Aiven

Your Database in the Cloud

Aiven sneaky crab logo Aiven logo crab bubbles

Aiven Privacy Policy

18 January, 2017

Personal Data File and Controller

Name of the Personal Data File User Register of Aiven Cloud Services
Controller Aiven Ltd, Business ID: 2795743-5 (the "Company")
Contact privacy@aiven.io

Scope

This Privacy Policy is applied to processing of personal data of the users ("User(s)") of the Company's cloud services ("Service(s)") and processed in context of the User Register of Aiven Cloud Services ("User Register"). This Privacy Policy describes the relevant principles and purposes related to processing of the Users' personal data by the Company.

Processing of personal data in the User Register is primarily based on the User's consent. By signing up for the Service, by using the Service or providing his/her data the User consents to processing of his/her personal data by the Company as set out in this Privacy Policy. The primary source of the data is the data provided by the User itself when using the Services.

Collected data

According to law, personal data means any information on a private individual and any information on his/her personal characteristics or personal circumstances, where these are identifiable as concerning him/her or the members of his/her family or household.

The Company stores and processes the following data provided by the User:

  • Email address
  • Full name
  • Company name
  • Credit card number (last 4 digits only)
  • Credit card expiration date

The Company also provides the following data, provided by the User, to the Company's payments processor (currently Stripe, subject to change):

  • The items listed above
  • Credit card number (full)
  • Credit card security code

Additionally, the Company automatically collects and processes the following data about the User:

  • User's IP addresses
  • Geographical location based on the IP address
  • Service access times
  • Statistics on page views
  • Any other automatically collectible information

Furthermore, the Company may also collect anonymized statistics about the way the User uses the Services provided by the Company.

Purpose of data collection

The primary purpose of collecting personal data is to provide Services to the User and to issue accurate charges for the use of Services.

The Company stores personal data on servers located in the European Union on servers provided by Google and Amazon Web Services. Personal data may be stored and processed in other regions only if the User has requested Services in such regions.

The personal data stored in the User Register may also be used by the Company to provide, develop and customize the Service and to communicate with the User. Such communication may include direct marketing, market research or research polls. The Company may use subcontractors when providing any services. When necessary and to the extent required for the provision of the Service, personal data may be transferred outside of the European Union or European Economic Area. In such occasion the Company shall comply with the requirements set by the applicable law for such transfer of personal data.

Communication of personal data to third parties

The Company may communicate the Users' personal data to its affiliates, cooperation partners or other third parties only to the extent as may be required and permitted by applicable laws, required for the purpose of providing the Service or defending the Company's legitimate interests in accordance with the applicable law or required due to an acquisition or another corporate transaction.

Quality of data

To the extent required by the applicable law, the Company corrects, erases or supplements at the request of a User, possibly erroneous, unnecessary, incomplete or obsolete data processed in the User Register. However, Users are responsible for the validity and quality of the personal data they provide to the Company. A User also is responsible for notifying the Company of any possible changes in the personal data he/she has provided. In order to correct any possibly erroneous data, the Company recommends the User to contact the Company by using the contact information provided in this Privacy Policy.

Data security

The Company has carried out reasonable technical and organizational measures to secure the personal data processed in the User Register against unauthorized access, against accidental or unlawful destruction, manipulation, disclosure and transfer and against other unlawful processing. For instance, any physical data is stored in locked facilities and access to automatically processed data is limited by user rights and passwords within the Company's organization.

Cookies

Cookies are files which are received and transmitted by a User's device when the User is using the Company's Service. The Company may use cookies and similar techniques to provide the Service, to improve its quality and to enhance the user experience. By using the Service and consenting to the use of cookies in his/her browser settings the User consents to the use of cookies by the Company. The User may prohibit the use of cookies by changing the browser settings. This may, however, affect the user experience of the Service.

Users' rights

A User has the right to prohibit the Company from processing personal data stored on him/her in the User Register for the purposes of direct advertising, distance selling, other direct marketing, market research and opinion polls. In order to prohibit such processing, the Company recommends the User to contact the Company by using the contact information provided in this Privacy Policy.

A User also has the right to access the data stored on him/her in the User Register and upon request obtain a copy of the data. In order to access the data, the User shall provide sufficient search criteria and submit a personally signed request to the Company by using the contact information provided in this Privacy Policy.

Changes to the Privacy Policy

The Company may amend this Privacy Policy and the related information. The Company recommends that the Users regularly access the Privacy Policy to obtain knowledge of any possible changes made thereto. The Company aims at informing the Users of possible changes by using reasonable and available channels.