International justice runs on software that was never built for it.
The International Criminal Court manages evidence using tools designed for corporate litigation. Human rights organisations store testimony on cloud platforms headquartered in countries whose foreign policy shifts could — and have — disrupted access. Parliamentary data that should be the backbone of democratic accountability is scattered across institutional websites in formats no one can easily use.
A political shift in Washington should not end a war-crimes investigation in The Hague.
This is not a theoretical concern. The CLOUD Act gives US authorities the legal mechanism to compel disclosure of data stored by US-headquartered providers, regardless of where the servers sit. For an international tribunal handling testimony from protected witnesses, or an NGO documenting ongoing atrocities, this is an unacceptable structural risk.
The response to this risk cannot be "we'll negotiate better terms with Microsoft." It has to be structural. The software itself must be sovereign — built, hosted, and governed entirely within the jurisdiction of the institutions that use it.
Definitions
01
The legal entity is Estonian. Operations are Dutch. Infrastructure is on Hetzner in EU data centres. No component of the stack is subject to US jurisdiction.
02
All software is AGPL-3.0. You can read every line. You can fork it. You can run your own instance on your own hardware with no dependency on Trelvio.
03
Self-hostable by design. Air-gap compatible. Zero telemetry, zero outbound calls. The institution controls where data lives.
04
Bootstrapped. No investors, no board, no one with incentive to compromise sovereignty for growth.
When your users are human rights investigators and parliamentary watchdogs, "trust us" is not a security model. The only credible position is "read the code."
AGPL-3.0 is deliberate. It's the strongest copyleft licence available. Anyone who deploys our software as a network service must make their modifications available. This prevents proprietary forks.
Open source also addresses the bus factor honestly. Trelvio is a solo operation. If something happens to the founder, the code is there. The institutions can fork, hire a maintainer, and continue.
The software must survive the company that built it.
Venture capital creates misaligned incentives for infrastructure that serves institutions. VC-backed companies optimise for growth and exit. Justice infrastructure needs to optimise for durability and trust.
A VC-backed VaultKeeper would face pressure to move upstream, add enterprise features that compromise the open-source commitment, pursue US government contracts, build lock-in. Bootstrapping means making architecture decisions without explaining them to a board.
Trelvio is early. VaultKeeper is in go-to-market. GovLens is building its data layer. APIFold is finding its audience. None of this is finished — but the structural commitments are fixed.
We're building for institutions that measure time in mandates and cases, not quarters. The infrastructure should match.
— Kyle, The Hague, April 2026
Institutional partners, pilot programmes, and contributors.