TRIUMVIR

Privacy Policy

Last updated: January 2026

1. Introduction

Triumvir ("we", "our", "us") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data in compliance with the General Data Protection Regulation (GDPR) and applicable privacy laws.

2. Data Controller

Triumvir is the data controller for personal data processed through our services. For privacy inquiries, contact us at privacy@triumvir.io

3. Data We Collect

We collect the following categories of data:

Account Information

  • Email address
  • Name (if provided)
  • Authentication credentials

Usage Data

  • Queries submitted to the decision governance system
  • Decision history and session data
  • Settings and preferences

Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Access timestamps

4. How We Use Your Data

We process your data for the following purposes:

  • Providing and improving our services
  • Processing your decision governance requests
  • Maintaining your account and preferences
  • Communicating service updates and changes
  • Ensuring security and preventing fraud
  • Complying with legal obligations

5. Legal Basis for Processing

We process your data based on:

  • Contract: To provide the services you subscribed to
  • Legitimate Interest: To improve our services and ensure security
  • Legal Obligation: To comply with applicable laws
  • Consent: Where specifically requested

6. Data Sharing

We may share your data with:

  • AI Service Providers: OpenAI, Anthropic, and Google for processing decision queries (data is anonymized where possible)
  • Infrastructure Providers: Hosting and database services (Vercel, Supabase)
  • Payment Processors: For subscription billing (Stripe)

We do not sell your personal data to third parties.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Decision history is retained according to your subscription plan. You may request deletion of your data at any time.

8. Your Rights

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Receive your data in a portable format
  • Restriction: Limit how we process your data
  • Objection: Object to certain processing activities
  • Withdraw Consent: Where processing is based on consent

To exercise these rights, contact privacy@triumvir.io

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit and at rest, access controls, and regular security assessments.

10. International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

11. Cookies

We use essential cookies required for the service to function. We do not use tracking or advertising cookies. Session cookies are deleted when you close your browser.

12. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or through the service. Continued use after changes constitutes acceptance of the updated policy.

13. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. In France, this is the Commission Nationale de l'Informatique et des Libertés (CNIL).

14. Contact

For privacy-related inquiries, contact our privacy team at privacy@triumvir.io