Privacy Policy

1. Introduction

This Privacy Policy (the “Policy”) describes how Trivanta Systems LLC and its affiliates (“Trivanta,” “we,” “us,” or “our”) collect, use, disclose, and safeguard information in connection with our websites, applications, and services (collectively, the “Services”). By accessing or using the Services, you acknowledge that you have read and understood this Policy. If you do not agree with it, do not access or use the Services.

This Policy is incorporated into and subject to our Terms & Conditions. Capitalized terms not defined here have the meaning given in those Terms.

2. Information We Collect

2.1 Information you provide

We collect information you choose to provide, such as your name, business email address, organization, role, and the contents of communications you send us (for example, demo requests or support inquiries). If you use the Services, we also process the documents, solicitations, drafts, and other materials you upload or generate (“Customer Content”).

2.2 Information collected automatically

When you interact with the Services, we may automatically collect device and usage information, including IP address, browser type, operating system, referring URLs, pages viewed, access times, and similar diagnostic data. We and our providers use cookies and similar technologies to operate, secure, and improve the Services.

2.3 Information from third parties

We may receive information about you from service providers, analytics partners, and publicly available sources, and combine it with information we already hold.

3. How We Use Information

We use information to:

• provide, operate, maintain, and secure the Services;
• respond to your requests and provide customer support;
• monitor, analyze, and improve performance, reliability, and features;
• detect, prevent, and address fraud, abuse, security, and technical issues;
• comply with legal obligations and enforce our agreements; and
• send administrative and, where permitted, marketing communications.

We do not use Customer Content to train shared or foundation models, and we do not sell personal information.

4. Legal Bases for Processing

Where required by law (for example, under the EU/UK GDPR), we process personal information on the bases of performance of a contract, our legitimate interests in operating and improving the Services, your consent (which you may withdraw), and compliance with legal obligations.

5. How We Disclose Information

We may disclose information:

• to service providers and subprocessors that perform functions on our behalf under appropriate confidentiality and data-protection obligations;
• to comply with applicable law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Trivanta, our users, or others;
• in connection with, or during negotiations of, any merger, financing, acquisition, reorganization, or sale of assets, or in the event of insolvency; and
• with your direction or consent.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. We may retain de-identified or aggregated information indefinitely.

7. Security

We implement administrative, technical, and organizational measures designed to protect information, including encryption in transit and at rest, access controls, and monitoring. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

8. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, port, or restrict the processing of your personal information, and to object to certain processing. Residents of California and other U.S. states may have rights under applicable state privacy laws, including the right not to be discriminated against for exercising those rights. To exercise any right, contact us using the details below. We will respond as required by applicable law and may need to verify your identity.

9. International Transfers

We may process and store information in the United States and other countries that may have data-protection laws different from those in your jurisdiction. Where required, we rely on appropriate safeguards for cross-border transfers.

10. Children’s Privacy

The Services are intended for business users and are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will take appropriate steps to delete it.

11. Government Contracting Data

The Services may be used to process solicitations and proposal materials related to government procurement. You are responsible for ensuring that your use of the Services, and any data you upload, complies with all applicable laws, regulations, and contractual obligations, including handling requirements for controlled or sensitive information. Do not upload classified information to the Services.

12. Third-Party Links and Services

The Services may link to or integrate with third-party websites and services that we do not control. This Policy does not apply to those third parties, and we are not responsible for their practices.

13. Changes to This Policy

We may update this Policy from time to time. The “Last updated” date above indicates when it was last revised. Changes are effective when posted, and your continued use of the Services constitutes acceptance of the revised Policy.

14. Contact Us

Questions about this Policy or our privacy practices may be directed to Trivanta Systems LLC at contracts@trivantasystems.com.

Trivanta Systems LLC is an independent software provider and is not affiliated with, endorsed by, or sponsored by any U.S. government agency.