Skip to content
Back to home

Privacy Policy

Last updated: February 2026

The short version

TrustWord uses a server for initial setup - connecting you with the people in your circles - but all verification happens offline on your device. We have no analytics and no tracking. We don't know who you are or what your passphrases are. Your cryptographic secrets and passphrases never leave your device.

What data stays on your device

TrustWord stores circle metadata (names, icons, colors, and notes) in your device's local storage and cryptographic secrets in the platform's secure keystore (iOS Keychain or Android EncryptedSharedPreferences). None of this data is transmitted to us or any third party.

Cloud backup

If you enable cloud backup in the app settings (on by default on iOS), your circle secrets are synced via your platform's end-to-end encrypted storage (iCloud Keychain on iOS, encrypted backup on Android). This data is encrypted and inaccessible to us. You can disable this at any time in Settings.

No accounts or identifiers

TrustWord does not require or collect email addresses, phone numbers, or any other personal information. There are no user accounts. A device-generated identifier and a display name you choose are stored on our server to facilitate circle setup. No real-world identity information is required.

No analytics or tracking

TrustWord contains no analytics SDKs, no crash reporting services, no advertising frameworks, and no tracking of any kind. We don't know how many people use the app or how they use it.

Network requests

TrustWord communicates with our server (hosted on Cloudflare) during initial setup - creating circles, inviting members, and exchanging public keys. These requests transmit only the minimum data needed: device identifiers, circle membership, and public keys for end-to-end encrypted key agreement.

After setup, all verification works fully offline. Your shared secrets, passphrases, and private cryptographic keys are never sent to our server. The only other network activity is your platform's own cloud sync if you have backup enabled.

Server-stored data

To facilitate circle setup and member connections, the following data is stored on our server:

  • A device-generated identifier (UUID) and display name you choose
  • Public keys for key agreement and request signing (your private keys never leave your device)
  • Circle names and membership records
  • A 30-day audit log of membership changes
  • A push notification token (APNs on iOS, FCM on Android) for circle notifications

This data is used solely to operate TrustWord. We do not sell, share, or use it for any other purpose. Your shared secrets and passphrases - the core of TrustWord's verification - are never transmitted to or stored on our server.

Camera access

TrustWord requests camera access solely to scan QR codes when joining a circle. Camera data is processed locally and is never recorded, stored, or transmitted.

Biometric authentication

TrustWord can optionally lock the app with biometrics (Face ID / Touch ID on iOS, fingerprint / face unlock on Android). Biometric data is handled entirely by the operating system and is never accessible to TrustWord.

Children's privacy

TrustWord stores only device-generated identifiers and user-chosen display names - no real-world identity information is required or collected. The app is suitable for all ages.

Changes to this policy

If we ever change this policy, we'll update this page. Given our architecture, any meaningful change would require a new version of the app.

Contact

Questions? Email privacy@trustword.app.