Subprocessors and Service Providers Disclosure
Effective date: December 22, 2025
Last updated: December 22, 2025
Company: Vivora AI, Inc. (“we”, “us”, “our”)
Service: Vivora.ai (the “Service”)
Contact: privacy@vivora.ai
Mailing address: 131 Continental Dr, Suite 305, Newark, New Castle County, Delaware 19713
Purpose
This document identifies the third parties we authorize to process personal information on our behalf to operate, support, and secure the Service (“Subprocessors” or “Service Providers”). It also describes what information may be processed, why we share it, and the choices available to individuals under applicable U.S. privacy requirements.
Scope
This disclosure applies to personal information processed:
● In connection with the Service (including customer-submitted content and end-user data), and
● In connection with our business operations (such as billing, communications, analytics, and security).
Business customers may control how Customer Data is submitted to the Service. If you interact with the Service through an organization (for example, your employer), your organization may have additional policies that apply.
Personal information we may disclose to Subprocessors
Depending on how you use the Service and which features are enabled, we may disclose the following categories of personal information to Subprocessors:
● Identifiers: name, email address, account IDs, user IDs, device identifiers, IP address
● Commercial information: billing contact details, transaction metadata, subscription details
● Internet or network activity: pages/screens viewed, clicks, referring URLs, timestamps, session identifiers, device/browser information
● Customer content and derived data: text inputs, uploaded documents, images, audio, and outputs/derivatives such as transcripts, extracted text, or generated responses
● Diagnostics and security data: logs, error reports, stack traces, performance metrics, fraud and abuse signals
● Approximate location: generally derived from IP address (not precise geolocation unless you choose to provide it)
We do not intentionally request or require sensitive government identifiers. Please do not submit information you are not authorized to provide.
Why we use Subprocessors
We use Subprocessors to:
● Provide core Service functionality (including AI, speech-to-text, and OCR features)
● Process payments and manage subscriptions
● Send transactional emails and service communications
● Measure and improve the Service (analytics)
● Monitor reliability, detect errors, and maintain security
We authorize each Subprocessor only for the functions described in this document.
Subprocessor list
The table below lists the Subprocessors we use, their purpose, and the typical categories of personal information involved.
Effective date: December 22, 2025
Last updated: December 22, 2025
Company: Vivora AI, Inc. (“we”, “us”, “our”)
Service: Vivora.ai (the “Service”)
Contact: privacy@vivora.ai
Mailing address: 131 Continental Dr, Suite 305, Newark, New Castle County, Delaware 19713
Purpose
This document identifies the third parties we authorize to process personal information on our behalf to operate, support, and secure the Service (“Subprocessors” or “Service Providers”). It also describes what information may be processed, why we share it, and the choices available to individuals under applicable U.S. privacy requirements.
Scope
This disclosure applies to personal information processed:
● In connection with the Service (including customer-submitted content and end-user data), and
● In connection with our business operations (such as billing, communications, analytics, and security).
Business customers may control how Customer Data is submitted to the Service. If you interact with the Service through an organization (for example, your employer), your organization may have additional policies that apply.
Personal information we may disclose to Subprocessors
Depending on how you use the Service and which features are enabled, we may disclose the following categories of personal information to Subprocessors:
● Identifiers: name, email address, account IDs, user IDs, device identifiers, IP address
● Commercial information: billing contact details, transaction metadata, subscription details
● Internet or network activity: pages/screens viewed, clicks, referring URLs, timestamps, session identifiers, device/browser information
● Customer content and derived data: text inputs, uploaded documents, images, audio, and outputs/derivatives such as transcripts, extracted text, or generated responses
● Diagnostics and security data: logs, error reports, stack traces, performance metrics, fraud and abuse signals
● Approximate location: generally derived from IP address (not precise geolocation unless you choose to provide it)
We do not intentionally request or require sensitive government identifiers. Please do not submit information you are not authorized to provide.
Why we use Subprocessors
We use Subprocessors to:
● Provide core Service functionality (including AI, speech-to-text, and OCR features)
● Process payments and manage subscriptions
● Send transactional emails and service communications
● Measure and improve the Service (analytics)
● Monitor reliability, detect errors, and maintain security
We authorize each Subprocessor only for the functions described in this document.
