Privacy Policy
Effective date: 2026-04-15
Biztory NV ("Biztory", "we", "us", "our")
1. Who We Are
Biztory NV is the data controller for personal data processed in connection with the Autom8 Tableau Extension ("the Software") and the associated licensing service.
For questions about this policy or to exercise your rights, contact us at extensions@biztory.com.
2. Scope
This policy applies to data processed by the Biztory licensing infrastructure when the Software is activated or used. It does not apply to data that the Software sends to your own n8n webhook endpoint — that data is sent directly from the viewer's browser to your systems and is entirely under your control as the dashboard author.
3. Data We Collect and Why
3.1 License validation
Every time the Software loads in a Tableau dashboard, it contacts the Biztory licensing service to verify the license key. The following data is sent and recorded:
Field | What it is | Form stored |
|---|---|---|
License key | Identifies the purchased license | As-is (required for validation) |
User identifier | Tableau's internal | SHA-256 hash only — the raw value never leaves the browser |
Tableau site ID | Identifies the Tableau site | As-is |
Operational mode | "viewing" or "authoring" | As-is |
Webhook URL | The n8n webhook URL configured by the dashboard author | SHA-256 hash only — the raw URL never leaves the browser |
Timestamp | Date and time of the validation request | As-is |
Request count | Running total of validations per user/license combination | Aggregated integer |
Why: To enforce license validity, count unique monthly Viewers against your plan limit, and provide usage analytics in the customer portal.
Legal basis: Performance of a contract (Article 6(1)(b) GDPR) — license validation is necessary to provide the Software as purchased.
3.2 Customer portal account
If you have a customer portal account, we hold:
Your name and email address
Your organisation name
Your Cryptolens customer identifier (our license management provider)
Account creation and activity timestamps
Why: To give you access to your license usage data and to manage your subscription.
Legal basis: Performance of a contract (Article 6(1)(b) GDPR).
3.3 Local browser storage
The Software stores a signed validation token (JWT) in the browser's localStorage on the device of each Viewer. This token contains:
The license key identifier
The licensed extension name
An expiry timestamp
Why: To allow the Software to continue functioning for up to 72 hours if the Biztory licensing service is temporarily unreachable ("grace period").
Legal basis: Legitimate interest (Article 6(1)(f) GDPR) — ensuring continuity of a service already contracted for.
4. Data We Do Not Collect
Raw Tableau user IDs. The browser computes a SHA-256 hash before sending any identifier to our servers. We cannot reconstruct the original value from the hash we store.
Raw webhook URLs. The browser hashes the configured webhook URL before transmission. We store only the hash and cannot determine which webhook is in use.
Dashboard data. Any Tableau data the Software sends to an n8n workflow is transmitted directly from the viewer's browser to the webhook endpoint you configured. This data does not pass through Biztory's infrastructure and is not accessible to us.
5. Data Retention
Data | Retention period |
|---|---|
License usage records (hashed user IDs, request counts, timestamps) | Retained for the life of the license, then deleted within 90 days of license termination |
Portal account data | Retained while the account is active and for 2 years after account closure |
Browser | Stored on the viewer's device; expires after 72 hours or when the browser storage is cleared |
6. Data Sharing and Sub-processors
We do not sell personal data. We share data only with the following sub-processor:
Sub-processor | Purpose | Location |
|---|---|---|
Cryptolens | License key management and validation | EU / international |
Cryptolens receives the license key and product identifier for the purpose of verifying license validity. No user-identifying information is transmitted to Cryptolens.
7. International Transfers
Our licensing service and customer portal are operated within the European Economic Area. If data is transferred outside the EEA (for example, in connection with Cryptolens infrastructure), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
8. Security
We apply technical and organisational measures appropriate to the risks involved, including:
HMAC-SHA256 request signing between the Software and our licensing service
Hashing of user identifiers and webhook URLs before transmission and storage
Signed JWTs with expiry for session management
Access controls limiting portal data to authenticated account holders
9. Your Rights Under GDPR
If you are located in the European Economic Area, you have the following rights regarding your personal data:
Access — request a copy of the data we hold about you.
Rectification — request correction of inaccurate data.
Erasure — request deletion of your data, subject to legal retention obligations.
Restriction — request that we restrict processing of your data in certain circumstances.
Portability — receive your data in a structured, machine-readable format.
Objection — object to processing based on legitimate interest.
To exercise any of these rights, contact privacy@biztory.com. We will respond within 30 days.
You also have the right to lodge a complaint with the Belgian Data Protection Authority:
Gegevensbeschermingsautoriteit / Autorité de protection des données
Rue de la Presse 35 / Drukpersstraat 35, 1000 Brussels
https://www.gegevensbeschermingsautoriteit.be
10. Changes to This Policy
We may update this policy to reflect changes in the Software or in applicable law. Material changes will be communicated through the customer portal or by email. The "effective date" at the top of this document indicates when the current version took effect.
11. Contact
Biztory NV
Email: extensions@biztory.com
Website: https://biztory.com