Legal

Privacy Policy

Effective date: July 18, 2026

Operator: Life Safe, 50 Lesmount Ave, Toronto, ON M4J 3V6, Canada (“Trueline”, “we”, “us”)

Contact: info@lifesafe.ca

1. What Trueline is

Trueline is a read-only ad-spend diagnostics service. Customers connect their Meta Ads, Google Ads, and Shopify accounts; Trueline computes reporting reconciliations, efficiency metrics, and diagnostic signals from that data and delivers them in a dashboard and a weekly email brief. Trueline never modifies, creates, or deletes anything in a connected account.

2. Information we collect

Account information (from you): name, email address, company name, billing details (processed by Stripe — we never store full card numbers), and a blended margin percentage you enter.

Connected-platform data (via APIs, with your authorization):

OAuth tokens: access/refresh tokens for the connections above, stored encrypted at rest.

Product usage data: page views and feature usage in the Trueline app, collected via PostHog for product analytics.

3. How we use it

We do not sell personal information, use your data to train models, use platform data for advertising of our own, or share one customer’s data with another.

4. Legal bases and consent

For Canadian customers we comply with PIPEDA; consent is obtained when you create an account and when you explicitly authorize each platform connection via that platform’s OAuth flow. For customers in the EEA/UK, processing is based on performance of contract (providing the service you signed up for) and legitimate interest (service analytics, security). You may withdraw platform consent at any time by disconnecting the integration, which stops all further syncs.

5. Service providers (sub-processors)

ProviderPurposeData involved
Cloud infrastructure providerApplication and database hostingAll service data
StripeBillingBilling contact and payment details
Transactional email providerWeekly brief / alert email deliveryYour name, email, brief contents
PostHogProduct analyticsUsage events, app identifiers
AnthropicNarration of computed metricsAggregated signal summaries only

A customer-facing DPA with the full current sub-processor list is available on request.

6. Retention and deletion

7. Security

Encryption in transit (TLS) and at rest; OAuth tokens encrypted with a dedicated key separate from the application database credentials; least-privilege, read-only API scopes; access to production limited to authorized personnel; no write access to any connected ad account is ever requested or held.

8. Your rights

You may access, correct, export, or delete your personal information, and disconnect any platform, at any time — in-app or by emailing info@lifesafe.ca. EEA/UK users additionally have GDPR rights to restriction, objection, and portability, and may lodge a complaint with their supervisory authority. Canadian users may contact the Office of the Privacy Commissioner of Canada.

9. Platform-specific commitments

10. Changes

We will post changes here and notify account holders by email for material changes.