Who We Are
EvenTrust is a brand trust analysis platform operated by Floor No 8 SRL (CUI: RO50787407), a company registered in Timișoara, Romania. EvenTrust is built on the FN8 CogShield framework — a behavioral science engine that scores brand trust across seven dimensions.
Data controller contact: we.are@floorno8.com
What Data We Collect
EvenTrust collects and processes the following data categories:
Account Data
When you sign in with Google, we receive your name, email address, and profile picture. We use this to create your account and associate your analyses with it.
LinkedIn Data (User-Provided)
When you paste or upload LinkedIn profile data (headline, about section, posts, metrics), we process this data to generate your brand trust score. This data is stored in your account for analysis history.
LinkedIn Data (DMA API — OAuth)
If you connect your LinkedIn account via OAuth (available to EEA/Switzerland residents under the Digital Markets Act), we access your LinkedIn data through LinkedIn's official Member Data Portability API. This includes your profile information, posts, articles, and connections. We store an encrypted access token and refresh token to maintain your connection. You can disconnect at any time, which immediately revokes our access.
Browser Extension Data (EvenTrust Capture)
Our optional Chrome extension captures publicly visible data from the page you are viewing — profile name, headline, bio, follower count, and public posts (including engagement metrics). Supported platforms: LinkedIn, Twitter/X, and generic webpages.
What we collect: publicly displayed text content only (name, headline, about/bio, post text, likes, comments, follower count). No private messages, emails, passwords, connection lists, or hidden data is accessed.
How it works: data is captured only when you click the Capture button. It is stored temporarily in your browser's local storage (chrome.storage.local) until delivered to eventrust.ro, then cleared automatically. No data is sent to any server until you explicitly initiate the import on the Analyze page.
No background collection: the extension does not run in the background, does not track browsing history, and does not collect data from pages you visit unless you actively trigger a capture.
Analysis Results
The trust scores, dimension breakdowns, archetype classifications, and recommendations generated by CogShield are stored in your account history.
Usage Data
Standard web analytics: pages visited, features used, anonymous performance metrics. We use Vercel Analytics for this purpose, which does not use cookies and complies with GDPR without additional consent.
How We Use Your Data
We process your data for these purposes:
To provide the service — generating brand trust analysis using the CogShield engine, storing your history, and enabling comparisons over time.
To improve the engine — aggregated, anonymized patterns help us calibrate scoring accuracy and add new dimensions.
To communicate with you — transactional emails about your account. We do not send marketing emails without explicit consent.
Legal Basis (GDPR)
We process your data under the following legal bases:
Contract performance (Art. 6(1)(b)) — processing necessary to provide the analysis service you requested.
Consent (Art. 6(1)(a)) — for LinkedIn OAuth connection and optional communications.
Legitimate interest (Art. 6(1)(f)) — for service improvement using anonymized aggregated data.
Data Storage & Security
Your data is stored on Neon Postgres (Frankfurt, Germany — EU region) via Vercel infrastructure. All data is encrypted in transit (TLS 1.3) and at rest. OAuth tokens are stored encrypted and are never exposed to the client. We retain your data for as long as your account is active plus 30 days after deletion request.
Third-Party Services
Google OAuth — authentication only. We access your name, email, and profile picture.
LinkedIn DMA API — optional data portability connection for EEA/CH residents. Subject to LinkedIn's privacy policy.
Anthropic (Claude API) — AI analysis engine. Your brand data is sent to Claude for scoring. Anthropic does not use API inputs for model training.
Vercel — hosting and edge infrastructure (EU and US regions).
Neon — PostgreSQL database (Frankfurt, DE).
Your Rights
Under the GDPR, you have the right to:
Access — request a copy of all data we hold about you.
Rectification — correct inaccurate data.
Erasure — request deletion of your account and all associated data.
Portability — export your data in a structured, machine-readable format.
Withdraw consent — disconnect LinkedIn OAuth or delete your account at any time.
Lodge a complaint — with ANSPDCP (Romanian data protection authority) or your local supervisory authority.
To exercise any of these rights, email we.are@floorno8.com. We respond within 30 days.
Cookies
EvenTrust uses only essential cookies required for authentication (NextAuth session cookie) and CSRF protection. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. Vercel Analytics is cookie-free. For full details, see our Cookie Policy.
Children's Privacy
EvenTrust is not intended for use by anyone under the age of 16. We do not knowingly collect data from children.
Changes to This Policy
We may update this privacy policy periodically. Significant changes will be communicated via email to registered users. The “last updated” date at the top reflects the most recent revision.