Subprocessor list
The table below lists the Subprocessors we use, their purpose, and the typical categories of personal information involved.
Effective date: December 22, 2025
Last updated: December 22, 2025
Company: Vivora AI, Inc. (“we”, “us”, “our”)
Service: Vivora.ai (the “Service”)
Contact: privacy@vivora.ai
Mailing address: 131 Continental Dr, Suite 305, Newark, New Castle County, Delaware 19713
Purpose
This document identifies the third parties we authorize to process personal information on our behalf to operate, support, and secure the Service (“Subprocessors” or “Service Providers”). It also describes what information may be processed, why we share it, and the choices available to individuals under applicable U.S. privacy requirements.
Scope
This disclosure applies to personal information processed:
● In connection with the Service (including customer-submitted content and end-user data), and
● In connection with our business operations (such as billing, communications, analytics, and security).
Business customers may control how Customer Data is submitted to the Service. If you interact with the Service through an organization (for example, your employer), your organization may have additional policies that apply.
Personal information we may disclose to Subprocessors
Depending on how you use the Service and which features are enabled, we may disclose the following categories of personal information to Subprocessors:
● Identifiers: name, email address, account IDs, user IDs, device identifiers, IP address
● Commercial information: billing contact details, transaction metadata, subscription details
● Internet or network activity: pages/screens viewed, clicks, referring URLs, timestamps, session identifiers, device/browser information
● Customer content and derived data: text inputs, uploaded documents, images, audio, and outputs/derivatives such as transcripts, extracted text, or generated responses
● Diagnostics and security data: logs, error reports, stack traces, performance metrics, fraud and abuse signals
● Approximate location: generally derived from IP address (not precise geolocation unless you choose to provide it)
We do not intentionally request or require sensitive government identifiers. Please do not submit information you are not authorized to provide.
Why we use Subprocessors
We use Subprocessors to:
● Provide core Service functionality (including AI, speech-to-text, and OCR features)
● Process payments and manage subscriptions
● Send transactional emails and service communications
● Measure and improve the Service (analytics)
● Monitor reliability, detect errors, and maintain security
We authorize each Subprocessor only for the functions described in this document.
Subprocessor list
The table below lists the Subprocessors we use, their purpose, and the typical categories of personal information involved.
Subprocessor
Processing purpose
Typical information involved
Google (Gemini)
Large language model (LLM) features
Customer content (text inputs and outputs), identifiers (account/user IDs), usage metadata
Cohere AI
Large language model (LLM) features
Customer content (text inputs and outputs), identifiers (account/user IDs), usage metadata
Deepgram
Speech-to-text (STT)
Audio content, transcripts, timing/processing metadata, identifiers (account/user IDs)
Fireworks
Speech-to-text (STT)
Audio content, transcripts, processing metadata, identifiers (account/user IDs)
Google (Vision / Vision API)
Optical character recognition (OCR)
Images/documents submitted for OCR, extracted text output, processing metadata
Stripe
Payment processing and billing operations
Billing identifiers, subscription and transaction metadata; payment method details handled by Stripe
Resend
Transactional email delivery
Email address, message content (subject/body), delivery metadata (timestamps, status), identifiers
Amplitude
Product analytics
Usage events, device/browser identifiers, IP address (depending on configuration), account/user IDs
Google Analytics
Website and product analytics
Usage events, cookie or similar identifiers, device/browser data, IP address (depending on configuration)
Sentry
Error monitoring and performance observability
Diagnostics (logs, error reports, stack traces), device/browser metadata, identifiers; content included only if sent in error payloads
How we protect personal information when using Subprocessors
We maintain a vendor management process designed to ensure Subprocessors process personal information only as needed to provide the services we request. Our controls include:
Written agreements: We require contractual obligations to protect personal information, limit processing to specified purposes, maintain confidentiality, and implement appropriate security measures.
Access limitation: We limit what is shared and restrict access to authorized personnel and systems.
Security measures: We use administrative, technical, and physical safeguards appropriate to the nature of the information and the risks involved.
Monitoring and review: We periodically review Subprocessors and may update, replace, or discontinue use based on risk, performance, or business needs.
