Privacy Policy

1. Controller, Processor, and Scope

This Privacy Policy explains how Tremigos collects, uses, shares, and protects personal information when you use our website, live language sessions, media studio, document translation, voice tools, account features, billing, support, and related services.

For account, website, billing, security, support, and product operations, Tremigos acts as a data controller. For Customer Content processed inside a customer workspace, Tremigos usually acts as a processor or service provider on behalf of the workspace owner unless a separate agreement says otherwise.

Workspace owners and admins control user access, provider choices, retention settings, exports, audience links, and the lawful basis for uploading or streaming Customer Content.

2. Information We Collect

Account and workspace information: name, email address, password credentials or single sign-on identifiers, role, workspace name, plan, billing status, preferences, verification status, and support requests.

Customer Content: audio, video, documents, images, spreadsheets, presentations, transcripts, subtitles, translations, dubbing output, voice samples, glossary terms, generated files, meeting metadata, audience settings, and related logs.

Provider, glossary, and translation-memory data: provider names, enabled capabilities, encrypted secrets, service account metadata, API key metadata, meeting connector configuration, storage paths, terminology entries, translation-memory segments, and job settings.

Usage and technical data: IP address or derived security signals, device and browser data, pages viewed, session events, job status, error logs, audit logs, notification events, rate-limit events, and security logs.

Billing data: package, credits, payment status, country/tax rule, invoice and refund metadata, provider payment references, masked card metadata, and payment audit events. Tremigos does not store raw card numbers or CVV.

3. Purposes and Lawful Bases

We process information to provide and secure the service, authenticate users, run live sessions, process media and documents, generate transcripts and translations, create dubbing output, manage files, send transactional notifications, provide support, bill customers, prevent abuse, and comply with legal obligations.

For EU/EEA and UK users, our lawful bases may include contract performance, legitimate interests, legal obligation, consent, and, where applicable, the workspace owner's instructions as controller. For Türkiye, processing grounds may include explicit consent, contract necessity, legal obligation, establishment or exercise of a right, and legitimate interest where permitted by KVKK.

Where processing depends on consent, you may withdraw consent at any time. Withdrawal does not affect processing that happened before withdrawal.

4. AI, Translation, and Provider Processing

Depending on your configuration, Customer Content may be sent to selected speech-to-text, translation, text-to-speech, voice cloning, large language model, document processing, storage, email, and infrastructure providers.

Translation memories and glossaries may be used to improve terminology consistency for authorized workspaces. Admin-controlled visibility decides which tenant can use each glossary or translation-memory collection.

Provider behavior may differ by product, region, model, and account tier. Workspace admins are responsible for selecting providers appropriate for their content, regulatory needs, notices, consents, and audience expectations.

Tremigos does not use Customer Content to train a Tremigos foundation model. Provider training and retention commitments depend on the configured provider and contract terms.

5. Cookies and Similar Technologies

We use essential cookies and similar technologies for authentication, security, session management, preferences, CSRF protection, fraud prevention, and service reliability.

Analytics or marketing cookies may be added only where they are configured, disclosed, and permitted by consent or applicable law. See the Cookie Notice for current categories and controls.

6. Sharing

We share information with service providers that help us operate Tremigos, including hosting, storage, security, notifications, support, billing, analytics, and AI processing providers.

We may share information with workspace admins, authorized users, meeting audiences, or recipients according to your workspace settings and sharing choices.

We may disclose information when required by law and/or law enforcement, to protect rights and safety, to prevent fraud or abuse, to enforce agreements, or as part of a merger, acquisition, financing, reorganization, or sale of assets.

Tremigos does not sell personal information. We do not share personal information for cross-context behavioral advertising unless a future feature is separately disclosed and legally enabled with required choices.

7. Retention

We keep personal information and Customer Content for as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and follow workspace retention settings.

Deleting a job, file, or account may remove active copies from the service, but backups, logs, provider-side copies, payment evidence, legal holds, and audit records may remain for a limited period where needed.

Security, audit, billing, and legal evidence may be retained longer than Customer Content where law, tax rules, anti-fraud controls, or dispute handling require it.

8. International Transfers

Tremigos and its providers may process information in the United States, Türkiye, the European Economic Area, and other jurisdictions where we or our service providers operate. Those jurisdictions may have privacy laws different from those in your location.

Where required, we use appropriate safeguards for international transfers, such as contractual commitments, transfer impact review, standard contractual clauses, provider due diligence, or other lawful transfer mechanisms.

9. EU/EEA and UK Privacy Rights

Depending on the processing context, you may have the right to access, correct, erase, restrict, port, or object to processing of personal data; withdraw consent; and complain to a supervisory authority.

Some rights may be limited when Tremigos processes Customer Content as a processor for your organization. In those cases, we may direct the request to the workspace owner or act on the workspace owner's documented instructions.

10. Türkiye KVKK Rights

For data subjects in Türkiye, KVKK may provide rights to learn whether personal data is processed, request information, learn the purpose of processing and whether it is used for that purpose, know third parties to whom data is transferred, request correction, request deletion or destruction where conditions apply, object to adverse results from automated analysis, and claim compensation for unlawful processing.

KVKK requests can be sent to privacy@tremigos.com. We may request information needed to verify identity and route organization-managed workspace requests to the relevant workspace owner.

11. United States Privacy Rights

Depending on your U.S. state, you may have rights to know, access, correct, delete, or obtain a copy of personal information, and to opt out of sale, sharing, targeted advertising, or certain profiling where those activities occur.

Tremigos does not sell personal information or use Customer Content for cross-context behavioral advertising. If that changes, we will update this notice and provide required choices.

12. Security

We use technical and organizational safeguards designed to protect information, including access controls, encryption where appropriate, audit logging, secret handling, security headers, rate limits, and operational monitoring.

You are responsible for keeping account credentials secure, limiting workspace access, rotating provider secrets, and configuring retention, sharing, glossary, and translation-memory visibility settings for your use case.

13. Children

Tremigos is not available for children under 13 and must not be used to collect personal information from children without appropriate authorization, notices, and consents. Workspace owners are responsible for determining whether their use case involves children or student data and for configuring the service accordingly.

14. Requests, Updates, and Contact

Privacy questions and rights requests can be sent to privacy@tremigos.com. Terms questions can be sent to legal@tremigos.com. We may need to verify your identity and coordinate with your workspace owner when your account is managed by an organization.

We may update this Privacy Policy from time to time. Material changes will be communicated through the service, email, or another reasonable channel.

15. Legal Reference Points

This notice is drafted against the EU GDPR transparency and data-subject-rights framework, Türkiye KVKK data-subject rights, U.S. state privacy notice principles including California CCPA/CPRA notice-at-collection concepts, and FTC privacy/security guidance.