Tremvio
How it worksWhy it worksTransformationExamplesFAQ
Sign inStart free
DPA

Data Processing Addendum

This Data Processing Addendum describes the baseline terms that apply when Tremvio processes personal data on behalf of a customer through document-processing workflows.

Quick facts
DPA contact
support@tremvio.com
Operator
Ksenoria OÜ
Last updated
June 16, 2026
Applies to
Customer-provided personal data processed in Tremvio

1. Scope and order of precedence

This Data Processing Addendum applies when a customer uses Tremvio to upload, review, transform, export, or otherwise process personal data contained in documents or extracted table outputs.

This page is Tremvio's standard public DPA summary. If a customer requires a signed version, additional procurement language, or international transfer annexes, contact support@tremvio.com.

2. Roles of the parties

For customer documents and extracted outputs that contain personal data, the customer generally acts as controller or processor for its own underlying business purpose, and Tremvio acts as processor on the customer's behalf.

Tremvio acts as controller for its own website operations, account administration, billing, abuse prevention, service analytics, support, legal compliance, and security records.

Customer documents: customer controller or processorTremvio app workflows: Tremvio processorWebsite, support, billing: Tremvio controller

3. Subject matter, duration, nature, and purpose

The subject matter of processing is document ingestion, table detection, extraction, review, export, storage, support, and related service operations needed to provide Tremvio.

Processing continues for as long as the customer maintains the relevant account or workspace and for any limited period reasonably required for backups, security, incident handling, billing, or legal compliance.

The purpose of processing is to provide document-processing software that converts messy PDFs, images, and scans into clean, reviewable tables and exports requested by the customer.

4. Categories of data subjects and personal data

The exact categories depend on what the customer uploads. Typical categories may include:

Data subjects

Customer users, customer staff, counterparties, contractors, clients, or other individuals whose data appears in uploaded documents.

Personal data

Names, email addresses, identifiers, contact details, row-level business records, and other text or numbers contained in uploaded tables.

Service metadata

Job timestamps, usage events, support messages, authentication records, and operational logs related to providing the service.

5. Customer instructions and responsibilities

  • The customer instructs Tremvio to process personal data only as needed to provide the service and according to documented product settings, support requests, and reasonable service operations.
  • The customer remains responsible for having a lawful basis to upload and process the personal data submitted to Tremvio.
  • The customer is responsible for configuring access controls, reviewing exports, and deleting data that is no longer needed.

6. Confidentiality and security

Tremvio aims to limit access to customer data to personnel and providers who need that access to provide, secure, maintain, or support the service. Tremvio also aims to use reasonable technical and organizational measures appropriate to the service and the categories of data involved.

  • Access controls for service administration and support.
  • Reasonable safeguards for storage, transport, and backup handling.
  • Operational monitoring, abuse prevention, and incident-response procedures.

7. Subprocessors

Tremvio may use third-party subprocessors and service providers for hosting, storage, billing, support, monitoring, and related operations. A public overview is available on the Subprocessors page.

Customers with procurement or vendor-review requirements can request more detailed information through support@tremvio.com.

8. International transfers

Tremvio and its providers may process customer data in multiple countries. Where personal data is transferred internationally, Tremvio aims to rely on lawful transfer mechanisms and reasonable contractual or organizational safeguards appropriate to the processing context.

9. Assistance with rights requests and incidents

Tremvio aims to provide reasonable assistance, taking into account the nature of the processing and the information available to Tremvio, so the customer can respond to data subject requests, security incidents, or regulator questions related to customer data processed in the service.

Customer privacy requests and DPA questions should be sent to support@tremvio.com.

10. Return and deletion

Customers can delete uploaded files, extracted outputs, or account data through the product where available or by sending a verified request to support@tremvio.com.

Following account closure or a verified deletion request, Tremvio aims to delete or de-identify customer data within a reasonable period, except where retention is still required for backups, security, fraud prevention, dispute resolution, billing records, or legal obligations.

11. Audit information and customer due diligence

Tremvio may provide reasonable documentation and answers to customer due-diligence requests proportionate to the customer's risk review, confidentiality obligations, and the nature of the service.

Operational note: This public DPA page is designed to speed up standard vendor review. Customers with contract-specific requirements can request additional discussion or a signed annex through support.
Tremvio
Product
How it worksWhy it worksTransformationFAQStart free
App
DashboardTemplatesJobsUsage
Company
AboutContactGDPRPrivacyDPASubprocessorsTerms & ConditionsRefunds & Billing
© 2026 Tremvio. All rights reserved.Operated by Ksenoria OÜ, a private limited company registered in Estonia under Reg. Code 17546111.