skip to Main Content

TrueFort | Privacy Policy

Updated: January 2023  

This Privacy Policy explains how TrueFort, Inc. (“TrueFort”) collects, uses, and discloses information you provide to us or which we otherwise collect (“Information”), including “Personal Data” by which we mean Information that allows us to determine your identity. 

 The use of our products and services, (collectively, “Offerings”), are subject to the terms of the applicable customer agreement. The use of our website is subject to the TrueFort Website Terms and Conditions of Use. The terms of this Privacy Policy are incorporated into and form part of those agreements. 

 Data Collection 

There are two primary ways in which TrueFort collects Information about you: through interactions and through Offerings as set forth below. 


When you interact online or offline with TrueFort, we may receive your Information, including your Personal Data. For example, we receive your Information when you: 

Visit TrueFort’s websites or offices 

  • Download materials through our websites 
  • Provide or update account information through our websites 
  • Register for or attend TrueFort-hosted or sponsored events (such as promotional events, webcasts, contests, or hackathons) 
  • Participate in community programs and TrueFort-managed repositories on third-party open-source platforms 
  • Communicate with us including by emails, phone, texts, and online chats 
  • Provide testimonials 

We collect Information about you from other sources such as public databases, commercial data sources, joint marketing partners, resellers, managed services providers and other partners, social media platforms, and conference/event hosts. 

We refer collectively to these contacts as “Interactions” and we explain below how we use the Information we collect through them.   

What We Collect via Your Interactions 

We (or others acting on our behalf) may collect your Information, including your Personal Data, through Interactions. The Personal Data we collect includes such things as: 

  • Name or alias 
  • Email address 
  • Physical address, including country 
  • Employer 
  • Title / position 
  • Payment details 
  • Phone number 
  • Username / user ID 
  • IP address 
  • MAC address (or other device identifiers automatically assigned to your device when you access the internet) 
  • Images and related metadata (for example, when visiting our offices or attending an event) 
  • Content of your communications and files you input, upload, or create 
  • Videos (for example, when you provide a product testimonial) 

We collect Personal Data in various ways, such as when you manually key in your Personal Data to our website forms or provide it to us or others from whom we receive marketing leads. From time to time, we offer virtual private networks (VPNs) for attendees at TrueFort events or visitors to our offices. If you access a TrueFort-provided VPN, we may collect Personal Data from you, such as IP and MAC addresses, when we monitor the VPNs for security or performance. 

IP addresses are also collected on an automated basis through your use of the website services using cookies, web beacons, and like technologies. We may infer your location from your IP address. 

How We Use Information Collected from Interactions 

TrueFort uses the Information we collect from your Interactions to deliver services to you in accordance with our terms, to fulfill our contractual and legal obligations, or to “pursue legitimate business interests”, as described below. We take seriously the need to balance our legitimate interests with your privacy rights. We summarize for you here how we use your Information, including Personal Data, to: 

