PRIVACY POLICY

1. Who we are

Company: Myotrix AS
Registered country: Norway
Organization number: 936255841
Address: Skytterdalen 7, 1337, Sandvika
Email: support@chiaseanh.com

For the purposes of the EU General Data Protection Regulation (“GDPR”), Myotrix AS acts as a data controller for the personal data described in this Privacy Policy, unless stated otherwise.

2. Scope of this Privacy Policy

This Privacy Policy applies to:

• Hosts who create and manage events

• Guests who upload, view, or download content via event links or QR codes

• Visitors to our marketing website

It applies regardless of whether you create an account.

3. Personal data we collect

3.1 Data you provide directly

Hosts
When you create an account or event, we may collect:

• Name

• Email address

• Login credentials

• Event information (event name, settings, permissions)

• Payment-related metadata (via Paddle)

Guests
‍When you participate in an event, we may collect:

• Photos and videos you upload

• Messages or wishes you submit (including messages rendered into images)

• Optional metadata attached to uploads (e.g., timestamps, filenames)

Guests are not required to create an account.

3.2 Automatically collected data

When you use the Service, we may automatically collect:

• IP address

• Device type and browser

• Operating system

• Log data (access times, pages viewed)

• Approximate location (country-level)

• Cookies or similar technologies (see Section 10)

4. How we use personal data

We use personal data to:

• Provide and operate the Service

• Enable content uploads, viewing, downloads, and slideshows

• Authenticate Hosts and manage accounts

• Process payments and purchases

• Apply retention and deletion rules

• Ensure security and prevent abuse

• Respond to support requests

• Comply with legal obligations

• Improve and optimize the Service

We do not sell personal data.

5. Legal bases for processing (GDPR)

Under GDPR, we process personal data based on:

• Contractual necessity – to provide the Service you request

• Legitimate interests – to operate, secure, and improve the Service

• Consent – where required (e.g., optional cookies)

• Legal obligations – accounting, tax, or regulatory compliance

6. Hosts as data controllers

When Hosts create events and invite Guests:

• Hosts determine what content is collected

• Hosts control event permissions (view, upload, download, slideshow)

• Hosts decide who receives access links

In this context, Hosts may act as independent data controllers, and are responsible for obtaining any required consents from Guests or event participants.
Myotrix AS acts as a data processor for such content, processing it only according to Host instructions and this Privacy Policy.

7. Sharing and disclosure of data

We may share personal data only with:

• Service providers (hosting, storage, analytics, email)

• Payment provider (Paddle) as merchant of record

• Authorities where required by law

• Other users, only according to event permissions set by the Host

We do not share personal data for advertising purposes.

8. International data transfers

We may process or store data in countries outside the EEA where our service providers operate.
Where required, we use appropriate safeguards such as:

• EU Standard Contractual Clauses (SCCs)

• Providers with GDPR-compliant frameworks

9. Data retention and deletion

Personal data and User Content are retained according to the Event’s Plan:

• Free Plan: 7 days

• Silver Plan: 30 days

• Gold Plan: 90 days

After the retention period expires:

• Events and associated content may be permanently deleted

• Deletion from backups may take additional time

• Data required for legal or accounting purposes may be retained longer

Hosts may delete Events earlier via the Service.

10. Cookies and similar technologies

We use cookies and similar technologies to:

• Maintain sessions

• Remember preferences (e.g., language)

• Analyze usage and performance

You may control cookies through your browser settings. Disabling cookies may affect Service functionality.
Where required by law, we display a cookie consent banner.

11. Data security

We implement technical and organizational measures to protect personal data, including:

• Encrypted connections (HTTPS)

• Access controls

• Secure storage

• Limited employee access

However, no system is completely secure. You use the Service at your own risk.

12. Your rights (GDPR)

If you are located in the EEA, you have the right to:

• Access your personal data

• Correct inaccurate data

• Request deletion (“right to be forgotten”)

• Restrict or object to processing

• Request data portability

• Withdraw consent where applicable

To exercise your rights, contact us at: support@myotrix.com.
You also have the right to lodge a complaint with your local data protection authority.

13. Children’s privacy

The Service is not intended for children under 13.
If we become aware that we have collected personal data from a child without required consent, we will delete it promptly.

14. Third-party links and services

The Service may contain links to third-party websites or services. We are not responsible for their privacy practices.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or email. Continued use of the Service constitutes acceptance of the updated policy.

16. Contact us

For questions about this Privacy Policy or your personal data:
Company: Myotrix AS
Email: support@myotrix.com
‍Address: Skytterdalen 7, 1337, Sandvika