Privacy & Data Security

1. Legal Entity & Roles

This Privacy Policy governs the data processing practices of Sole Proprietor Oleksandr Kononchuk operating as Calyxra (“Calyxra”, “we”, “us”).

Under GDPR definitions, Calyxra acts as a Data Processor. Our Clients act as Data Controllers. We process data solely under documented client instructions.

2. Data Isolation & Architecture

• Environment Isolation: Dedicated BigQuery projects or datasets per Client.
• Encryption: AES-256 at rest and TLS 1.2+ in transit.
• No Data Resale: Client data is never aggregated, sold, or reused.

3. Access Control

We follow the Principle of Least Privilege. Access is limited to required roles only. Credentials are never stored; secure OAuth or service accounts are used.

4. International Transfers

For EU and US Clients, Standard Contractual Clauses (SCCs) are applied to ensure GDPR-equivalent protection.

5. Sub-processors

• Google Cloud Platform (BigQuery)
• Microsoft Power BI
• Vercel (website hosting)

6. Confidentiality

All project data and communications are confidential. NDA execution is available upon request.

7. Contact

GDPR inquiries: admin@calyxra.com