Privacy Policy
Last Updated: June 3, 2026
1. Information on Collection of Personal Data & Roles
At Orwix Studio, we value your privacy and strive to always protect your personal data in the best possible way. This privacy policy describes how **BytVanor** (sole proprietorship / Peter Wikström, hereinafter referred to as ”Orwix Studio”, ”we”, or ”us”) collects, processes, stores, and shares personal data when using our cloud-based platform Orwix Studio (”the Service”).
Orwix Studio has two distinct roles under the EU General Data Protection Regulation (GDPR):
- Data Controller: We are the data controller for the personal data we collect directly from you as a customer (account holder, administrator) or visitor on our own website (orwixstudio.se).
- Data Processor: When you as a customer integrate Orwix Studio's video widgets and booking systems on your own websites to collect leads and calendar bookings from *your* visitors, we process this data solely on your behalf and according to your instructions. For this processing, our Data Processing Agreement (DPA) applies.
2. What Data We Collect & Why
We only process personal data that is necessary to deliver a secure, stable, and GDPR-compliant service:
- Account & Profile: Upon registration, we collect name, email address, and organization name. Legal basis: Performance of contract.
- Billing & Payment: Handled directly by our payment partner **Stripe**. We never store full credit card numbers, only transaction status and an encrypted customer ID. Legal basis: Performance of contract and legal obligation (Swedish Accounting Act).
- Customer-Generated Content (Leads & Bookings): For leads and bookings collected via our customers' widgets, we store contact details (name, email, phone) and any video/audio materials uploaded by the visitor. This data is automatically encrypted within the platform (see Section 5).
- Technical Data & Security Logs: We log IP addresses, browser types, and device information to prevent DDoS attacks and troubleshoot the renderer. Legal basis: Legitimate interest (security and functionality).
3. How Long We Store Your Data
We do not retain personal data longer than required for its purpose:
- Account Details: Permanently deleted within 30 days after the account is terminated.
- Encrypted Leads and Bookings: Stored during an active subscription period. Kunder can configure retention times or delete entries manually via the dashboard, triggering immediate erasure.
- Payment History: Retained for seven (7) years in accordance with the Swedish Accounting Act.
4. Data Sharing & Sub-processors
We never sell or rent your personal data. To provide the Service, we use the following carefully selected sub-processors that meet strict GDPR requirements:
| Recipient / Service | Purpose | Storage Location |
|---|---|---|
| Supabase Inc. | PostgreSQL database hosting, user authentication, and Row Level Security. | EU (Frankfurt, Germany) |
| Cloudflare Inc. | Global network security, Edge Workers (encryption), and R2 (encrypted media storage). | Global / EU nodes (Frankfurt/Paris) |
| Stripe Inc. | Payment processing and subscription billing management. | Global / EU (Standard Contractual Clauses apply) |
| Resend Inc. | Email distribution (transactional booking and lead notifications). | USA (EU-US Data Privacy Framework and Standard Contractual Clauses apply) |
5. Use of Google API Data (Calendar Integration)
Orwix Studio allows users to integrate their Google Calendar to manage bookings and availability. Our integration accesses Google API data solely to provide and improve these booking features:
- Google Calendar Access: We read calendar availability (free/busy status) to display open booking times to your website visitors, and write calendar events when a visitor books a slot or when you confirm a pending request.
- Compliance with Limited Use: Orwix Studio's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
- Data Retention & Sharing: We do not share Google user data with any third-party AI models or external platforms. Google OAuth tokens are stored securely in encrypted format and are deleted immediately if you disconnect the integration.
6. Data Security & Cryptographic Edge Protection
We apply industry-leading security practices (Privacy by Design) to guarantee that unauthorized parties – including our own staff – cannot access sensitive personal data:
- Edge-encryption (AES-GCM 256): When a visitor submits a lead or makes a booking in the widget, names, emails, and sensitive fields are encrypted directly inside Cloudflare's Edge Workers using the WebCrypto API. Data is only written to the database after being encrypted with AES-GCM.
- Cryptographic Key Isolation: Decryption keys are stored in a separate, isolated table (`lead_encryption_keys`) protected by strict database Row Level Security (RLS) policies. Keys can only be retrieved by authorized client instances during the user's active session, making the primary database entirely unreadable in the event of a breach.
- Fully Automated Deletion (Crypto-Shredding): When an erasure request (DSAR) is made, the decryption key is permanently deleted. This makes all stored database records instantly impossible to decrypt (cryptographic shredding). Simultaneously, the key deletion cascades (`ON DELETE CASCADE`) to purge the corresponding lead/booking database rows, and background garbage collection deletes all associated video/audio assets from Cloudflare R2.
- Signed Deletion Receipts: The system automatically generates an HMAC-SHA256-signed deletion receipt, sent to the customer as immutable audit proof of GDPR compliance.
7. Your Rights Under GDPR
As a data subject, you hold the following rights under the GDPR:
- Right to access: Request confirmation on whether we process your data and receive a free copy of the records.
- Right to rectification: Request correction of inaccurate or incomplete data.
- Right to erasure (Right to be forgotten): Request permanent deletion of your data (e.g., via our automated Crypto-Shredding pipeline).
- Right to restriction and objection: Object to processing based on legitimate interests or restrict processing during investigations.
To exercise your rights, contact us at **support@orwixstudio.se**.
8. Cookies & Tracking (Ghost Mode)
Orwix Studio only uses necessary cookies to maintain your login session in the control panel. We do not use tracking or third-party pixels within our application.
For visitors interacting with our customers' video widgets, the platform applies **CMP-synced Ghost Mode**:
- If the visitor rejects cookies or tracking in the host website's consent manager (CMP), all tracking is disabled.
- The widget enters Ghost Mode, running entirely in temporary memory with no persistent cookies, localStorage variables, or unique device identifiers.
- Submission of leads or booking slots is automatically blocked unless the customer has enabled optional consent and the visitor performs an active step constituting an explicit JIT micro-consent (Micro-Consent) in direct association with the submission.
9. Governing Language
This agreement is published in Swedish and English. In the event of any conflict or inconsistency between the English version of this policy and any translation (including the Swedish version), the Swedish version shall govern and prevail.
10. Changes to This Policy
We reserve the right to update this policy as functionality or legislation changes. For significant changes, we will notify customers via email or in the dashboard before changes take effect.