Your privacy choices and rights
Residents of certain U.S. states may have privacy rights related to their personal information. Where applicable, these rights may include:
Access: request confirmation of whether we process your personal information and obtain access to it
Correction: request correction of inaccurate personal information
Deletion: request deletion of personal information (subject to permitted exceptions)
Portability: request a copy of certain personal information in a portable format
Opt-out: opt out of certain processing, which may include targeted advertising, certain analytics-based disclosures, or profiling in furtherance of decisions that produce legal or similarly significant effects (as applicable)
Non-discrimination: receive equal service and pricing, even if you exercise a privacy right (subject to lawful incentive programs, if any)
Opt-out of targeted advertising and certain analytics-based disclosures
Some analytics and measurement activities may involve cookies, SDKs, or similar technologies. You can control these through:
Our cookie/tracking controls (if available) within the Service or on our website, and/or
Your browser or device settings (which may limit certain tracking technologies)
We do not disclose personal information to third parties in exchange for money. Depending on how analytics technologies are configured and used, certain disclosures may be treated as an opt-out-eligible “sharing” for targeted advertising purposes under some U.S. privacy requirements. Where applicable, we provide a method to opt out.
How to submit a privacy request
You may submit a request using any of the methods below:
Email: legal@vivora.ai
Verification
To protect your information, we may need to verify your identity before fulfilling certain requests. Verification steps depend on the nature of the request and the sensitivity of the information involved.
Authorized agent
If permitted by applicable requirements, you may designate an authorized agent to submit a request on your behalf. We may require proof of the agent’s authorization and may also require you to verify your identity directly.
Appeals (where applicable)
If we deny a request and an appeals process applies, you may appeal by contacting us at privacy@vivora.ai with the subject line “Privacy Request Appeal.”
Updates to this document
We may update this Subprocessors and Service Providers Disclosure from time to time to reflect operational, legal, or regulatory changes, including when we add or replace Subprocessors. The “Last updated” date at the top indicates when this document was most recently revised.
Contact
Questions about this document or our use of Subprocessors may be directed to:
Email: privacy@vivora.ai
Mail: Vivora AI, Inc. 131 Continental Dr, Suite 305, Newark, New Castle County, Delaware 19713
How we protect personal information when using Subprocessors
We maintain a vendor management process designed to ensure Subprocessors process personal information only as needed to provide the services we request. Our controls include:
Written agreements: We require contractual obligations to protect personal information, limit processing to specified purposes, maintain confidentiality, and implement appropriate security measures.
Access limitation: We limit what is shared and restrict access to authorized personnel and systems.
Security measures: We use administrative, technical, and physical safeguards appropriate to the nature of the information and the risks involved.
Monitoring and review: We periodically review Subprocessors and may update, replace, or discontinue use based on risk, performance, or business needs.
Your privacy choices and rights
Residents of certain U.S. states may have privacy rights related to their personal information. Where applicable, these rights may include:
Access: request confirmation of whether we process your personal information and obtain access to it
Correction: request correction of inaccurate personal information
Deletion: request deletion of personal information (subject to permitted exceptions)
Portability: request a copy of certain personal information in a portable format
Opt-out: opt out of certain processing, which may include targeted advertising, certain analytics-based disclosures, or profiling in furtherance of decisions that produce legal or similarly significant effects (as applicable)
Non-discrimination: receive equal service and pricing, even if you exercise a privacy right (subject to lawful incentive programs, if any)
Opt-out of targeted advertising and certain analytics-based disclosures
Some analytics and measurement activities may involve cookies, SDKs, or similar technologies. You can control these through:
● Our cookie/tracking controls (if available) within the Service or on our website, and/or
● Your browser or device settings (which may limit certain tracking technologies)
We do not disclose personal information to third parties in exchange for money. Depending on how analytics technologies are configured and used, certain disclosures may be treated as an opt-out-eligible “sharing” for targeted advertising purposes under some U.S. privacy requirements. Where applicable, we provide a method to opt out.
