# How It Works

The Trust Center in Sprinto acts as your organisation’s central portal for demonstrating compliance readiness and security transparency. From enabling NDA-based gated access to managing stakeholder requests and publishing security artefacts, the Trust Center streamlines how your organisation shares trust-related information with external parties.

This guide explains how each section of the Trust Center works, from setup to publishing.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FxD6V54DOMDU7PCM1c5XO%2FTrust.png?alt=media&#x26;token=d17db5ef-a822-4b33-af5d-7ba8b2f97415" alt="" width="563"><figcaption></figcaption></figure>

***

### 1. Set Up Your Trust Center

To get started, log in to the Sprinto dashboard and navigate to **Trust > Trust Center**.

You’ll land on the **Manage Trust Center** tab where you can:

* Add your organisation’s **overview**
* Upload key documents like **policies**, **compliance certificates**, and **security reports**
* Customise branding (name, logo, subheading)
* Highlight customers under **Trusted By**
* Manage legal, security, and product-specific artefacts

Each content block opens in a side drawer where you can view, add, or modify information.

***

### 2. Control Document Access

#### NDA for Restricted Items

You can enforce an NDA before users access restricted content.

* Use Sprinto’s auto-generated NDA or upload your own
* Configure once in the **Configuration** tab

#### Document Access Validity

Specify an expiry duration (e.g. 7 days) for access links.

***

### 3. Organise and Segment Your Content

#### Profiles and Private Trust Centers

Create:

* **Trust Center Profiles** – Custom content groupings by product, geography, or audience
* **Private Trust Centers** – Share sensitive content with a restricted user list

***

### 4. Publish Your Trust Center

You can publish your Trust Center on:

* Sprinto’s domain (e.g. `yourcompany.trust.site`)
* Your own domain via DNS configuration

Click **Publish** and follow the on-screen instructions. You can switch domains or unpublish at any time.

***

### 5. Manage Incoming Requests

#### Access Requests

From the **Access Requests** tab, you can:

* View document access requests
* Approve, reject, or request additional info

#### Data Rights Requests

From the **Data Rights Requests** tab:

* View submitted subject requests (e.g. data export or deletion)
* Customise request forms using custom fields

***

### 6. Add and Manage Team Members

In the **Team** tab:

* Invite team members by email
* Assign permissions to collaborate and approve access

***

### 7. Keep Visitors Informed

Use the **Trust Center Updates** section to:

* Post announcements on security updates
* Share breach reports or major changes
* Build transparency and ongoing credibility