Privacy

Privacy Policy

Last updated June 6, 2026 · Trilli Media LLC

This Privacy Policy describes how Trilli Media LLC (“Trilli,” “we,” “us”) collects, uses, stores, and protects information when you use our file storage and collaboration service.

1. Our privacy commitment

Trilli is built for people and teams who care about keeping their files private. We treat the documents you store with us as yours — not as a data source to mine, profile, or sell. This policy explains what we collect, why, how we protect it, and the choices and rights you have.

We never sell your personal information or the contents of your files, and we do not use the contents of your files to train advertising or marketing systems.

2. Information we collect

  • Account information — your name, email address, and a securely hashed password (we never store your password in plain text).
  • Your content — the files and folders you upload, their names, and metadata such as size, type, and timestamps.
  • Usage & device data — log records such as IP address, approximate location derived from IP, browser/device details, and actions taken in the product (uploads, shares, sign-ins) for security and auditing.
  • Payment information — handled by our payment processor (Stripe). We receive billing status and the last four digits of a card, but we do not store full card numbers on our systems.

3. How we use information

  • To provide, maintain, and secure the service and your account.
  • To process payments, manage subscriptions, and send billing notices.
  • To detect, investigate, and prevent fraud, abuse, and security incidents.
  • To provide support and respond to your requests.
  • To send service and account communications. Product/marketing emails are sent only with your consent and you can opt out at any time.

4. How we store and protect your data

Files are stored encrypted at rest on Microsoft Azure infrastructure and transmitted over encrypted connections (TLS). Each account's data is logically isolated, and access is scoped per workspace and per member.

We offer two-factor authentication, passkey (WebAuthn) sign-in, trusted-device and session controls, and an immutable activity log so you can see and govern access to your account.

5. Sharing and disclosure

We do not sell your personal information or file contents. We share data only in these limited circumstances:

  • Service providers (subprocessors) — such as Microsoft Azure (storage/hosting), Stripe (payments), and SendGrid (transactional email), each bound by contract to protect your data and use it only to provide their service to us.
  • At your direction — when you share a file, folder, or link with someone.
  • Legal process — see the section below.

6. Government and law-enforcement requests

We require valid legal process before disclosing customer data. We do not provide your personal information or the contents of your files to law enforcement or other third parties without a valid warrant, subpoena, or court order issued under applicable law — except in a genuine emergency where we believe in good faith that disclosure is necessary to prevent imminent death or serious physical harm.

Where we are legally permitted to do so, we will notify the affected account before disclosing data so you have an opportunity to object. We publish the categories of requests we receive and narrowly limit any disclosure to what the legal process actually requires.

7. Data retention and deletion

We keep your content for as long as your account is active. Deleted items move to Trash and can be restored; once purged, they are removed from active systems and deleted from backups within a reasonable period. Activity-log retention depends on your plan.

You can delete files at any time, export your data, or close your account. When an account is closed or a subscription permanently lapses, we delete the associated data on the schedule described in those flows.

8. Your rights and choices

Depending on where you live, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. You can exercise most of these directly in the product, or by contacting us.

To make a privacy request, email privacy [at] trilli.com. We will respond within the timeframe required by applicable law.

9. Cookies and sessions

We use a small number of strictly-necessary cookies to keep you signed in and to remember trusted devices. We do not use third-party advertising or cross-site tracking cookies.

10. Children

Trilli is not directed to children and is not intended for use by anyone under 16. We do not knowingly collect personal information from children; if you believe a child has provided us information, contact us and we will delete it.

11. Changes to this policy

We may update this policy as the product and the law evolve. If we make material changes, we'll update the date above and, where appropriate, notify you in the product or by email.

12. Contact us

Questions about privacy? Email privacy [at] trilli.com or reach our team at support [at] trilli.com.