  • Fulfill your orders or respond to your requests for information and other inquiries 
    For example, to satisfy your requests for website materials such as marketing collateral or white papers, we collect and use your name and email address. 
  • Operate, enhance, and personalize your experience on our website 
    We collect Information via cookies and other information gathering technologies to fulfill our legitimate interest in operating our website, making it easy to navigate, enriching the available content and offering information tailored to your interests. In doing so, we may receive your location information, which you can stop at any time by configuring the location setting permissions in your device. 
  • Issue you TrueFort accounts for access to online communities and forums and to enable your participation there 
    When you join our online communities and forums, including blogs and TrueFort-branded business communication and streaming platform channels (collectively, “online forums”), we collect your Personal Data to enable your access and provide an interactive experience when you participate. The guidelines associated with those online forums recommend not sharing private or proprietary information on them, as many of their aspects are public. If you choose to submit content to online forums, such content will be considered “public” and will not be subject to the privacy protections set forth in this Privacy Policy except as required by applicable law. Online forums that display the TrueFort name but present you with their own privacy notice are subject to such privacy notice and not this Privacy Policy. 
  • Send you administrative notices 
    We may need to notify you (or we may choose to inform you) when we make updates to our terms or policies or make changes to our website services. We will use your name and email address to send such administrative notices to you, which due to their nature are treated differently from marketing communications from which you can opt out. 
  • Manage your TrueFort account 
    To perform the services under the contract between you and TrueFort, we need to collect certain Information from you such as your contact and payment details. Without this Information, we may not be able to deliver the services or comply with our contractual or legal obligations. 
  • Advertise and market to you 
    With your consent or to pursue legitimate business interests, we may contact you with product announcements, educational materials, announcements about special offers, or information about upcoming or ongoing online/offline events and related offers. If required by applicable law, we will ask you for your consent before sending and/or give you the choice to opt out of receiving these communications. 
  • Administer prize promotions and events 
    We may use your Information to administer prize promotions and events based on the terms of the promotion or event. For example, if you enter into a prize promotion, we may use your data to select a winner and provide the prize to you if you win. Or, if you register for a coding workshop or a gaming or other event, we may add your name to the list of expected attendees. If you win, we may seek your consent to announce you as a winner, with consent you may withdraw at any time. However, we will retain Information collected in connection with the enrollment contract. 
  • Invite you to participate on customer advisory boards or in surveys, studies, and assessments of Offerings 
    We use your Personal Data to register you to participate on advisory boards (such as our Customer Advisory Board or Product Advisory Council) or to request feedback from you about TrueFort Offerings. We use your feedback to fulfill our legitimate interest in improving our Offerings and growing our business. Your participation is voluntary and subject to the terms of your agreements with us and this Privacy Policy. 
  • Diagnose and fix technical issues, monitor for security, and otherwise protect our property. 
    We do this to satisfy our legitimate interest in assessing actual or potential threats to our facilities, attendees at TrueFort-sponsored events, our IT systems and networks, and website services. We may process your Information, in particular your IP address, for this purpose. 
  • To recruit you for a position at TrueFort 
    We may use your username or handle and contribution information from TrueFort-managed repositories on third-party open-source platforms to fulfill our legitimate interest in identifying candidates for open positions at TrueFort. For example, we may use your contribution information in a TrueFort-managed GitHub repository to consider you for and contact you about a position. 
  • Comply with law 
    We may use your Information to comply with any applicable law, regulation, legal process, or governmental request, or to protect our legal rights or those of others. 
  • For any other purpose disclosed to you in connection with our website services from time to time. 

If we process your Personal Data for other purposes, we will provide you with information about such processing, and if required, obtain your consent. 


We also collect Information, including Personal Data, when providing our Offerings. We may ask you for this Information directly, or in some cases, we may collect it when certain features are enabled. For example, we collect Information from or about you when you (or someone you work with):  

  • Order or sign up for a trial of our Offerings 
  • Interact with TrueFort online or offline, including when you request support services 
  • Use our Offerings to process information 

What We Collect via Our Offerings and How We Use It 

We collect and process different types of product data (described below) when you deploy our Offerings in order to fulfill our contractual and legal obligations and operate our business or fulfill other legitimate interests. We work hard to help ensure a balance between our legitimate interests and your privacy rights. 

  • License Usage Data is Information that allows us to identify your on-premises account entitlements, such as license consumption, capacity, or type in our systems through an assigned license ID. We use this information to validate accounts and automate license verification. 
  • Usage Data is Information about your operating environment and configuration, user/product interactions, and sessions. This may include information about your network and systems architecture and configurations, OS and product versions, product configuration, applications installed, page loads and views, searches by number and type, errors, number of active and licensed users, source types and format (e.g., JSON, XML, and CSV), web browser, http referrer page, and app workflows.

    We use Usage Data to fulfill our contractual obligations in providing the Offerings to you and to fulfill our legitimate interest in supporting and enhancing them. For example, we may use this data to:  

  • Troubleshoot issues, provide support, and update our Offerings 
  • Provide guidance to help you optimize your configuration, security, and usage of our Offerings 
  • Better understand how our users configure our Offerings 
  • Determine which configurations or practices optimize performance (e.g., best practices) 
  • Benchmark key performance indicators (“KPIs”) 
  • Recommend enhancements 
  • Perform data analysis and audits 
  • Identify, understand, and anticipate performance issues and the factors that affect them 
  • Identify product security issues that may affect you and inform you of them 
  • Improve and develop new features and functionality 
  • Monitor the health, performance, and security of our Offerings 

We hash or otherwise pseudonymize identifiable information connected to user activity for data analytics purposes. 

