Privacy Policy

Last Updated: February 26, 2026

Introduction & Overview

This Privacy Policy explains how personal data is collected, used, stored, and protected when you
use our mobile application.

The App is a company management platform designed to allow businesses and authorized personnel
to organize operational workflows, manage company resources, coordinate staff, and maintain
internal operational records within secure company workspaces.

The App is intended for professional and operational use. It enables companies and their authorized
personnel to create private company workspaces where operational information may be entered,
stored, and accessed only by authorized members of that company.

We are committed to protecting the privacy, confidentiality, and security of all users and companies
that use the App. Personal data is collected and processed strictly in accordance with applicable data
protection laws, including the General Data Protection Regulation (GDPR).

By creating an account or using the App, you acknowledge that you have read and understood this
Privacy Policy and agree to its terms. If you do not agree, you must discontinue use of the App.

Definitions

For the purposes of this Privacy Policy:

  • “App” refers to OctaLane, the mobile application owned and operated by Filip Kostic, available
    on Android and iOS platforms.
  • “Owner”, “we”, “us”, or “our” refers to Filip Kostic, the legal owner and Data Controller
    responsible for operating the App and ensuring compliance with applicable data protection laws.
  • “User”, “you”, or “your” refers to any individual who creates an account, accesses, or uses the
    App.
  • “Company Workspace” refers to a private digital workspace created within the App for use by a
    company or organization and its authorized personnel.
  • “Authorized Personnel” refers to individuals who have been granted access to a Company
    Workspace by its owner or administrators.
  • “Personal Data” refers to any information relating to an identifiable individual, including but not
    limited to names, email addresses, phone numbers, account identifiers, or any other information
    voluntarily entered into the App.
  • “Operational Data” refers to records created within Company Workspaces, including vehicle
    information, workflow data, internal notes, assignments, and activity records.

Data Controller and Contact Information

The Data Controller responsible for processing Personal Data is:

Filip Kostic
Owner and Operator
Based in Sweden, European Union
Email: aurevonstudios@gmail.com

All privacy-related inquiries, including requests for access, correction, or deletion of personal data,
may be directed to the contact email above.

Role of Data Controller and Data Processor

For personal data related to user accounts, authentication, subscriptions, and platform operation, the
Owner acts as the Data Controller.

For personal data entered by companies and their authorized personnel within Company
Workspaces, the respective company or organization acts as the Data Controller, and the App acts as
a Data Processor on behalf of that company, providing secure storage and processing services.

Each company is responsible for ensuring that its use of the App complies with applicable data
protection laws.

Purpose of the App

The App provides companies and authorized personnel with tools to manage internal operations in a
secure and organized environment. These functions include, but are not limited to:

  • Creating and managing company workspaces
  • Registering and managing operational records
  • Assigning roles and permissions to personnel
  • Tracking workflow progress and operational status
  • Maintaining internal company records
  • Supporting company coordination and management

All company and operational data is private and accessible only to authorized personnel designated
by each company. The App does not publicly display company data.

Data We Collect

We collect and process only the minimum amount of data necessary to operate the App and provide
its services securely and reliably. This may include:

  • Account identifiers such as email address and authentication provider ID
  • Company membership and role information
  • Operational data voluntarily entered by users within Company Workspaces
  • Technical information required for authentication, security, and service reliability
  • Subscription status information necessary to enable subscription features
  • Support communication information when users contact support
  • Usage and analytics data (device type, OS version, app interactions, crash reports, and
    anonymized usage statistics) to improve stability, performance, and user experience

We do not collect unnecessary personal data, and we do not sell, rent, or use personal data for
advertising purposes.

Third-Party Services and International Data Transfers

The App uses services provided by Google for:

  • Authentication
  • Secure data storage
  • Hosting of Company Workspaces
  • Analytics and crash reporting

The main servers are located in Europe. However, certain processing or support operations by
Google may occur outside the European Economic Area (EEA), including in the United States. All
such transfers are protected by appropriate safeguards, including Standard Contractual Clauses
(SCCs) approved by the European Commission and Google’s Data Processing Addendum.

No other third parties receive your data for marketing or advertising purposes.

User Responsibility for Entered Data

The App provides tools that allow users and companies to voluntarily enter operational and
organizational data. This may include names, phone numbers, email addresses, vehicle registrations,
internal company records, client information, and personnel details.

All such information is entered voluntarily and entirely at the discretion of the users and companies
utilizing the App.

Users and companies are solely responsible for:

  • Determining what information they choose to enter into the App
  • Ensuring they have the legal right to store and process such data
  • Restricting Company Workspace access to authorized personnel only
  • Managing permissions and access levels appropriately
  • Ensuring sensitive information is accessible only to authorized personnel

The App provides flexible tools and does not require users to enter sensitive personal data. By
entering data into the App, users and companies accept full responsibility for the information they
choose to store and manage within their Company Workspace.

