Privacy policy
Draft v1.0 · GDPR-aligned · Witnium Technologies AB
Controller
Witnium Technologies AB is the controller for personal data submitted in the course of creating an account, billing, and customer correspondence. For client content uploaded into a workspace, Witnium acts as a processor under your direction. See the DPA for details.
What we collect
Account data (name, email, organisation), authentication metadata, billing data processed by our payment provider, product telemetry necessary to operate the service, and the content you upload.
Where data lives
All client content is stored in EU regions. Authentication metadata may transit via our identity providers under standard EU contractual safeguards.
What we do not do
We do not sell personal data. We do not use client content to train foundation models. We do not access workspace content except for support requests you raise, audit purposes required by law, or active security incident response.
Your rights
Access, rectification, erasure, portability, objection, restriction. Contact privacy@witnium.com to exercise any of them. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).
Retention
Account data is retained for the lifetime of the workspace plus 30 days after termination. Billing data is retained for the period required by Swedish accounting law.
This is a placeholder draft. Final policy will be reviewed by counsel before launch.