1. Who we are
TrustDeck provides virtual data rooms for project finance, infrastructure, M&A, capital raising, and audit workflows. The Service is operated by GRIDOS (Pty) Ltd, registration number 2026/269762/07 ("TrustDeck", "we", "us"). This policy covers the marketing site at trustdeck.capital and the application at app.trustdeck.capital.
For anything in this policy — questions, requests, complaints — reach us via the contact form.
2. The two roles we play
For account, billing, and website data, TrustDeck is the controller: we decide how and why it is processed, and this policy governs.
For the content your organisation places in its workspace — documents, folders, Q&A threads, NDA templates, member lists — your organisation is the controller and TrustDeck is the processor, acting on its instructions under our Data Processing Agreement. If you were invited into a data room by an organisation, that organisation decides what is collected there and why.
3. What we collect
- Account data — your name, email address, authentication identifiers, and multi-factor authentication enrolment.
- Workspace content — documents and metadata your organisation uploads, Q&A messages, diligence checklists, and NDA templates. Processed only on the controlling organisation’s instructions.
- Access and audit records — IP address, browser user agent, timestamps, and the actions you take (views, downloads, permission changes, NDA acceptances). Tamper-evident access trails are a core feature of the service, not an analytics add-on.
- NDA acceptance evidence — when you accept an NDA, we record your typed name, email, IP address, user agent, timestamp, and a frozen copy of the document as you saw it.
- Technical data — essential session cookies and security tokens needed to keep you signed in.
- Billing data — plan, invoices, and payment status. Card details are handled by our payment provider and never stored on our systems.
- Support communications — emails you send us and our replies.
4. How we use personal data
- To provide, operate, and secure the service, including authentication and permission enforcement.
- To maintain the tamper-evident audit trails and acceptance evidence that the service exists to provide.
- To send transactional email — invitations, notifications, account messages. We do not send marketing email without your consent.
- To respond to support requests.
- To monitor errors and keep the service reliable. Our error monitoring masks document content and page text before anything leaves your browser.
- To comply with legal obligations.
5. Legal bases
Where European data protection law applies, we rely on: performance of a contract (providing the service you or your organisation signed up for); legitimate interests (securing the platform, maintaining evidence integrity, preventing abuse); legal obligation; and consent where we ask for it explicitly.
6. Audit trails and erasure limits
Audit logs and NDA acceptance records are append-only by design — they cannot be edited, by anyone, including us. Because controllers rely on them as evidence of who accessed what and what was agreed, requests to erase entries from these records may be refused to the extent the law permits retention for evidentiary integrity. Where erasure obligations apply, we work with the controlling organisation to meet them.
7. Sharing and sub-processors
We never sell personal data, and we use no advertising networks. We share data only with the sub-processors that run the service, bound by data-processing terms:
- Cloud database, authentication, and hosting infrastructure
- Object storage for documents
- Transactional email delivery
- Error and performance monitoring
- Background job scheduling
- Payment processing
The current sub-processor list, with names and regions, is available on request via the contact form. We may also disclose data where the law requires it — and where permitted, we tell the affected controller first.
8. International transfers
Documents and workspace data are hosted in the EU (Ireland) by default; alternative residency options are available on the Enterprise tier. Where a sub-processor processes personal data outside the hosting region, the transfer is protected by appropriate safeguards such as standard contractual clauses.
9. Retention
- Account data — for the life of your account, then deleted within a reasonable period.
- Workspace content — controlled by your organisation, including tier-based trash retention windows.
- Audit logs and NDA acceptance evidence — for the life of the workspace plus up to 7 years, reflecting their evidentiary purpose.
- Backups — expire on a rolling schedule.
10. Security
Workspace isolation enforced at the database layer, multi-factor authentication, server-side document watermarking, short-lived signed URLs, and encryption in transit and at rest. The full posture is described on our security page.
11. Your rights
Depending on your jurisdiction, you may have the right to access, correct, erase, restrict, or port your personal data, and to object to certain processing. To exercise these rights for account data, use our contact form. For data inside a workspace, contact the organisation that invited you — they are the controller, and we will assist them in responding.
You may also lodge a complaint with your data protection supervisory authority.
12. Cookies
The application uses essential cookies only — session and security tokens required to operate. The marketing site sets no third-party advertising or tracking cookies.
13. Children
The service is intended for professional use and is not directed at anyone under 18. We do not knowingly collect personal data from children.
14. Changes to this policy
We may update this policy as the service evolves. Material changes are announced by email or in-app notice before they take effect, and the "Last updated" date above always reflects the current version.