TrueSpec Privacy Policy
Effective 2026-05-24. How TrueSpec (Sopko Technologies, LLC) handles personal data of the people who use our service. Plain English. Provided as-is; not legal advice.
Scope note: this policy covers personal data of account users (your staff's names, emails, logins, and usage). The product Content that Publishers upload and Consumers read is governed by the Publisher and Consumer Agreements, not this policy — product specs and images aren't personal data.
1. Who we are
TrueSpec (Sopko Technologies, LLC) operates the service at truespec.net. Contact: [email protected].
2. What we collect
- Account and profile data — name, business email, company, role, and similar details you provide when you register or are invited.
- Authentication data — we store a secure hash of your password, never the password itself.
- Usage and metering data — records of API requests and portal activity, including timestamps, request identifiers, endpoints accessed, approximate IP address, and the account the activity is attributed to.
- Support communications — what you send us when you contact support.
- Essential cookies — a session cookie to keep you logged into the portal (HttpOnly, SameSite=Lax). We do not use third-party advertising or cross-site-tracking cookies.
3. How we use it
To provide and operate the service; authenticate you and secure your account; meter, attribute, and protect against abuse of the API; communicate with you about the service; improve the product; and comply with law. Metering data also supports future billing.
4. How we share it
We don't sell your personal data. We share it only with:
- Service providers (subprocessors) who help us run the service:
- Cloudflare, Inc. — edge proxy, CDN, TLS termination, and DNS for truespec.net. Acts as a network intermediary for all portal and API traffic.
- We do not currently use third-party object storage, transactional email, analytics, or error-tracking services. When we add any, we'll update this list before the service goes live.
- Legal recipients when required by law or to protect rights and safety.
- A successor in a merger, acquisition, or sale of the business.
5. How we protect it
Password hashing, access controls, and encryption in transit. No system is perfectly secure, and we can't guarantee absolute security.
6. How long we keep it
We keep account data while your account is active and for 30 days afterward, and metering/log data for 13 months. We delete or anonymize data when it's no longer needed, subject to legal and legitimate operational requirements.
7. Your choices and rights
You can access, correct, or request deletion of your personal data by contacting [email protected]. Depending on where you live, you may have additional rights (for example under the GDPR or CCPA), including access, portability, deletion, and objection.
8. International transfers
If we process data outside your country, we take steps to protect it as required by applicable law.
9. Children
The service is for businesses and isn't directed to children under 18; we don't knowingly collect their data.
10. Changes
We may update this policy on notice; material changes get 30 days' notice.
11. Contact
[email protected] · 816 Cherry Lane, Lower Burrell, PA 15068.