  • Support Usage Data includes License Usage and/or Usage Data as part of a customized support program that offers you accelerated troubleshooting, notices of patches/upgrades, tips to optimize usage, security, configurations and/or performance, and suggestions about other Offerings that may be of interest to you. The data is customer-identifiable so that we can help personalize your experience. From time to time, we may also use the Information to analyze usage trends, such as by data type, environment size, scale and architecture, and industry or sector, to develop and prioritize product enhancements (e.g., bug fixes or new features). On-premises customers can opt out at any time. However, this Information is essential for the operation of our cloud Offerings. 
  • Mobile Device Data is Information we collect in certain TrueFort Offerings (“Apps” as discussed below) that associates your mobile device with an identifier for your App to help us improve the user experience and personalize your services and content. We may also receive information that your mobile device sends when you use our Apps, such as a device identifier or OS. Depending on a customer’s configuration of TrueFort’s Offerings, location information about a customer’s end users may be shared with TrueFort. You can disable location sharing using the location-setting features on your mobile device. 
  • Security Offerings Data. Certain security-focused Offerings collect and in some cases allow sharing of Customer-submitted “artifacts” (such as logs, alerts, emails, cases, and incidents) and intelligence sources to support security investigation, threat detection and monitoring. In some cases, this Information may contain names, IP addresses, email addresses, phone numbers and other types of Personal Data contained in such artifacts and intelligence sources. You determine the extent and nature of the data you submit and whether to participate in such Offerings and in some cases to share the data with TrueFort.  
  • Certain TrueFort Offerings rely on automated methods of processing, such as artificial intelligence, which is a set of technologies and processes that allow computers to learn, reason, and assist in decision making. These technologies may consume Usage Data or other data you submit to the Offering that may be associated with you. The use of data in connection with such Offerings is set forth in the relevant terms. 

 Other Collection Practices 

We also collect Information from you to fulfill our contractual commitments to you. For example, we collect contact information such as name, address (email and physical) and phone number to enter you into our databases and manage your account. We also collect billing and payment information and information about Offerings, such as browser type, version number and OS, to administer your account, respond to customer service/support inquiries, and provide you with information about software updates via alerts or other “push” notifications. We do not sell this Information. 

Data Collection Practices Associated with Apps 

The TrueFort Offerings are extendible using software applications commonly called “apps,” “add-ons,” “widgets,” or “technical add-ons” that we offer. We refer to these collectively as “Apps.” These Apps are versatile and have access to a broad set of web technologies that can be used to collect and use your Information. This Privacy Policy only applies to Apps built by or on behalf of TrueFort. It does not apply to Apps developed by others (“App Developers”) through third-party marketplaces or repositories (e.g., AWS Marketplace), or interoperable with TrueFort Offerings. 

TrueFort requires App Developers to comply with applicable privacy and data protection laws but cannot guarantee that they do so. Before you use Apps created by App Developers, you should familiarize yourself with their privacy policies and license agreements. 

TrueFort collects Information generated from the use and performance of Apps that interoperate with TrueFort Offerings, such as crash information, version, session duration, and user engagement (e.g., number of downloads, active/licensed users, and logins). We may share this data with App Developers so they can improve and enhance the performance of their Apps. 

How TrueFort Shares Your Information 

TrueFort may disclose your Information to others in the following ways: 

