Skip to main content

Legal

Data Protection Statement

Last updated: July 2026

TRAYL treats personal data with care and applies technical and organizational measures appropriate to the risk. This statement summarizes our approach; see the Privacy Policy for legal detail.

1. Roles

TRAYL is the controller for account, billing, and marketing data. For campaign data uploaded by brands and agencies, TRAYL acts as a processor on behalf of the customer.

2. Safeguards

  • Encryption in transit (TLS) and at rest for stored data.
  • Role-based access, least privilege, and audit logging.
  • Row-level security on multi-tenant tables.
  • Ongoing security scanning and dependency review.

3. Sub-Processors

We use vetted sub-processors for hosting, database, email, analytics, e-signature (SignWell), payment processing (Stripe), and creator payout orchestration (Lumanu). We contractually require appropriate confidentiality and security terms.

4. Incident Response

We maintain an incident-response process and will notify affected customers and, where required, regulators without undue delay.

5. Requests and Contact

Data subject requests and DPA inquiries: hello@traylos.com.