Personal information we may disclose to Subprocessors
Depending on how you use the Service and which features are enabled, we may disclose the following categories of personal information to Subprocessors:
● Identifiers: name, email address, account IDs, user IDs, device identifiers, IP address
● Commercial information: billing contact details, transaction metadata, subscription details
● Internet or network activity: pages/screens viewed, clicks, referring URLs, timestamps, session identifiers, device/browser information
● Customer content and derived data: text inputs, uploaded documents, images, audio, and outputs/derivatives such as transcripts, extracted text, or generated responses
● Diagnostics and security data: logs, error reports, stack traces, performance metrics, fraud and abuse signals
● Approximate location: generally derived from IP address (not precise geolocation unless you choose to provide it)
We do not intentionally request or require sensitive government identifiers. Please do not submit information you are not authorized to provide.
Why we use Subprocessors
We use Subprocessors to:
● Provide core Service functionality (including AI, speech-to-text, and OCR features)
● Process payments and manage subscriptions
● Send transactional emails and service communications
● Measure and improve the Service (analytics)
● Monitor reliability, detect errors, and maintain security
We authorize each Subprocessor only for the functions described in this document.
Subprocessor list
The table below lists the Subprocessors we use, their purpose, and the typical categories of personal information involved.
How we protect personal information when using Subprocessors
We maintain a vendor management process designed to ensure Subprocessors process personal information only as needed to provide the services we request. Our controls include:
Written agreements: We require contractual obligations to protect personal information, limit processing to specified purposes, maintain confidentiality, and implement appropriate security measures.
Access limitation: We limit what is shared and restrict access to authorized personnel and systems.
Security measures: We use administrative, technical, and physical safeguards appropriate to the nature of the information and the risks involved.
Monitoring and review: We periodically review Subprocessors and may update, replace, or discontinue use based on risk, performance, or business needs.
Your privacy choices and rights
Residents of certain U.S. states may have privacy rights related to their personal information. Where applicable, these rights may include:
Access: request confirmation of whether we process your personal information and obtain access to it
Correction: request correction of inaccurate personal information
Deletion: request deletion of personal information (subject to permitted exceptions)
Portability: request a copy of certain personal information in a portable format
Opt-out: opt out of certain processing, which may include targeted advertising, certain analytics-based disclosures, or profiling in furtherance of decisions that produce legal or similarly significant effects (as applicable)
Non-discrimination: receive equal service and pricing, even if you exercise a privacy right (subject to lawful incentive programs, if any)
Opt-out of targeted advertising and certain analytics-based disclosures
Some analytics and measurement activities may involve cookies, SDKs, or similar technologies. You can control these through:
● Our cookie/tracking controls (if available) within the Service or on our website, and/or
● Your browser or device settings (which may limit certain tracking technologies)
We do not disclose personal information to third parties in exchange for money. Depending on how analytics technologies are configured and used, certain disclosures may be treated as an opt-out-eligible “sharing” for targeted advertising purposes under some U.S. privacy requirements. Where applicable, we provide a method to opt out.
Personal information we may disclose to Subprocessors
Depending on how you use the Service and which features are enabled, we may disclose the following categories of personal information to Subprocessors:
● Identifiers: name, email address, account IDs, user IDs, device identifiers, IP address
● Commercial information: billing contact details, transaction metadata, subscription details
● Internet or network activity: pages/screens viewed, clicks, referring URLs, timestamps, session identifiers, device/browser information
● Customer content and derived data: text inputs, uploaded documents, images, audio, and outputs/derivatives such as transcripts, extracted text, or generated responses
● Diagnostics and security data: logs, error reports, stack traces, performance metrics, fraud and abuse signals
● Approximate location: generally derived from IP address (not precise geolocation unless you choose to provide it)
We do not intentionally request or require sensitive government identifiers. Please do not submit information you are not authorized to provide.
Why we use Subprocessors
We use Subprocessors to:
● Provide core Service functionality (including AI, speech-to-text, and OCR features)
● Process payments and manage subscriptions
● Send transactional emails and service communications
● Measure and improve the Service (analytics)
● Monitor reliability, detect errors, and maintain security
We authorize each Subprocessor only for the functions described in this document.
Subprocessor list
The table below lists the Subprocessors we use, their purpose, and the typical categories of personal information involved.
Built with love by students.
Built with love by students.
Built with love by students.