2. Account Data
When you create a TrustEvero account, we collect and store your email address, chosen password (encrypted), and the role you select (homeowner or tradesperson).
Your account data is used to:
- Authenticate your identity when you sign in
- Associate your activity (quote requests, messages, reviews) with your account
- Send transactional emails related to your activity on the platform (e.g. new messages, booking confirmations)
- Contact you with important platform updates and security notices
We do not sell your account data to third parties. You may request deletion of your account at any time by contacting support@trustevero.co.uk.
3. Verification Documents
Tradespeople who apply to join TrustEvero are required to submit verification documents as part of the onboarding process. These may include:
- Government-issued photo ID (passport or driving licence)
- Proof of public liability insurance
- Business registration details or Companies House information
- Address verification documents
These documents are stored securely using Supabase Storage with restricted access. Verification documents are only accessible to authorised TrustEvero administrators for the purpose of manual review.
Verification documents are not displayed publicly on professional profiles. Public profiles show only the resulting verification badge (e.g. "ID Verified", "Insurance Verified") — not the underlying documents.
We retain verification documents for as long as the professional's account is active and for a period thereafter as required by applicable law. You may request removal of your verification documents by submitting an account deletion request.
4. Messaging Data
TrustEvero provides an in-platform messaging system that allows homeowners and tradespeople to communicate about quote requests and jobs.
Messages sent through the platform are stored in our database in order to:
- Enable real-time and asynchronous communication between users
- Allow users to reference prior conversation history
- Resolve disputes or investigate reports of misconduct
Messages are only accessible to the participants in the conversation and to TrustEvero administrators in the event of a dispute or policy investigation.
We do not use the content of private messages for advertising purposes.
5. Payment & Subscription Data
TrustEvero uses Stripe to process subscription payments for professional accounts. When you subscribe, Stripe collects and stores your payment card details directly — TrustEvero never stores raw card numbers.
We retain the following payment-related data:
- Stripe Customer ID associated with your account
- Subscription status and plan type
- Billing history and invoice records
Payment data is processed under Stripe's privacy policy (stripe.com/privacy). TrustEvero processes payment data under a legitimate interest basis to fulfil your subscription contract.
Homeowners using TrustEvero to submit quote requests are not charged and we do not collect payment information from homeowners.
6. Cookies & Analytics
TrustEvero uses cookies and similar tracking technologies to improve the platform experience. Cookies we use include:
Essential cookies — Required for the platform to function. These include session tokens and authentication cookies. These cannot be disabled without preventing you from using the platform.
Analytics cookies — We may use anonymised analytics to understand how users navigate the platform. This data is aggregated and does not identify individual users.
You can manage cookie preferences through your browser settings. Removing essential cookies may prevent you from staying logged in.
We do not use third-party advertising cookies or sell your browsing data to advertisers.
7. Data Security
We take data security seriously. TrustEvero implements the following technical and organisational security measures:
- All data transmitted between your device and TrustEvero is encrypted using TLS
- Passwords are hashed using industry-standard algorithms and are never stored in plain text
- Supabase Row Level Security (RLS) policies restrict database access so users can only read data they are authorised to access
- Service role credentials are never exposed to the client
- Verification documents are stored in a private storage bucket inaccessible to the public
- Regular security reviews are conducted on authentication and API logic
No online platform can guarantee absolute security. If you suspect unauthorised access to your account, please contact us immediately at support@trustevero.co.uk.
8. Your Rights
Under UK data protection law (UK GDPR and the Data Protection Act 2018), you have the following rights regarding your personal data:
Right of access — You may request a copy of the personal data we hold about you.
Right to rectification — You may request that we correct inaccurate or incomplete personal data.
Right to erasure — You may request that we delete your personal data. Note that some data may be retained where we have a legitimate legal basis to do so (e.g. transaction records).
Right to restrict processing — In certain circumstances, you may ask us to stop processing your data while a request is under review.
Right to data portability — You may request your personal data in a structured, machine-readable format.
Right to object — You may object to processing based on our legitimate interests.
To exercise any of these rights, please contact us at support@trustevero.co.uk. We will respond to all legitimate requests within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.