Visibility of Information Within Company Workspaces

Company Workspaces are collaborative environments designed for use by authorized personnel.
Information entered within a Company Workspace may be visible to other authorized members of
that workspace, depending on their assigned permissions.

Workspace owners and administrators are responsible for managing access permissions and
ensuring appropriate access control. We are not responsible for how companies manage access to
their internal data or how users choose to share information within their Company Workspace.

Data Protection and Security

Protecting user and company data is a fundamental priority. The App is designed and maintained
according to high engineering and cybersecurity standards with strong emphasis on protecting data
confidentiality, integrity, and availability. Security measures include strict access controls, secure
communication channels, security rules, and protection against unauthorized access. Data is
accessible only to authorized personnel within each Company Workspace. We continuously monitor
and improve system security. However, no system can be guaranteed to be completely secure, and
users acknowledge that they provide and manage data at their own discretion.

Minimal Data Collection Principle

The App follows a strict minimal-data collection principle. We collect only the data necessary to
authenticate users, provide core functionality, maintain service integrity and security, and enable
subscriptions where applicable. The App does not request unnecessary permissions.

Data Retention

We retain Personal Data and Operational Data only for as long as necessary to provide the App’s
services, maintain Company Workspaces, ensure system integrity, comply with legal obligations,
and protect companies and the platform from abuse.

Users may delete their account and associated Personal Data at any time using the in-app account
deletion functionality or by contacting support.

Upon account deletion:

  • • Personal Data directly associated with the user account, including authentication identifiers
    and Company Workspace membership, is permanently deleted or anonymized.
  • • Operational Data entered by the user within Company Workspaces remains under the control
    of the respective Company Workspace and may continue to exist as part of the company’s
    operational records.
  • • Certain historical records, such as activity logs or chronology entries, may retain limited
    identifying information (such as name or email) associated with actions performed by the
    user within a Company Workspace. This information is retained for legitimate business
    purposes, including maintaining operational integrity, auditability, dispute resolution, and
    protection against abuse.
  • • These historical records are retained only as long as necessary for their legitimate purpose
    and are periodically deleted, anonymized, or minimized when no longer required.
  • • Additionally, we may retain minimal account identifiers, which may include internal
    identifiers and associated email address, solely for security, fraud prevention, abuse
    prevention, and legal compliance purposes. These identifiers are not used to restore deleted
    accounts or re-identify users for operational purposes.

If you request deletion via support, we will process your request within 30 days, subject to legal and
security retention requirements.

Subscriptions and Billing

The App may offer subscription-based features. Subscriptions are processed exclusively through
Apple App Store or Google Play Billing. We do not collect or store payment card information. Each
user is permitted to maintain only one active subscription. Users must ensure they do not
accidentally activate multiple subscriptions across platforms.

Service Continuation

The App is provided as a continuously maintained service intended for long-term operational use.
While we are committed to maintaining and supporting the App, the continuation of the service
cannot be guaranteed indefinitely. If the service is ever planned to be discontinued, users will be
provided with advance notice whenever reasonably possible.

Legal Basis for Processing

Personal data is processed in accordance with GDPR on the following legal bases:

  • Performance of a contract (providing the App services)
  • Legitimate interests (security, fraud prevention, service improvement via analytics, and
    maintaining platform integrity)
  • Compliance with legal obligations
  • Consent where required (which can be withdrawn at any time)

Platform Compliance

The App is distributed through Apple App Store and Google Play. Authentication, billing, and
subscription management are handled by these platforms.

Apple and Google are not responsible for the App or its content and have no liability related to its
operation.

Children’s Privacy

The App is not directed to children. We do not knowingly collect Personal Data from children. If we
become aware that we have collected such data, we will delete it promptly.

User Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Delete your account and all associated data directly in the App (or by contacting us)
  • Restrict or object to processing
  • Withdraw consent where applicable
  • Data portability (where technically feasible)
  • File a complaint with your local data protection authority

All rights can be exercised via the in-app features or by emailing aurevonstudios@gmail.com.

You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection
(Integritetsskyddsmyndigheten) or your local data protection authority within the European
Economic Area.

Data portability requests may be fulfilled in a structured, commonly used, and machine-readable
format where technically feasible.

Changes to This Privacy Policy

This Privacy Policy may be updated periodically. Continued use of the App after updates constitutes
acceptance of the revised Privacy Policy. Users are encouraged to review this Privacy Policy
periodically.

Contact Information

Filip Kostic
Owner and Operator
Email: aurevonstudios@gmail.com