Privacy Policy
bifrostbridge.studio (“we”, “us”, “our”) is committed to protecting your privacy and handling your personal data with care and transparency. This policy explains how we collect, use and store information when you visit our website or book an introductory session with us.
1. What information we collect
a) Analytics - cookieless tracking
We use a cookieless analytics service to understand general usage of our website in a privacy-friendly way. This service:
- Does not use third-party cookies or identify you as an individual.
- Identifies visitors only by a generated hash based on the incoming request; this hash resets daily and cannot be used to track you across days or websites.
- Collects aggregated, anonymous usage data such as:
- Timestamp of events
- URL or path visited
- Referrer (from which site/link you arrived)
- Device operating system & version
- Browser & version
- Device type (desktop/tablet/mobile)
- Country (in ISO format)
- Does not collect personal identifiers (such as your name, email address, or full IP address) when configured according to Vercel’s default settings.
This means that unless you sign up for an introductory session (see below), we do not collect or retain any personal data about you through analytics.
b) Booking calendar – when you sign up for an introductory session
If you choose to book an introductory session with us, we use the scheduling service provided by TidyCal. In that case we collect the following information from you:
- Name (first and last)
- Email address
- Appointment date & time selected
- Any optional custom fields/questions we require at booking (for example phone number, company name, or additional notes)
The booking event will generate a contact entry in the TidyCal dashboard, and will sync with your calendar (to avoid double-booking).
We only collect the minimum information necessary to manage your booking and provide the introductory session. Unless you give us explicit additional consent (e.g., for marketing communications), we do not use your data for other purposes.
2. How we use your information
- For analytics: to monitor website performance, understand how visitors reach and use our site, and to help us improve your experience. Because data is anonymised, it cannot be attributed to an individual.
- For bookings: to schedule your session with us, send you confirmations/reminders, manage the meeting logistics, and (if applicable) send follow-up related to the session you booked.
We will not use your personal data for profiling or any automated decision-making without your explicit consent.
We do not share your personal booking data with third-parties, other than TidyCal as the platform facilitating the booking, unless required by law or you ask us to do so.
3. Data retention
- Analytics data via Vercel is retained in aggregated, anonymised form and cannot be used to identify you; Vercel’s infrastructure is designed such that visitor hashes expire daily.
- Booking data will be retained for as long as necessary to fulfil the booking service, comply with legal obligations (e.g., tax, invoicing) or for legitimate business purposes (e.g., follow-up communications). You may request deletion (see “Your Rights” below).
- If you have not booked a session, we keep no personally-identifying booking information because we collect none.
4. Your Rights
Under applicable data protection law (including the EU General Data Protection Regulation (GDPR) if you are in the EU), you have rights in relation to your personal data:
- The right to access the personal data we hold about you.
- The right to request correction of inaccurate or incomplete data.
- The right to request deletion of your personal data (“right to be forgotten”), in the scope permitted by law (except where retention is required for legal/tax/licensing reasons).
- The right to object to or restrict certain processing, including direct marketing.
- The right to data portability (where applicable).
- The right to withdraw consent at any time (to the extent processing is consent-based).
- The right to lodge a complaint with a supervisory authority.
If you wish to exercise any of these rights, please contact us at hello@bifrostbridge.studio. We’ll respond without undue delay and in any event within the time-limits required by law.
5. Cookies
Because our analytics is cookie-less and anonymous, we do not rely on non-essential cookies for tracking. No third-party cookies are used for analytics. If we deploy any additional cookies or tracking tools in the future, we will clearly inform you and obtain any required consent.
6. Transfers of data outside the EU
Where any personal data is processed outside the EU/EEA, we will ensure appropriate safeguards are in place (such as standard contractual clauses, or that the provider participates in an approved data-transfer scheme) unless data processed is truly anonymised. We rely on 3rd party vendors' own compliance measures; you may consult their own privacy documentation for further details.
7. Security
We implement appropriate technical and organisational measures to protect personal data we hold. Our analytics provider provides a secure, compliant infrastructure (including SOC2 Type 2, ISO 27001). For booking data we ensure that access is limited to authorised personnel and that backups, access logs and encryption are used where appropriate.
8. Changes to this Policy
We may update this Privacy Policy from time to time (for example to reflect changes in our practices or legal requirements). When we do, we will revise the “Last Updated” date at the top of this page and notify you via the website (or by email if you have booked a session). We encourage you to review this policy periodically.
9. Contact Us
If you have any questions about this Privacy Policy or our data-processing practices, you may contact us at:
- Email: hello@bifrostbridge.studio