Last updated: March 20, 2026
Privacy Policy
This Privacy Policy explains how Tarvio ("we", "us", or "our") collects, uses, and protects information when you use our service at tarvio.com (the "Service"). By using the Service you agree to this policy.
1. Who We Are
Tarvio is a testimonial collection and display platform. If you have questions about this policy, contact us at legal@tarvio.com.
2. Information We Collect
Account holders (workspace owners)
- Email address and password (for authentication)
- Billing information — processed directly by Stripe; we store only a Stripe customer ID
- Workspace names and configuration you provide
- Usage data (pages visited, features used, timestamps)
Testimonial submitters (your customers)
- Name and any other fields requested in the collection form
- Written testimonials and star ratings
- Video recordings (if the video option is enabled)
- IP address and approximate location (for fraud prevention)
Automatically collected data
- Browser type, device information, and referring URLs
- Session cookies required for authentication (see our Cookie Policy)
3. How We Use Your Information
- To provide, operate, and improve the Service
- To process payments and manage subscriptions
- To send transactional emails (account confirmations, receipts)
- To display testimonials on widgets and public walls as configured by workspace owners
- To prevent fraud and enforce our Terms of Service
- To comply with legal obligations
4. Third-Party Processors
We share data with the following trusted processors only as necessary to operate the Service:
| Processor | Purpose | Location |
|---|---|---|
| Supabase | Database & authentication | EU / US |
| Cloudflare R2 | Video & file storage | US |
| Stripe | Payment processing | US |
| Resend | Transactional email | US |
Each processor has their own privacy policy and is bound by data processing agreements. Transfers to non-EEA countries rely on Standard Contractual Clauses or equivalent safeguards.
5. Data Retention
- Account data is retained for as long as your account is active. On deletion it is purged within 30 days.
- Testimonials are retained until you delete them or close your account.
- Video recordings stored on Cloudflare R2 are deleted when you remove the testimonial or close your account.
- Billing records are retained for 7 years as required by financial regulations.
6. Your Rights
Depending on your location you may have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate data
- Erasure — request deletion of your data ("right to be forgotten")
- Portability — receive your data in a machine-readable format
- Objection / Restriction — object to or restrict certain processing
- Opt-out of sale — we do not sell personal data; this right is satisfied by default (CCPA)
To exercise any right, email legal@tarvio.com. We will respond within 30 days. EU/EEA residents may also lodge a complaint with their local supervisory authority.
7. Children
The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has submitted data, contact us and we will delete it promptly.
8. Security
We use industry-standard measures including TLS encryption in transit, access controls, and regular security reviews. No system is 100% secure; in the event of a breach we will notify affected users as required by law.
9. Changes to This Policy
We may update this policy from time to time. We will post the new version here and update the "Last updated" date. Continued use of the Service after changes constitutes acceptance.
10. Contact
Questions or requests: legal@tarvio.com