TRAYL treats personal data with care and applies technical and organizational measures appropriate to the risk. This statement summarizes our approach; see the Privacy Policy for legal detail.
1. Roles
TRAYL is the controller for account, billing, and marketing data. For campaign data uploaded by brands and agencies, TRAYL acts as a processor on behalf of the customer.
2. Safeguards
- Encryption in transit (TLS) and at rest for stored data.
- Role-based access, least privilege, and audit logging.
- Row-level security on multi-tenant tables.
- Ongoing security scanning and dependency review.
3. Sub-Processors
We use vetted sub-processors for hosting, database, email, analytics, e-signature (SignWell), payment processing (Stripe), and creator payout orchestration (Lumanu). We contractually require appropriate confidentiality and security terms.
4. Incident Response
We maintain an incident-response process and will notify affected customers and, where required, regulators without undue delay.
5. Requests and Contact
Data subject requests and DPA inquiries: hello@traylos.com.