Last Updated: May 29, 2026 · Effective Date: May 29, 2026
This Privacy Policy explains how TruWaiver, Inc., operating as TruWaiver, collects, uses, stores, shares, protects, and otherwise processes personal information through our websites, software, applications, dashboards, digital waiver tools, QR code signing tools, check in systems, incident reporting tools, proof bundle exports, customer portals, admin panels, support channels, and related services.
In this Privacy Policy, TruWaiver, Company, we, us, and our refer to TruWaiver, Inc. Services refers to all TruWaiver products, websites, applications, software, dashboards, tools, databases, templates, integrations, reports, exports, APIs, support services, and related offerings.
By accessing or using the Services, creating an account, signing a waiver, scanning a QR code, checking in, submitting a form, uploading information, creating an incident report, or otherwise interacting with TruWaiver, you acknowledge that you have read and understood this Privacy Policy.
If you do not agree with this Privacy Policy, you should not use the Services.
TruWaiver provides a digital waiver, consent, check in, incident reporting, expiry tracking, audit trail, and proof bundle platform for businesses and organizations. TruWaiver may be used by gyms, climbing centers, sports academies, adventure tourism operators, children’s activity centers, event organizers, equipment rental businesses, tattoo studios, beauty or aesthetic clinics, healthcare adjacent service providers, educational activity providers, recreation venues, and similar organizations.
The Services may allow business customers to create waiver templates, generate QR codes, collect signatures, collect guardian consent, verify check in status, manage waiver expiry, store signed PDF records, create incident reports, upload photos or notes, maintain audit trails, and export proof bundles.
Depending on the context, TruWaiver may act as a controller, business, processor, service provider, or similar role under applicable privacy laws.
For business account data, billing data, website usage data, sales communications, support requests, product analytics, security logs, and administrative data, TruWaiver generally acts as the controller or business.
For waiver records, participant records, signer data, check in records, guardian consent records, customer records, incident reports, proof bundles, uploaded documents, and similar information collected by a business customer through the Services, the business customer generally acts as the controller or business, and TruWaiver generally acts as a processor or service provider on behalf of that business customer.
Business customers are responsible for deciding what information to collect, why it is collected, how long it is retained, what waiver or consent language is used, what privacy notices are given, and whether their use of the Services complies with applicable laws.
We may collect and process the categories of information described below.
We may collect business and account information including:
When a person signs a waiver, completes a consent form, or checks in through TruWaiver, we may process information including:
If a business customer uses TruWaiver to collect consent involving minors, we may process information including:
Business customers are responsible for determining whether a person is a minor, whether guardian consent is required, whether the guardian has authority to consent, and whether the collection and retention of minor information complies with applicable laws.
If a business customer creates an incident report, we may process information including:
Incident reports may contain sensitive information. Business customers are responsible for ensuring that incident information is collected, used, shared, and retained lawfully.
The Services may process uploaded or generated content including:
We process such content to provide, maintain, secure, support, and improve the Services, and to comply with legal obligations.
If you purchase paid Services, payment information may be processed by payment providers such as Stripe, Razorpay, or other payment processors.
We may collect billing information including:
We do not intentionally store full card numbers on our own servers.
We may automatically collect technical and usage information including:
If you contact us, we may collect:
Depending on the configuration selected by a business customer, the Services may process sensitive information, including health declarations, injury details, emergency contact details, minor information, identification documents, incident photos, witness information, or other sensitive data.
TruWaiver does not require business customers to collect sensitive information unless they choose to configure the Services in that manner. Business customers are responsible for ensuring that any sensitive information collected through the Services is necessary, lawful, proportionate, properly disclosed, and protected.
Unless TruWaiver enters into a separate written agreement that expressly states otherwise, the Services are not intended to operate as a medical record system, emergency response system, insurance claims system, legal case management system, regulated healthcare platform, or legally mandated safety compliance system.
We may use personal information to:
We do not use waiver records, digital signatures, minor records, guardian consent records, incident reports, uploaded proof documents, or proof bundles for third party advertising.
Where applicable law requires a legal basis, we may rely on one or more of the following:
Where TruWaiver acts as a processor or service provider, we process personal information according to the business customer’s lawful instructions, applicable contracts, this Privacy Policy, our Terms, and applicable law.
We may share information with the categories of recipients described below.
If you sign a waiver, complete a form, check in, or participate in an activity through a business using TruWaiver, that business may access the information you submit, your signed waiver, your check in status, related incident records, and related audit trail information.
We may share information with vendors that help us provide the Services, including:
These providers are authorized to process information as necessary to provide services to us or as otherwise permitted by law.
We may disclose information where we believe it is reasonably necessary to:
If we are involved in a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar transaction, information may be transferred as part of that transaction, subject to applicable law.
We may use or share aggregated, anonymized, or de identified information that does not reasonably identify an individual for analytics, benchmarking, research, product improvement, security, business operations, or market analysis.
We may process and store information in countries other than where you live. These countries may have privacy laws that differ from your country.
Where required, we use appropriate safeguards for international transfers, which may include data processing agreements, standard contractual clauses, transfer impact assessments, vendor due diligence, technical safeguards, organizational safeguards, and other legally recognized transfer mechanisms.
Business customers are responsible for determining whether their use of the Services involves international transfers and whether additional safeguards are required for their own legal compliance.
We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including providing the Services, complying with legal obligations, resolving disputes, maintaining audit trails, enforcing agreements, preventing fraud, and protecting our legal interests.
Retention periods may depend on:
Where TruWaiver acts as a processor or service provider, the business customer controls the retention period for waiver records, check in records, incident reports, and proof bundles, unless applicable law or legal obligations require otherwise.
After account termination, we may delete, anonymize, archive, or retain information according to our policies, contracts, backup processes, and legal obligations.
We use reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, loss, misuse, alteration, disclosure, or destruction.
Safeguards may include:
No system, website, software platform, storage method, or transmission method is completely secure. We cannot guarantee absolute security.
Business customers are responsible for managing staff access, passwords, permissions, exported files, downloaded records, shared links, local copies, and any information stored outside TruWaiver.
We may use cookies, pixels, local storage, analytics tools, and similar technologies to:
Where required by law, we will request consent for certain cookies. Users may control cookies through browser settings or cookie tools where available.
We may send marketing communications about TruWaiver, product updates, offers, and related services where permitted by law.
You may opt out of marketing communications at any time by using the unsubscribe link or contacting us. We may still send service, security, billing, legal, account, or transactional communications.
Depending on your location and applicable law, you may have rights to:
If your information was submitted to a business using TruWaiver, we may direct your request to that business customer because the business customer controls the relevant records.
To exercise rights, contact us at saartakallena@gmail.com. We may need to verify your identity before responding.
If you are a California resident, you may have additional rights under California privacy law where applicable.
Categories of information we may collect include:
We do not knowingly sell personal information for money. We do not use waiver records, signed PDFs, guardian consent records, incident reports, or proof bundles for cross context behavioral advertising.
California residents may request to know, access, correct, delete, or opt out of certain processing where applicable. Contact saartakallena@gmail.com.
The Services are intended for use by businesses and organizations. We do not knowingly allow children to create business accounts.
Business customers may use TruWaiver to collect guardian consent or waiver records relating to minors. In such cases, the business customer is responsible for obtaining valid parent or guardian consent and complying with children’s privacy, activity, safety, consent, and recordkeeping laws.
If you believe a minor’s information was submitted without proper authority, contact the relevant business customer or contact us at saartakallena@gmail.com.
TruWaiver may allow business customers to collect health declarations, injury details, emergency contact details, or incident notes. TruWaiver is not a medical provider, emergency service, insurer, healthcare record platform, legal advisor, or safety authority.
Unless expressly agreed in a separate signed agreement, TruWaiver does not represent that the Services comply with healthcare specific laws such as HIPAA or equivalent medical privacy regimes.
Business customers are responsible for ensuring that any medical, health, emergency, or injury related information collected through the Services is lawful, necessary, accurate, secure, and used appropriately.
The Services may collect digital signatures, timestamps, IP addresses, device information, waiver versions, check in records, and audit trails. These records are intended to support digital recordkeeping.
TruWaiver does not guarantee that any waiver, consent, digital signature, check in record, proof bundle, incident report, or electronic record will be legally enforceable in every jurisdiction, court, tribunal, regulatory process, insurance claim, or dispute.
Business customers are responsible for obtaining legal advice regarding the enforceability of their templates, workflows, signatures, disclosures, and records.
TruWaiver may include AI assisted, automated, or rule based features, including template suggestions, risk flags, classification, summaries, analytics, check in indicators, record organization, or proof bundle support.
AI assisted outputs may be incomplete, inaccurate, outdated, or unsuitable for a particular jurisdiction or use case. Business customers are responsible for reviewing all AI assisted outputs before relying on them.
TruWaiver does not provide legal, medical, insurance, compliance, safety, or professional advice through AI features.
The Services may include links or integrations with third party websites, payment providers, messaging tools, cloud services, analytics tools, or external platforms.
We are not responsible for third party privacy practices, security, content, terms, policies, availability, or actions. You should review their privacy policies before using them.
We may update this Privacy Policy from time to time. When we make material changes, we may notify users through the Services, by email, or by updating the Last Updated date.
Continued use of the Services after an updated Privacy Policy becomes effective means you acknowledge the updated policy.
For privacy questions, requests, or complaints, contact:
If applicable law requires a data protection officer, EU representative, UK representative, local representative, or supervisory authority contact, those details will be provided where legally required.
TRUWAIVER DATA SHIELD · PRIVATE SECURITY POLICY