Privacy Policy

Truvio is an AI brand visibility tool built for D2C and ecommerce brands. We show you how your brand appears in responses from ChatGPT, Google Gemini, and Anthropic Claude.

Truvio is currently operated as an unregistered startup by its founders. For privacy questions or data requests, contact us at hello@tru-vio.com.

When you use Truvio we collect the following categories of data:

• Email address — required to run an audit and to identify your results in your audit history. Also collected when you join our waitlist or submit a call-booking request.
• Brand website URL and brand name — the URL you submit for auditing and the brand name we derive from it.
• Audit results — AI-generated prompts we create about your brand, the raw text responses returned by ChatGPT, Gemini, and Claude, and the visibility scores we compute from those responses.
• IP address — recorded automatically when you submit an audit request, used for rate-limiting and abuse prevention.
• Approximate location (city and country) — derived from your IP address via server-side geolocation. Not GPS-level; city/country only.
• Call-booking information — if you submit a booking request: your name, email, brand URL, and a free-text description of what you're looking for.
• Geo audit scope — the geographic scope you select when running an audit (e.g., “India” or “city”).

Under the DPDP Act 2023, we rely on consent as our lawful basis for processing personal data. By submitting your email and running an audit, you consent to the processing described in this policy. You may withdraw consent at any time by contacting us (see Section 8).

• Email — to associate your audit results with your account, to let you access your audit history, and to contact you about your results if you request it.
• Brand URL + name — to run the AI audit and generate your visibility score.
• Audit results (prompts, AI responses, scores) — to display your results, store your audit history, and improve the accuracy of our scoring engine.
• IP address and location — to enforce per-IP rate limits, prevent abuse, and apply the correct geographic context to your audit.
• Call-booking details — to schedule a call with our team.

We do not use your data for advertising, profiling, or any purpose beyond running the service you requested.

We share your data only with the following service providers, each of whom processes data only as necessary to deliver the service:

We do not sell your data. We do not share your data with any party not listed above.

When you run an audit, Truvio sends the following data to OpenAI, Google (Gemini), and Anthropic in order to generate your visibility score:

• Your brand name (derived from the URL you submitted)
• AI-generated search queries about your brand category and market
• Your brand's website text (first ~400 characters, used to identify your brand)

Your email address is not sent to any AI engine. These providers process the above data under their own usage policies; we recommend reviewing those policies for their terms on training and data retention:

• OpenAI API Data Policy: openai.com/policies/api-data-usage-policies
• Google Gemini API Terms: ai.google.dev/gemini-api/terms
• Anthropic Usage Policy: anthropic.com/legal/privacy

• Portal audit results — kept for 90 days from the date of the audit, then automatically deleted from our systems.
• Audit log (admin view) — we retain the most recent 200 audit records in a rolling log. Older records are deleted automatically as new audits run.
• Email addresses (audit users and waitlist) — retained for 2 years of inactivity, then automatically deleted.
• Call-booking records — retained until manually deleted by our team after the booking has been handled.
• IP addresses — stored as part of the audit log, subject to the 200-record rolling retention above.

You may request deletion of your data at any time (see Section 8) and we will action it within the timeframe required by applicable law.

As a Data Principal under India's Digital Personal Data Protection Act 2023, you have the following rights:

• Right to access — you may request a summary of the personal data we hold about you.
• Right to correction and erasure — you may ask us to correct inaccurate data or erase your personal data where it is no longer necessary for the purpose it was collected.
• Right to grievance redressal — you may raise a grievance with our Grievance Officer; we will acknowledge within 48 hours and resolve within the period specified by the DPDP Board.
• Right to nominate — you may nominate another person to exercise your rights in the event of your death or incapacity.
• Right to withdraw consent — you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal but may mean we can no longer provide the service to you.

To exercise any right above — including requesting deletion of your audit history, email address, or booking record — email us at:

Please include the email address you used to run your audit. We will respond within 72 hours and fulfil the request within the period required by the DPDP Act 2023.

If you are not satisfied with our response, you may escalate to the Data Protection Board of India once it is constituted under the DPDP Act.

We do not sell, rent, or trade your personal data to any third party. Your data is used solely to operate the Truvio service as described in this policy.

We store all personal data in Upstash Redis, access-controlled by environment-level secrets. Our infrastructure is hosted on Vercel with HTTPS enforced on all endpoints. We do not log or store payment card details.

In the event of a personal data breach that is likely to result in harm to you, we will notify affected users and, where required, the Data Protection Board of India, within the timeframe mandated by the DPDP Act 2023.

Truvio is not directed at children under 18. We do not knowingly collect personal data from minors. If you believe a minor has submitted data to us, please contact us at hello@tru-vio.com and we will delete it promptly.

We may update this policy as the service evolves. When we do, we will update the “Last updated” date at the top of this page. Material changes will be communicated to registered users by email where possible. Continued use of the service after a change constitutes acceptance of the updated policy.