  • Subsidiaries. We may disclose Information to our resellers subject to this Privacy Policy so that they can help market, sell, and service our Offerings. TrueFort is the party responsible for the management of jointly used Personal Data. TrueFort maintains intragroup agreements covering the use of Personal Data within the TrueFort family of resellers.   
  • Service Providers. We may disclose Information to our service providers (e.g., infrastructure as a service, order fulfillment, professional/customer/support services), pursuant to written agreements with confidentiality, privacy, and security obligations. TrueFort maintains a list of sub-processors who process Personal Data as part of the Offerings, which we update as needed. 
  • App Developers. We may disclose Information about App use and performance with App Developers so that they can improve and enhance the performance of their Apps. With your consent, we may also disclose your Information to App Developers to help support the performance of their Apps. App Developers will be identified to you when you download and use their Apps pursuant to their license terms, including their privacy policies. 
  • Partners and Sponsors. We may disclose contact and account Information to our partners and event hosts/sponsors (identified at time of registration or event participation) pursuant to written agreements with confidentiality, privacy, and security obligations. They may use the Information to assess your interest in TrueFort Offerings, conduct user research and surveys, or send you marketing communications, subject to the terms of their privacy policies. We may also share Support Usage Data with partners when they manage your Offering for you. 
  • Online Forums. When you take certain actions on blogs and TrueFort-branded business communication and streaming platform channels (“online forums”) that are public or intended to be public in nature, such as when you broadcast content, participate in a chat room, post profile information, or follow a channel, that information may be collected, used, or disclosed by other participants in the online forums. In addition, some features of online forums are designed to provide others with information about user activity, such as the subscription status of users for a given channel. 
  • Compliance and Safety. We may disclose Information as necessary or appropriate under applicable laws (including laws outside your country of residence) to: comply with legal process or requirements; respond to requests from public or government authorities (including those outside your country of residence); enforce our terms and conditions; and protect our operations, rights and safety, and that of you and others, as needed 
  • Merger, Sale, etc. We may disclose Information in the event of a proposed or actual corporate or financing transaction, such as a reorganization, merger, sale, joint venture, assignment, transfer, or disposition of all or any portion of TrueFort business, assets, or stock (including Information regarding any bankruptcy or similar proceedings). 
  • Other Users. We may disclose Information to other users of the service in aggregated format, provided it does not include Personal Data. This may include “best practices” tips, KPIs, benchmarking data or other such aggregated information useful to the user community. For select Offerings, we may share Information you provide, such as security artifacts that may contain Personal Data (e.g., IP address) with other subscribers, but only if required as part of the Offering, as set forth in the relevant terms. 

How We Secure Your Information 

TrueFort takes reasonable technical and organizational measures to safeguard Personal Data against loss, theft, and unauthorized access, disclosure, alteration, misuse, or destruction. Unfortunately, no data transmission, software, or storage system can be guaranteed to be 100% secure. If you have reason to believe that your Personal Data may no longer be secure (for example, if you feel that the security of an account has been compromised), please notify us immediately.  If TrueFort learns of a breach of its systems, TrueFort may notify you or others consistent with applicable law and/or as agreed in our contract with you. TrueFort may communicate with you electronically regarding privacy and security issues affecting Information collected through your Interactions or use of our Offerings. 

TrueFort Also Observes the Following Practices 

Retention Period. We retain your Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or not prohibited by applicable law. Information you store in TrueFort Cloud environments is portable by you at the end of the term of your agreement with TrueFort. We retain your contract information for the duration of your agreement with us and thereafter as required or permitted by law. We keep a record of your data requests, including your requests to opt out of marketing communications, to honor them in the future.  

Use of TrueFort Offerings by Minors. TrueFort Offerings are not directed to individuals 16 and under or those not of the age of majority in your jurisdiction, and we request that these individuals, or others on their behalf, not provide us with their Information. 

Lawful Basis for Transferring Your Data: Cross-border Transfers 

Your Personal Data may be stored and processed in any country where TrueFort, its subsidiaries, partners, sub-processors, and third-party service providers conduct business or host events. These locations may be outside of your country of residence, including in the United States, where different data protection laws may apply. When we transfer Personal Data, we implement safeguards for protection of the transferred Personal Data, such as standard contractual clauses. We put in place appropriate terms to protect your Personal Data in our agreements with our service providers. 

TrueFort has certified to the Department of Commerce that we adhere to the Privacy Shield Principles (“Principles”) of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, although TrueFort does not rely on the frameworks as a legal basis for transfers of Personal Data. If there is any conflict between the terms in this Privacy Policy and the Principles, the Principles will govern. To learn more about the Privacy Shield program, please visit  

Your Rights 

In certain locations, you may have rights under data protection law, such as to request access to or correction, deletion, or transfer of your Personal Data, or to object to or restrict TrueFort from using it for certain purposes. If you would like to exercise these rights, please submit your request, with a description of the nature of your request and the Personal Data at issue, to and we will respond as soon as reasonably practicable consistent with applicable law. We will verify your identity before we comply with your request and ask for your cooperation with our identity verification process. 

