustworthy.com.