Privacy Policy

Privacy Policy for CONTROWAY LLC (Trilox)

Last updated: 2026-02-07

This Privacy Policy describes how your personal information is collected, used, and shared when you visit, sign up for, or use Trilox at trilox.io (the “Service”), operated by CONTROWAY LLC.

Who We Are

CONTROWAY LLC is a business based in the United States of America. Trilox is a product of CONTROWAY LLC. Our website address is https://trilox.io.

Consent

By using our Service, you hereby consent to our Privacy Policy and agree to its terms.

Information We Collect

Account Information

When you create an account, we collect:

Name
Email address
Password (encrypted)
Organization name
Billing information (processed by our third-party payment provider)

Conversation Data

When you use Trilox to monitor chatbot conversations, the Service processes and stores:

Messages sent between your chatbot and its end users (text, images, files, audio, video)
Metadata including timestamps, channel type (WhatsApp, Telegram, Messenger, etc.), conversation IDs, and handler status
Visitor identifiers such as chat IDs, phone numbers, or session IDs as provided by your n8n workflow

Important: Conversation Data is your data. We process it solely to provide the Service to you. We do not sell, share, or use Conversation Data for advertising or any purpose other than operating the Service.

Usage Data

We automatically collect certain information when you use the Service, including:

IP address
Browser type and version
Pages visited within the Service
Time and date of access
Time spent on pages
Device information

Cookies

Trilox uses cookies and similar technologies to:

Keep you logged in
Remember your preferences and settings
Understand how you use the Service
Improve the Service

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service.

How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Service
Process your subscriptions and payments
Send you service-related notifications (account confirmation, security alerts, billing updates)
Respond to your support requests and questions
Improve, personalize, and expand the Service
Understand and analyze how you use the Service
Develop new features and functionality
Prevent fraud and abuse
Comply with legal obligations

Marketing Communications

We may send you marketing emails about new features, tips, or promotions. You can opt out of marketing communications at any time by:

Clicking the unsubscribe link in any marketing email
Contacting us at [email protected]

Service-related communications (billing, security, account changes) are not optional and will continue as long as you have an account.

How We Share Your Information

We do not sell your personal information or Conversation Data to third parties.

We may share your information with:

Service Providers: Third-party companies that help us operate the Service, including:

Payment processing (e.g., Stripe)
Cloud hosting and infrastructure
Email delivery services
Analytics services

These providers only have access to the information necessary to perform their functions and are obligated to protect your data.

Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

Business Transfers: If CONTROWAY LLC is involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

Data Storage and Security

Your data is stored on secure servers. We implement appropriate technical and organizational measures to protect your personal information and Conversation Data against unauthorized access, alteration, disclosure, or destruction.

However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security.

Data Retention

Account Information: Retained as long as your account is active. Upon account deletion, your personal information will be removed within 30 days, except where retention is required by law.
Conversation Data: Retained as long as your account and project are active. Upon project deletion or account termination, Conversation Data will be deleted within 30 days.
Usage Data: Retained in anonymized/aggregated form for analytics purposes.

Your Data Rights

For All Users

You have the right to:

Access — Request a copy of the personal data we hold about you.
Rectification — Request that we correct any inaccurate or incomplete information.
Deletion — Request that we delete your personal data and Conversation Data.
Data Portability — Request that we transfer your data to another service or provide it to you directly.
Objection — Object to our processing of your personal data under certain conditions.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

CCPA Rights (California Residents)

Under the California Consumer Privacy Act (CCPA), California residents have the right to:

Request disclosure of the categories and specific pieces of personal data we have collected.
Request deletion of personal data we have collected.
Request that we do not sell personal data (we do not sell personal data).

GDPR Rights (European Economic Area Residents)

Under the General Data Protection Regulation (GDPR), EEA residents have additional rights including the right to restrict processing and the right to lodge a complaint with a supervisory authority.

Legal Basis for Processing (GDPR): We process your data based on:

Contract performance — To provide the Service you signed up for.
Legitimate interests — To improve the Service, prevent fraud, and ensure security.
Consent — For marketing communications (which you can withdraw at any time).

Your Responsibilities Regarding End User Data

As a Trilox user, you are responsible for:

Ensuring that your collection and processing of end user data (Conversation Data) complies with all applicable privacy laws and regulations.
Obtaining any necessary consents from end users whose messages are processed through the Service.
Informing your end users that their messages may be stored and monitored.
Complying with the privacy requirements of the messaging platforms you use (WhatsApp, Telegram, Messenger, etc.).

Trilox acts as a data processor on your behalf for Conversation Data. You are the data controller and are responsible for lawful processing of this data.

Third-Party Services

The Service may contain links to or integrate with third-party services (n8n, WhatsApp, Telegram, Messenger, Instagram, etc.). We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you use in connection with Trilox.

Children's Information

The Service is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18. If you believe a child under 18 has provided us with personal information, please contact us at [email protected] and we will promptly delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date. Significant changes will be communicated via email or a notice within the Service.

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]
Website: https://trilox.io