Supplemental Terms and Conditions for Certain Regions 


We rely on a variety of legal bases to process Personal Data, including your consent, a balancing of legitimate interests, necessity to enter into and perform contracts, and compliance with a legal obligation. If we process your Personal Data based on your consent, you may withdraw your consent at any time. We will let you know if we are seeking to rely on your consent at the time of collection. 

In Europe, we are responsible for the management of Personal Data used for completing orders and performing customer contracts.  

If you have any questions or concerns about TrueFort’s privacy practices, you can contact us at any time via the contact 


If you are a California resident, California law provides you with specific rights regarding your personal information, subject to certain exceptions, including the right to know about the personal information a business collects about you, the right to request that we delete the personal information we collect from you, and the right to non-discrimination for exercising your rights. For purposes of California law, personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a consumer or household. 

If you or a designated third-party agent would like to exercise these rights, please submit the request through to and we will respond as soon as reasonably practicable consistent with applicable law. We will verify your identity, and the identity of any third-party agent acting on your behalf, before we comply with the request, and ask for your cooperation with our identity verification process. Please note that we are only required to respond to two such requests per individual each year. 

Links to Other Parties 

Our Offerings may contain links to, or facilitate access to, other websites or online services. This Privacy Policy does not address, and TrueFort is not responsible for, the privacy, information, or practices of other parties, including without limitation any App Developer, social media platform provider, wireless service provider, or device manufacturer. The inclusion of a link within the Offerings does not imply endorsement of the linked site or service by TrueFort. TrueFort encourages you to review the privacy policies and learn about the privacy practices of the companies whose websites you choose to visit or apps you choose to use. We list below links to resources about many of the other parties with whom we interact as described in this Privacy Policy: 

Updates to this Privacy Policy 

We may change this Privacy Policy from time to time and will post our updates on our website. We will also communicate any material changes of the Privacy Policy to you. 

Contact TrueFort 

If you have any questions or comments about this Privacy Policy or TrueFort’s privacy practices, you can contact us at any time at or by mail as provided below: 

TrueFort Inc. 
Legal Department 
3 W. 18th Street  
Weehawken, NJ 07086 

Back To Top
TrueFort Advisor and Venture Partner - West Coast at Canaan, Bob Williams

Bob Williams

Advisor | Venture Partner - West Coast, Canaan
Maha Ibrahim, Canaan

Maha Ibrahim

Observer | General Partner - West Coast, Canaan
TrueFort CFO Eileen Spellman

Eileen Spellman

Managing Director Emerald Development Ptrs. And TrueFort Board Member, Charles Collins

Charles Collins

Observer - Mng. Director, Emerald Development Ptrs.
TrueFort CMO Matt Hathaway

Matt Hathaway


Matt Hathaway serves as TrueFort’s Chief Marketing Officer, leading the global marketing strategy to get TrueFort the recognition it deserves. Matt has extensive knowledge of security users, buyers, and landscape, as well as a track record of building high-performing marketing and product teams. He has over 15 years’ experience in the security market that span fraud prevention, vulnerability management, SIEM, cloud workload protection, data security, endpoint protection, and application security.

Prior to joining TrueFort, Mr. Hathaway was VP of Product Marketing at Imperva, a leader in Application and Data Security, where he led Product, Content, and Technical Marketing, SEO, and Competitive Intelligence. He was also VP of Product Marketing at Carbon Black (acquired by VMware), served in multiple product and marketing roles at Rapid7 (including through its IPO), and held product roles at RSA Security and Uptycs.

TrueFort Board Member and Principal & Founder of Bess Ventures & Adv., Lane Bess

Lane Bess

Member - Principal & Founder, Bess Ventures & Adv.
TrueFort Advisor and Chief Information Officer at Intel Corporation, Motti Finkelstein

Motti Finkelstein

Advisor - Chief Information Officer, Intel Corporation
TrueFort Advisor and Founder & President of Security Risk Solutions, Steve Katz

Steve Katz

Advisor - Founder & President, Security Risk Solutions
TrueFort Emblem Logo

Truefort customer support

TrueFort customers receive 24×7 support by phone and email, and all software maintenance, releases, and updates

For questions about our support policy, please contact your TrueFort account manager or our presales team at

Support Hotline

Email Support