Privacy Policy

Effective Date: April 9, 2025

Applicable to: Department of Defense agencies, federal contractors, healthcare entities, legal teams, and enterprise organizations.

At TRONAS, we recognize the critical importance of safeguarding sensitive and classified information. We maintain a Zero Trust security architecture, enforce DoD-compliant data controls, and ensure that your privacy and data security are never compromised. This Privacy Policy outlines how we collect, use, protect, and retain information within our AI-powered document redaction platform, tailored for government, military, and enterprise-level compliance.

1. Our Commitment to Privacy and National Security

2. Compliance Frameworks

TRONAS adheres to the following regulations and cybersecurity standards:

  • FedRAMP Moderate Baseline
  • FISMA (Federal Information Security Modernization Act)
  • NIST SP 800-53 & SP 800-171
  • DFARS 252.204-7012 (Safeguarding Covered Defense Information)
  • CMMC (Cybersecurity Maturity Model Certification) Level 2 Readiness
  • HIPAA, GDPR, and CCPA
  • Executive Order 14028 (Improving the Nation’s Cybersecurity)
  • Section 508 Accessibility Compliance

3. Information We Collect

a. User and Account Information

  • Full name, email address, and role
  • Organizational affiliation and clearance level (if applicable)
  • Authentication credentials (stored with encryption)

b. System Metadata and Activity Logs

  • IP address, browser type, session ID, and usage patterns
  • Access times, audit trail data, redaction activity logs
  • Document type, number of redacted pages, and system-generated flags

c. Document Handling

  • TRONAS does not retain document content longer than required for processing, unless explicitly authorized under contract
  • Redacted outputs and logs are encrypted, access-controlled, and auditable

4. How We Use Your Information

We only use collected data to:

  • Provide secure access to TRONAS services
  • Perform redaction, logging, and audit trail functions
  • Support compliance, reporting, and operational optimization
  • Investigate and prevent unauthorized access or threats
  • Comply with federal, legal, and regulatory requirements

We do not use your data for advertising, resell it to third parties, or exploit it for non-contractual purposes.

5. Data Protection and Security

TRONAS implements military-grade security protocols:

  • FIPS 140-2 validated encryption for data at rest and in transit
  • Zero Trust access controls with MFA and RBAC
  • AES-256 data encryption, including audit logs and backups
  • 24/7 monitoring, incident detection, and security event logging
  • Secure cloud infrastructure within FedRAMP-authorized data centers (AWS GovCloud or Azure Government)
  • Annual third-party penetration tests and vulnerability assessments

6. Data Retention and Deletion
  • Redaction-related files and logs are retained based on the client’s contract terms or DoD Records Management Guidelines.
  • Unless otherwise agreed, all documents are automatically deleted within 30 days post-processing.
  • Clients may request immediate deletion or custom retention policies by submitting a Data Handling Agreement (DHA).

7. Sharing and Disclosure of Data

We only disclose data when:

  • Required under contract to authorized government oversight bodies
  • Legally compelled via subpoena or valid court order
  • Necessary to respond to a verified national security request

TRONAS does not share data with third-party vendors unless under a strict Federal-compliant subcontractor NDA, and never without your knowledge and authorization.

8. Your Rights and Controls

Depending on your agency or jurisdiction, you may:

  • Request access to your personal or document metadata
  • Correct inaccuracies in your user profile
  • Request deletion or restricted processing
  • Obtain an audit log of system actions taken under your account

Contact privacy@tronas.ai for verified access requests.

9. Cookies and Tracking

TRONAS only uses essential cookies for authentication and secure session management. We do not use analytics or third-party trackers. Cookie data is encrypted and cleared at logout or session timeout.

10. International Users and Data Transfers

For international partners and NATO-aligned governments:

  • Data transfers are governed by SCCs (Standard Contractual Clauses) and appropriate cross-border handling protocols.
  • All data processed in U.S.-based systems adheres to the EU-U.S. Data Privacy Framework where applicable.

11. Children’s Privacy

TRONAS is not intended for individuals under 18. We do not knowingly collect personal data from minors.

12. Changes to This Policy

We may update this Privacy Policy to reflect security improvements or regulatory changes. All material updates will be posted on our website and, if required, communicated through client channels.

Join our newsletter to stay up to date on features and releases.
By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Product
HomePricing
All Rights Reserved and Copyrighted 2025
Privacy PolicyCookies SettingsCompliance