The Short Version
- ●We collect only what's needed to run the marketplace and help you get booked or find crew.
- ●We never sell your personal data to anyone.
- ●We don't run targeted advertising or build ad profiles on you.
- ●We use aggregate market data (rates, demand by skill/city) to build tools that help the industry. Individual data is never exposed.
- ●You can request a full export or deletion of your data at any time.
1. Who We Are
Truss is operated by Truss Technologies LLC, based in San Francisco, California. When this policy says "Truss," "we," or "us," it refers to Truss Technologies LLC.
2. What We Collect and Why
We collect data in three categories. Here's exactly what each one includes and what we use it for.
Account information (you provide this)
| Data | Why |
|---|---|
| Name, email, phone | Create your account, send booking notifications, allow producers/techs to contact you through the platform |
| City | Show you in relevant local search results |
| Company name (producers) | Display on your profile and invoices |
| Password | Stored as a secure hash by Supabase Auth. We never see or store your actual password. |
Profile information (you provide this)
| Data | Why |
|---|---|
| Skills, specializations, gear list | Match you with relevant job opportunities and let producers search for specific expertise |
| Hourly rates (per skill) | Auto-fill booking requests, power the rate guide to help the industry understand fair market rates |
| Bio, experience level, portfolio photos | Display on your public profile so producers can evaluate fit |
| Insurance status (self-reported) | Let producers filter by insured technicians. We do not verify this information. |
| Availability calendar | Let producers see when you're free and filter search by date |
| Profile photo | Display on your profile. Stored in Supabase Storage. |
Platform activity (generated by usage)
| Data | Why |
|---|---|
| Booking history (projects, roles, rates, hours, status) | Track your gig history, calculate earnings, power the reputation system |
| Reviews and ratings | Build trust between techs and producers. Reviews are public. |
| Messages | Enable communication between producers and techs. Messages are private to participants. |
| Profile views (count only) | Show techs how visible their profile is. We track view counts, not who specifically viewed you. |
| Referral data | Track who referred whom to credit referral bonuses |
| Notifications | Deliver in-app alerts about bookings, reviews, and reminders |
3. What We Don't Collect
- ●We don't track your location in real time or in the background
- ●We don't read your contacts, camera, microphone, or files
- ●We don't collect biometric data
- ●We don't build behavioral profiles for advertising
- ●We don't buy data about you from third-party brokers
- ●We don't use dark patterns to extract more data than necessary
4. How We Use Aggregate Data
We use anonymized, aggregate data from the platform to build industry tools — like the rate guide at /rates. This data helps technicians understand what their skills are worth in different markets and helps producers budget accurately.
Aggregate means: "A1 engineers in San Francisco average $65-85/hr across 47 bookings." It never means: "Marcus Rodriguez charged $75/hr on this specific booking." Individual rates, bookings, and earnings are never exposed publicly or shared with third parties.
We believe this market transparency is good for workers. Historically, rate information in the AV industry has been opaque, which disadvantages technicians in negotiations. Making aggregate rate data public helps level that playing field.
5. Third-Party Services
We use a small number of third-party services to operate the platform. Each one receives only the data it needs.
| Data | Why |
|---|---|
| Supabase | Database, authentication, and file storage. Hosts all platform data. SOC 2 Type II compliant. |
| Stripe | Payment processing. Handles credit card information directly — we never see or store card numbers. |
| Resend | Transactional email delivery (booking confirmations, reminders). Receives only email address and message content. |
| Google Analytics | Anonymous page-view analytics to understand which pages are useful. No personally identifiable information is sent. |
| Vercel | Website hosting. Processes web requests but does not store user data. |
We do not use any advertising networks, data brokers, or tracking pixels beyond Google Analytics. We do not participate in cross-site tracking.
6. Data Sharing
We share your data only in these specific situations:
- ●With other users, as part of normal platform use (your public profile is visible to logged-in producers; your messages are visible to conversation participants; your reviews are public)
- ●With Stripe, to process payments you initiate
- ●With Resend, to deliver emails triggered by your activity
- ●If required by law, court order, or legal process
- ●To protect the safety of our users or the public
We have never sold user data and will never sell user data. If Truss is acquired, this policy transfers to the acquiring entity and your data protections remain in effect.
7. Data Security
All data is transmitted over HTTPS. Database access is protected by Row Level Security policies that ensure users can only read and write their own data. Authentication is handled by Supabase Auth with secure password hashing. API routes that perform system operations use a separate service-role client with restricted access.
Payment information is handled entirely by Stripe and never touches our servers.
8. Data Retention
We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days. Some data may be retained in anonymized, aggregate form (e.g., booking volume statistics) that cannot be linked back to you.
Booking and payment records may be retained for up to 7 years as required by tax and financial regulations.
9. Your Rights
You have the right to:
- ●Access — Request a full export of all data we hold about you
- ●Correction — Update or correct any inaccurate information through your profile settings or by contacting us
- ●Deletion — Request that we delete your account and all associated personal data
- ●Portability — Receive your data in a standard, machine-readable format
- ●Objection — Opt out of any non-essential data processing
To exercise any of these rights, email hello@trusswork.org. We will respond within 30 days.
10. California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA). You have the right to know what personal information we collect, request deletion of that information, and opt out of the sale of personal information. Since we do not sell personal information, there is nothing to opt out of.
We will not discriminate against you for exercising your privacy rights.
11. Children
Truss is not intended for anyone under 18. We do not knowingly collect data from minors. If we learn that we have collected data from someone under 18, we will delete it immediately.
12. Cookies
We use only essential cookies required for authentication (keeping you logged in). We do not use advertising cookies, tracking cookies, or cookie-based retargeting. Google Analytics uses a first-party cookie to distinguish unique visitors — this does not track you across other websites.
13. Changes to This Policy
If we make material changes to this policy, we will notify you by email and post a notice on the platform at least 14 days before the changes take effect. We will never retroactively reduce your privacy protections without your explicit consent.
14. Contact
Questions about this privacy policy or your data: