Privacy Policy

1. Who we are

TrustSolo is the trading name of Edward Livingston, a UK sole trader (not a registered company). Edward Livingston, trading as TrustSolo (“we”, “us”, “our”), is the data controller for the personal data described in this policy. Our business address is:

You can reach us by email at hello@trustsolo.co.uk. For privacy-specific enquiries, use the subject line “Data request”.

ICO registration: TrustSolo is registered (or in the process of registering) with the UK Information Commissioner's Office. Our registration reference will be published here once confirmed.

2. What data we collect

a) Waitlist signups (pre-launch)

When you join the waitlist from our site, we collect:

• Your email address
• The consent wording you agreed to and the version of that wording (for our audit records)
• Your IP address and browser user-agent at the time of signup
• The page you signed up from
• The timestamps of your signup and any updates to your record

b) Account holders

When you create a TrustSolo account, we (and our authentication provider Clerk) collect:

• Your name and email address
• A securely hashed password (we never see or store your plaintext password)
• Profile information you provide: trading name, business address, discipline, day rate, payment terms, logo, and similar business setup information
• Subscription billing with TrustSolo (Stripe Billing). When you subscribe to TrustSolo, Stripe collects your card details directly (we never see them) and shares back with us: a Stripe customer reference (cus_*), subscription status, plan, and renewal dates.
• Accepting payments from your own clients (Stripe Connect). If you enable card payments on invoices, you complete Stripe's onboarding flow inside TrustSolo. During onboarding, Stripe collects your identity documents, bank account details, tax status, and any other information needed for its KYC and anti-money-laundering checks — these go directly to Stripe and are stored in Stripe's systems. TrustSolo receives only a Stripe account reference (acct_*). We never see or store your bank account number, sort code (other than what you voluntarily enter for display on invoice PDFs, which is separate), identity documents, or tax forms.
• Records of your use of the service: invoices and contracts you create, reminders you schedule, email templates you edit, activity on your account
• Acceptance records for our Terms of Service and any updates to them

c) Your clients' information (data you enter)

When you use TrustSolo to send invoices and contracts, you enter information about your own clients — their names, email addresses, postal addresses, and invoice/contract content. In UK GDPR terms, you are the controller of that data and we process it on your behalf. Our Terms of Service set out the terms of that arrangement.

d) Visitors to the site

When you visit TrustSolo without signing up, our hosting provider and infrastructure services log standard technical information: IP address, request time, browser user-agent, and the page requested. These logs are used to operate the service, detect abuse, and investigate issues — not to build profiles of you.

3. Why we process your data (legal bases)

• Consent — for joining the waitlist and receiving the one-off launch email. You can withdraw consent at any time (see “Your rights” below).
• Performance of a contract — to provide the TrustSolo service once you create an account and agree to our Terms.
• Legal obligation — to keep financial records, respond to lawful requests from authorities, and comply with tax and accounting rules.
• Legitimate interests — to secure the service, prevent fraud, improve features, send service notifications (e.g. “your invoice was paid”), and run the business. We've assessed these uses as low-impact and balanced against your rights.

4. Who we share your data with

We use a small number of trusted third parties to run TrustSolo. Each one processes your data under a written agreement and only for the purposes we set. We do not sell your data or use it for advertising.

We may also share your data where we're legally required to (for example, in response to a valid court order or regulator request), or where necessary to establish, exercise, or defend legal claims.

5. International transfers

Some of our processors are based in the United States or operate on global infrastructure. When your data is transferred outside the UK, we rely on the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses (SCCs) to ensure it's protected to a standard equivalent to the UK GDPR.

6. How long we keep your data

• Waitlist signups: until you unsubscribe. There's an unsubscribe link in every waitlist email; clicking it deletes your record.
• Active accounts: for as long as your account is active, and for six months after cancellation so you can reactivate or export your records.
• Financial records: we retain invoices, contracts, and payment records for the life of your account plus six months. UK tax law (HMRC) requires you to keep your own records for six years; we provide export tools so you can do this.
• Aggregate, non-identifying usage data: may be retained indefinitely for service improvement.

When you ask us to anonymise one of your clients (UK GDPR right to erasure on their behalf): we replace personal identifiers with “REDACTED” across the client record, associated invoices, contracts, and stored PDFs. Financial data (amounts, dates, line items) is preserved so you can meet your HMRC record-keeping obligations. This action cannot be undone.

When you cancel your TrustSolo account: we keep your data for six months so you can reactivate or export it. After that, we send you a final ZIP archive of your data and permanently delete everything from our systems.

7. Your rights

Under the UK GDPR, you have the right to:

• Access the personal data we hold about you
• Rectify information that's inaccurate or incomplete
• Erase your data (subject to legal retention obligations)
• Restrict how we process your data
• Port your data to another provider
• Object to processing based on legitimate interests
• Withdraw consent at any time (this won't affect the lawfulness of anything we did before you withdrew it)
• Complain to the UK Information Commissioner's Office — see section 11 below

To exercise any of these rights, email hello@trustsolo.co.uk with the subject line “Data request”. We aim to reply within a few working days, and within one month at the latest as required by law.

8. Security

We use industry-standard measures to protect your data: encryption in transit (HTTPS), encryption at rest (via our database and storage providers), hashed passwords, role-based access controls, and audit logging of sensitive operations. No system is perfectly secure, but we take security seriously and respond quickly to any issue.

9. Cookies

Our Cookie Policy lists every cookie and piece of browser storage we use, what it does, and how to manage it.

10. Children

TrustSolo is not intended for people under 18. We don't knowingly collect data about anyone under 18. If you believe we have, please contact us and we'll delete it.

11. Complaints

If you're not happy with how we handle your data, you can complain to the UK Information Commissioner's Office (ICO):

We'd appreciate the chance to address your concern directly first — email hello@trustsolo.co.uk — but it's your right to go to the ICO at any time.

12. Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top reflects the most recent change. For significant changes (for example, a new type of data we collect or a new third-party processor), we'll notify account holders by email before the change takes effect.