TrustArc

TrustArc is a developer of cloud-based software designed to facilitate privacy compliance and risk management for GDPR, CCPA, and other regulations. The company's software provides scalable privacy operations, dynamic privacy intelligence and automated business insights and also offers data protection regulations with a combination of technology and expertise through technology, expert consulting and certification solutions.

Through TrustArc's platform, TrustArc says they offer a combination of privacy frameworks, privacy insights, privacy intelligence, and an automated platform for end-to-end privacy management.

Through TrustArc's privacy platform, the company suggests users are able to use the software to develop privacy solutions through their organizations and simplify the embedded privacy solutions. This includes proactive privacy, governance, risk and accountability management tools which can be integrated into a users existing software products. The platform includes tools and controls to:

• Access and understand ongoing privacy regulatory developments such as enacted laws, court decisions, and news stories
• Plan and prioritize decision making around data risks
• Privacy management tools

Demonstration of TrustArc's Data Privacy Platform. (credit: trustarc.com)

TrustArc offers users research tools for understanding compliance and regulations around privacy and data laws in the regions users are operating or hoping to expand operations towards. The research on demand platform offers users tools to help demonstrate their awareness and accountability towards these regulations for auditing bodies. This includes:

• Comparisons of legal requirements across jurisdictions
• English translations of laws with legal analysis
• Pre-identified risks for privacy risk management scores
• Visualizations of the analysis of regulations and laws
• Up-to-date compliance and regulatory news and analysis

In November 2019, TrustArc acquired Nymity, which was a privacy research organization working to provide privacy research, assessment, and data subject rights solutions to help companies design, build, and manage privacy programs. TrustArc acquired Nymity to help expand their privacy research and assessment capabilities. Terry McQuay, president and founder of Nymity, said of their acquisition:

Nymity is thrilled to become part of the TrustArc team. Together, our organizations can deliver unmatched privacy insights that drive a simple, visionary approach to data privacy and compliance.

TrustArc's Consumer Trust platform offers users a platform to present a compliant digital experience and provide transparency for consumers. This includes up-to-date cookie policy and scheduled website scans to detect tracker and tracker changes. And, through these automated scans, TrustArc's Consumer Trust gives users real-time contextual alerts for privacy changes and on their digital offerings. The platform also changes and displays appropriate consent banner's based on the user's location to help companies meet consumer consent requirements. The platform also allows users to:

• Understand their website's tracking behavior
• Understand and identify their website's compliance risk
• Conduct cookie audits
• Manager consent trackers
• Help meet global consent requirements with an experience consistent with a companies digital brand
• Automate data subject request lifecycle
• Configure a regulatory guidance dashboard

Example of TrustArc's Consumer Trust Dashboard. (credit: trustarc.com)

TrustArc's Privacy Operations tool offers users automation of operational requirements to help the companies comply with global compliance laws, standards and frameworks. Through the privacy operations, users are able to:

• Embed automated workflow management systems for end-to-end privacy management
• Automated determinations of laws and regulations applicable to a user's business
• Privacy resource identification
• Automatic identification of high-risk business activities
• Collaboration for teams on privacy management and resource planning
• Automate internal and external audits

TrustArc's Privacy Assessment offers users automated end-to-end assessments to find gaps, record risks, manage tasks, maintain audit trails, and produce compliance reports to meet regulatory requirements.

As part of their privacy platform, TrustArc offers risk management tools. These tools are intended to monitor and aggregate risk while offering mitigation recommendations for residual risks of business processes, systems, data transfers, third parties, and company entities. The tools offered through the platform include:

• Automated detection and mitigation planning of privacy and data risks
• Vendor privacy risk management solutions
• Automated risk analysis and assessment management for automated compliance assessments and remediations
• Data flow maps to understand potential risks across organizations

Through their platform, TrustArc also offers their users data inventory and mapping tools. The Data Inventory Hub offers users a privacy dat inventory and mapping system to support building and managing a data inventory, business processes, data flow maps, and compliance reporting.

Data Mapping visualization example. (credit: trustarc.com)

In 1997, TrustArc was founded as a non-profit industry association called TRUSTe by Lori Fena and Charles Jennings. The intention of this early version of TrustArc was to help business and online organizations self regulate privacy concerns.

In 2000, TRUSTe joined the Safe Harbor framework of the U.S. Department of Commerce and the European Union and launched its EU Safe Harbor Seal Program. And in 2001, TRUSTe launched its Children's Privacy Seal Program after becoming a Children's Online Privacy Protection Act Safe Harbor organization. In the same year, Fran Maier joined TRUSTe as Executive Director. After joining TRUSTe, Fran Maier worked to turn the company into a for-profit company and help expand the product portfolio and brand.

In 2008, as part of Fran Maier's plan, TRUSTe changed its structure from a non-profit industry association to a venture-backed for-profit company and raised its first funding round.

In 2016, with the European Union's incoming General Data Protection Regulation (GDPR) data protection law, TRUSTe partnered with the International Association of Privacy Professionals to offer free compliance assessments of a company's privacy practices.

TRUSTe changed their name to TrustArc on June 6, 2017.