Trusted Only

Privacy Policy

Last updated: June 2026

We do not sell your personal information. Trusted Only, LLC does not sell, license, rent, or otherwise exchange personal data with third parties for their own commercial or marketing purposes. This commitment applies to all individuals whose data we process.

1. Introduction

Trusted Only, LLC ("Trusted Only," "we," "our," or "us") is committed to protecting the privacy, confidentiality, and security of personal information. This Privacy Policy describes the types of personal data we collect and process, how we use and protect that data, and the rights available to individuals regarding their personal information.

This Policy applies to all visitors, users, customers, agents, homeowners, and other individuals ("Data Subjects") whose personal data is processed through Trusted Only's platform, services, and website (collectively, the "Services"). By using or accessing our Services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

2. Regulatory compliance

Trusted Only implements safeguards and procedures designed to comply with applicable data protection laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA); the EU General Data Protection Regulation (GDPR); the UK Data Protection Act 2018; the Swiss Federal Act on Data Protection (nFADP); the Virginia CDPA, Colorado CPA, Connecticut CTDPA, and Nevada SB 220; and the CAN-SPAM Act and CASL. Where applicable, Trusted Only operates as a "Data Processor" on behalf of its customers ("Data Controllers") and enters into appropriate Data Processing Agreements (DPAs).

3. Legal basis for processing (GDPR)

For individuals in the EEA, UK, or Switzerland, we process personal data only where a valid legal basis exists under Article 6 of the GDPR, namely contract performance, legitimate interests (e.g., fraud prevention, security, analytics, product improvement), legal obligation, or consent. Where processing is based on legitimate interests you may object; where it is based on consent you may withdraw consent at any time.

4. Information we collect

  • Member and agent data: name, username, mailing address, email, phone; professional information (employer, title, location, license numbers); payment data handled through PCI-DSS-compliant systems; and account credentials (passwords are stored hashed).
  • Homeowner and contact data (processed on behalf of our customers): name, address, phone, email; general demographic attributes; preferences; internet/network activity (IP, cookies, device data); transaction data; and inferences drawn from the above.
  • Enhancement data: usage history and technical telemetry, used only for internal analytics and made public only in aggregated, de-identified form.
  • Sensitive data: We do not intentionally collect Social Security numbers, government IDs, biometric, health, or other special-category data.
  • Children's privacy: Our Services are not directed to individuals under 18, and we do not knowingly collect data from children. We do not knowingly collect data from children under 13 (COPPA).

5. How we use your data

We process personal data only to deliver and improve the Services, manage accounts, process billing, send transactional and (with consent) marketing communications, analyze aggregated usage, comply with legal obligations, and prevent fraud. We do not use personal data for automated decision-making that produces legal or similarly significant effects without human review.

6. Data sharing and sub-processors

We do not sell your data, under any definition, including the broad definition under the CCPA/CPRA. To deliver the Services we engage authorized sub-processors who process data strictly on our behalf under written agreements. We may also share data with professional advisors, as part of a business transfer, or where required by law.

7. International data transfers

Trusted Only is based in the United States. Cross-border transfers are subject to appropriate safeguards, including the European Commission's Standard Contractual Clauses, the UK International Data Transfer Agreement, applicable adequacy decisions, and supplementary technical and organizational measures.

8. Security measures and certifications

We maintain an industry-standard information security program, including ISO 27001 certification, PCI-DSS certification, SOC 2 audit reporting, and (where applicable) HIPAA Business Associate compliance. All data is encrypted in transit (TLS 1.2+) and at rest, protected by role-based access controls and multi-factor authentication, and validated through regular vulnerability assessments and penetration testing.

9. Security incident response

We maintain a formal incident response program. In the event of a breach, we will notify affected customers without undue delay and, where feasible, within 72 hours of becoming aware, consistent with GDPR Article 33 and other applicable requirements.

10. Data retention and deletion

Customer Data is retained for the duration of the active service agreement. After termination, data may remain in standard backups for up to 45 days, may be queued for permanent deletion between 45-60 days, and is permanently purged after 60 days, except where law requires longer retention.

11. Your privacy rights

Depending on your jurisdiction, you may have the right to access, correct, delete, port, restrict, or object to processing of your personal data; to limit the use of sensitive information (CPRA); to opt out of any sale or sharing; and to non-discrimination for exercising these rights. To submit a request, email privacy@trustedonly.com with the subject line "Privacy Request." We will respond within the timeframe required by law (generally 30-45 days) and may need to verify your identity. Where we act as a Data Processor, we will refer your request to the relevant customer (Data Controller).

12. Cookies and tracking technologies

We use strictly necessary, performance/analytics, functional, and (with consent where required) targeting cookies. You may control cookies through your browser settings or our consent tool where available. Our Services do not currently respond to "Do Not Track" signals, as no universal standard exists.

13. Third-party links and services

Our Services may link to or integrate with third-party websites and tools. This Policy does not apply to those services, and we encourage you to review their privacy practices.

14. Google Business Profile and Google user data

Certain features let you connect your Google account so that Trusted Only can access and manage your Google Business Profile on your behalf, at your direction.

  • What we access. With your authorization, we access Google user data through the Google Business Profile APIs, which may include your business profile information, reviews and ratings, and (where you separately authorize it) local posts and Q&A.
  • How we use it. We use this data only to provide and improve the features you enable, such as importing and displaying your reviews, ratings, and profile information on your directory profile, and creating, editing, or removing posts and review replies that you direct. We do not use Google user data for advertising, to build profiles for unrelated purposes, or for any purpose beyond providing these user-facing features.
  • How we store and share it. Google user data is stored securely as described in this Policy and is never sold or rented. We do not transfer Google user data to third parties except as necessary to provide the Services, with your consent, or where required by law.
  • Limited Use. Trusted Only's access to, use, and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
  • Attribution. Where the Services display Google content, Google attribution and brand features are preserved, and reviews are not edited or presented in a misleading manner.
  • Revoking access and deletion. You can disconnect your Google account at any time within the Services, or revoke access through your Google Account settings at myaccount.google.com/permissions. Revocation stops future access; to request deletion of Google user data we previously accessed, email privacy@trustedonly.com.

This section works together with Section 5 (Connected Google accounts and Google Business Profile) of our Terms of Service.

15. Contact us

ContactDetails
CompanyTrusted Only, LLC
Address2031 Jackson St, Fort Myers, FL 33901
Phone(239) 427-1949
Privacy inquiriesprivacy@trustedonly.com
Data erasure requestsprivacy@trustedonly.com, subject: "Privacy Request"

If you are in the EEA or UK and believe we have not handled your data in accordance with applicable law, you may lodge a complaint with your supervisory authority (e.g., the UK Information Commissioner's Office at ico.org.uk).

16. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where required, provide additional notice. Your continued use of the Services after the effective date constitutes acceptance of the updated terms.