Orchard Works
Products Pricing Contact Legal Request demo

Compliance

RGPD / GDPR Readiness

How Orchard Works approaches data protection in AI agents, APIs and automation projects.

Framework Principles Client data Subprocessors Security Data Processing Agreement AI transparency

Launch position: This page is designed to reassure early clients. It is not a formal certification or legal opinion.

1. Data protection principles

Orchard Works aims to apply data minimisation, purpose limitation, storage limitation, confidentiality, access control and accountability to its services.

2. Client data in AI systems

For pilots and custom projects, client documents should be separated by client workspace. Access should be restricted to the minimum necessary team members and deleted when no longer needed.

Clients should avoid providing sensitive personal data unless a written agreement and appropriate safeguards are in place.

3. Processors and subprocessors

Depending on the service, Orchard Works may rely on hosting, payment, email, database, storage and AI infrastructure providers. A current subprocessors list can be provided to B2B clients on request.

4. Security baseline

  • HTTPS for all public pages;
  • client separation for knowledge bases;
  • restricted API keys;
  • basic logging for audit and support;
  • human review for high-impact outputs;
  • deletion/export process on request.

5. Data Processing Agreement

For B2B projects where Orchard Works processes personal data on behalf of a client, a Data Processing Agreement should be signed before production use.

6. AI transparency

Where end users interact with AI systems, Orchard Works recommends clear disclosure that the user is interacting with an AI assistant and that critical answers should be verified.

Contact: privacy@orchardworks.co

Last updated: 04/06/2026

© Orchard Works. APIs, agents and digital products for modern operations.

Contact · Privacy · Terms · Cookies · RGPD · Billing