Skip to main content

Documentation Index

Fetch the complete documentation index at: https://truv.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Truv’s privacy and compliance documentation centers on three practical areas:
  • explicit end-user consent before data access
  • secure transport for all API communication
  • current audit reports, questionnaires, and supporting materials through the Trust Center and compliance contacts
Access to end-user data requires explicit user consent through the Truv connection flow. Users authenticate directly with their provider and authorize access to the requested data before Truv returns verification results. Use your implementation to make that consent flow clear to end users and request only the data required for your use case.

Secure transport

All API traffic must use HTTPS with TLS 1.2 or higher. For integrations with stricter authentication requirements, Truv also supports mTLS for public API traffic and webhook delivery.

Data handling expectations

Use the same controls you would apply to other sensitive verification data:
  • keep API credentials in environment variables or a secrets manager
  • restrict access to verification data to the systems and roles that need it
  • define retention windows that match your business and regulatory requirements
  • log access to sensitive data and security-relevant events for auditability
Implementation details for credential handling and webhook verification live in Webhook Security.

Compliance highlights

  • SOC 2 Type II certified with continuous monitoring
  • Regular internal and external network penetration testing and third-party code reviews
  • Role-based access controls enforced at each layer of infrastructure
  • Multi-factor authentication required for access to Truv infrastructure
  • All application and user access logs stored centrally and monitored
  • Sensitive data encrypted with an additional layer beyond standard TLS

Compliance materials

For current security documents, questionnaires, and supporting materials, use the Truv Trust Center or contact the Truv compliance team.

Trust Center

Current security documents, reports, and questionnaires.

Compliance Team

Request current compliance materials and supporting documentation.