Privacy.
This page describes what data Truede collects today via the waitlist, the optional feedback form, and the contact form on truede.be. On any change, we bump the version above and archive a PDF of the previous version.
1. Who we are
Truede pre-launch is an initiative of SinnaSoft BV, company number BE 0791725975, registered office Lijsterstraat 30, 8450 Bredene, Belgium. Contact point: privacy@truede.be. SinnaSoft BV is the data controller under the GDPR. We have not appointed a Data Protection Officer because the criteria of Art 37 GDPR are not met; for any data-related question, use the address above.
2. What we collect and on which legal basis
Name and email address (required for signup): needed to reach you when beta access opens and at public launch. Legal basis: consent (Art 6(1)(a) GDPR), given by ticking the consent box on signup.
Optional waitlist fields: city and email language. Legal basis: consent.
Optional feedback answers: purchase frequency, role (buyer/seller/both), interest categories, attitude towards eID verification, pain points, short comment, and source of referral. Legal basis: consent.
Press/contact form: name, email, organisation, subject, message — only to answer your inquiry. Legal basis: consent and, for answering itself, legitimate interest (Art 6(1)(f)).
Short hash of your IP address and your user-agent string: solely for rate-limiting and abuse detection. Legal basis: legitimate interest (Art 6(1)(f)).
Cookieless analytics (Umami, self-hosted on our own infrastructure): anonymised pageviews and form interactions. No tracking cookies, no Google Analytics, no Meta pixels, no ad networks. Your IP is hashed server-side before Umami processes it. Legal basis: legitimate interest.
3. Why we process this data
To notify you when your beta access is ready and when Truede launches publicly; to shape the platform's rules and features based on real input from future users; to defend against abuse (spam, automated submissions, scraping) during the pre-launch. Nothing else.
4. Who sees your data
Data controller: SinnaSoft BV (see §1).
Sub-processors — all located within the European Economic Area:
• Hetzner Online GmbH (Germany, EU) — site and Postgres database hosting.
• Mailjet SAS (France, EU) — transactional email delivery (signup confirmation, beta invitation, launch notice).
No data is sold or shared with third parties for marketing or advertising. No data is transferred outside the EEA. No data is shared with public authorities unless legally required.
5. How long we keep it
Name, email, city, language preference, feedback answers: until you request deletion, or up to six months after public launch, whichever comes first.
Press/contact messages: up to 12 months after your last message, then deleted.
Hashed IP and user-agent: 30 days, then automatically deleted.
6. Your rights
Under the GDPR you have the right to: access, rectification, erasure («right to be forgotten»), restriction of processing, data portability, objection to processing, and withdrawal of consent at any time (without affecting prior lawful processing). One email to privacy@truede.be is enough — we respond within 30 days.
Right to lodge a complaint. If you believe we are infringing your rights, you can file a complaint with the Belgian Data Protection Authority (Drukpersstraat 35, 1000 Brussels, gegevensbeschermingsautoriteit.be).
7. No automated decision-making
We do not make automated decisions about you within the meaning of Art 22 GDPR. There is no profiling, no scoring, no algorithm making choices about you based on your data. The waitlist is processed manually or in batch; everyone is treated the same way.