Skip to main content

Suggested Privacy Policy Wording (English)

Important: This document provides non-binding sample language to help you describe your Trusted Accounts integration. You remain responsible for verifying the information, adapting it to your specific configuration, selecting the correct legal basis and ensuring compliance with applicable laws.

How to Use This Template

Replace the placeholders in square brackets (for example [Customer Name], [Controller Contact], [Optional Additional Data Description]) with information that reflects your specific configuration and review the wording with your legal counsel before publishing it.

Sample Text for Your Privacy Policy

Trusted Accounts Security & Fraud Prevention

We, [Customer Name], use the Trusted Accounts fraud-prevention and account-protection platform operated by Trusted Accounts SW FlexCo, Vorarlberger Wirtschaftspark 1, 6840 Götzis, Austria, to safeguard our digital services against automated abuse, fake sign-ups and credential attacks. Depending on the products we have enabled (e.g. Trusted Captcha, Trusted Verify, Trusted SDK), Trusted Accounts evaluates interactions with our website/app to keep access available for legitimate users.

Categories of data: When you interact with our services, Trusted Accounts processes technical and behavioral signals that are necessary to differentiate between genuine users and automated traffic. These signals include device and browser details (device type, operating system, browser version, screen resolution, language preferences), network and security metadata (truncated IP address, time zone, referrer, connection type, HTTP headers) and interaction events (mouse or touch movements, typing cadence, challenge results, session identifiers). Trusted Accounts does not receive profile fields that identify you directly (e.g. name, email) unless we choose to transmit them for additional checks. If we transmit further data, we describe it here: [Optional Additional Data Description].

Purpose of processing: Trusted Accounts analyzes the above signals on our behalf to assign a risk classification (such as “human”, “suspicious”, “high risk”). We use this classification to detect and block automated attacks or repeated abusive attempts, to trigger step-up verification or manual review before we grant access, and to maintain accurate statistics by excluding invalid traffic. Trusted Accounts stores the collected signals for up to one year to investigate attempted abuse, refine fraud detection models and keep audit trails, all in accordance with our Data Processing Agreement.

Legal basis and roles: We rely on Art. 6(1)(f) GDPR (legitimate interests) for this processing, because protecting our platform and users against fraud is necessary for the secure provision of our services. If we enable optional analytics or reporting features that go beyond pure security purposes, we will obtain your consent pursuant to Art. 6(1)(a) GDPR before processing. Trusted Accounts acts as our data processor and only processes the data according to our documented instructions. All data is hosted within the European Union and is not used by Trusted Accounts for independent marketing or profiling purposes. Trusted Accounts’ Data Protection Officer can be reached at privacy@trustedaccounts.org.

If you choose to opt out of this security evaluation, please contact [Controller Contact]. Without the checks performed by Trusted Accounts, we may be unable to provide certain services or may need to request alternative verification methods.