Privacy Policy
This policy explains what personal data sSystm processes, why, and the rights you have. It is written to reflect how sSystm actually works — starting from the fact that your business data lives in your own cloud, not ours.
Last updated:
01The short version
sSystm is a Bring-Your-Own-Cloud platform. Your business records live in a database onyour own Cloudflare account — we don't hold a central copy. Centrally, we process only a small amount of personal data needed to run the platform: your identity (from Cloudflare), your organisation membership, and operational metadata about projects, billing and documents.
02Who is responsible
The controller for the limited personal data sSystm processes centrally is ZORC AB, Org.nr 559481-8857, Sweden. You can reach us at support@zorc.se(mark privacy matters "Privacy").
For the business data that lives in your own Cloudflare account, the roles are different — see the next section.
03The BYOC distinction — who controls what
sSystm's architecture changes the usual data-processing story, so it's worth being precise about two different pools of data:
Data in your own cloud (you are the controller)
Your workspace business data — for example CRM contacts and deals, and calendar entries — is stored in a dedicated D1 database on your own Cloudflare account. For this data you are the data controller and the infrastructure holder. sSystm acts only as a processor, with limited, OAuth-scoped, revocable access, and Cloudflare is the sub-processor / infrastructure provider. This relationship is governed by our Data Processing Agreement.
Data we process centrally (we are the controller)
To operate the platform itself we hold a limited set of account and operational data centrally — described below. For that data, ZORC AB is the controller.
04What we process centrally
- Identity & account: the account identifiers Cloudflare shares when you sign in (such as your account ID and email), used to create and authenticate your sSystm login. We storeno passwords.
- Organisation membership: which users belong to which organisation and their role, so we can route access correctly.
- Operational metadata: metadata about projects, billing and documents needed to run the platform and, where applicable, bill for premium modules.
- Access tokens: your Cloudflare OAuth tokens, held encrypted (AES-256-GCM) so we can operate on your behalf, and revocable by you at any time.
- Support & communications: messages you send us and the waitlist email you provide.
- Technical logs: limited operational and security logs (for example a record of infrastructure actions — who ran what, and when).
Your CRM and calendar business records are not in this central store — they live in your own Cloudflare account.
05Legal bases (GDPR)
- Performance of a contract — to provide the Service you have signed up for (accounts, membership, provisioning, metadata).
- Legitimate interests — to secure the platform, prevent abuse, keep audit logs and improve the Service, balanced against your rights.
- Consent — where required, for example joining the waitlist; you can withdraw it at any time.
- Legal obligation — where we must retain records to comply with the law.
06AI processing
When you use the built-in Build AI, the relevant context is processed by Anthropic models via Cloudflare's AI Gateway and Workers AI. When you connect your own AI over MCP, that AI provider processes what you send it under your own arrangement with them. We do not use your business data to train foundation models. AI-assisted infrastructure actions that are not provably read-only are staged for human approval.
07Sub-processors
We rely on a small number of vetted providers to deliver the Service. The current list — including purpose and location — is maintained on our sub-processors page. In summary:
- Cloudflare — infrastructure, hosting and AI (global, with an EU jurisdiction option).
- Resend — transactional email, and outbound email when you enable the email add-on.
- Anthropic — the Claude models behind the built-in AI (accessed via Cloudflare's AI Gateway).
08International transfers & data residency
At sign-in you can choose an EU data-residency jurisdiction for your database, enforced at the infrastructure level by Cloudflare's D1 jurisdiction guarantee — not merely a policy promise. Where personal data is transferred outside the EEA (for example by a sub-processor), we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses. See theDPA for details.
09Retention
We keep central account, membership and metadata for as long as your workspace is active, and for a limited period afterwards as needed for security, dispute resolution and legal obligations. Your business data in your own Cloudflare account is retained by you, under your control — revoking the OAuth grant locks us out while your data stays with you. You can delete your workspace data directly in your own account at any time.
10Your rights
Subject to applicable law, you may have the right to:
- access the personal data we hold about you;
- rectify inaccurate data;
- erase data ("right to be forgotten") where a legal basis to keep it no longer applies;
- receive your data in a portable format and, where feasible, have it transmitted;
- restrict or object to certain processing; and
- withdraw consent where processing is based on it.
To exercise any of these, contact support@zorc.se. For data held in your own Cloudflare account, you can also act directly on it there. You may lodge a complaint with your supervisory authority — in Sweden, the Integritetsskyddsmyndigheten (IMY).
12Contact
Questions about this policy or your data? Email support@zorc.se. We have not appointed a statutory Data Protection Officer; privacy enquiries reach the team through this address.
13Changes
We may update this policy as the Service evolves. Material changes update the "last updated" date above and, where appropriate, we will notify you.