Web Presenter

Privacy Policy

Last updated: April 21, 2026

This policy explains how Web Presenter handles personal data and your rights under the EU General Data Protection Regulation (GDPR).

Data Controller

The data controller for personal data processed through Web Presenter is Mawal AB, registered in Sweden under Org.nr 559279-0462 (VAT SE559279046201), with registered address at Hallandsgatan 38, 118 57 Stockholm, Sweden. For any privacy-related question you can reach us at mawal.webpresenter@gmail.com.

What We Collect

  • Session data. Temporary session identifiers are created when you connect your phone to the browser extension. These are not retained after the session ends.
  • Device motion data. Pointer position and gesture data is transmitted in real time between your phone and the extension. This data never reaches our servers.
  • Account data. If you sign in, we store your email address and an account identifier in Firebase Authentication so we can associate a Pro purchase with your account.
  • Payment data. If you purchase Pro, Paddle.com Market Limited (Merchant of Record) collects your payment details and billing address. We receive only the transaction identifier and the email address you used at checkout.
  • Analytics. We use Vercel Analytics to collect anonymous, aggregated usage statistics (page views, visitor counts). No personally identifiable information is collected by analytics.

Lawful Basis for Processing

  • Free tier users. Processing of session and device motion data is based on our legitimate interest (GDPR Art. 6 (1)(f)) in providing a functional presentation tool.
  • Paid tier users. Processing of account and payment data is based on performance of a contract (GDPR Art. 6(1) (b)), which means delivering the Pro features you purchased.

Retention

Session identifiers and device motion data are retained only for the lifetime of an active pairing session and are deleted when the session ends. Account data is retained for as long as your account exists and is deleted on request. Payment transaction records retained by Mawal AB are kept for 7 years to meet Swedish bookkeeping obligations (Bokföringslagen 1999:1078). Paddle retains its own records according to its privacy policy.

Sub-processors

We share personal data with the following sub-processors strictly for the purposes described above:

  • Google Firebase (Google Ireland Limited). Authentication and Firestore signaling for pairing sessions.
  • Paddle.com Market Limited. Payment processing and Merchant of Record.
  • Vercel Inc. Hosting of the web application and anonymous analytics.

Your Rights (GDPR)

Under the GDPR you have the right to access, rectify, erase, and port the personal data we hold about you, as well as the right to restrict or object to processing. To exercise any of these rights, contact us at mawal.webpresenter@gmail.com. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) at imy.se.

Data Transmission

Pointer and gesture data is transmitted via WebRTC peer-to-peer connections. This means your motion data travels directly between your phone and your computer without passing through our servers. The signaling server is used only to establish the initial connection.

Changes to This Policy

We may update this policy as the product evolves. Significant changes will be noted on this page with an updated date.