|Name of the Personal Data File||User Register of Aiven Cloud Services|
|Controller||Aiven Ltd, Business ID: 2795743-5 (the “Company”)|
According to law, personal data means any information on a private individual and any information on his/her personal characteristics or personal circumstances, where these are identifiable as concerning him/her or the members of his/her family or household.
The Company stores and processes the following data provided by the User:
Additionally, the Company automatically collects and processes the following data about the User:
Furthermore, the Company may also collect anonymized statistics about the way the User uses the Services provided by the Company.
The primary purpose of collecting personal data is to provide Services to the User and to issue accurate charges for the use of Services.
The Company stores personal data on servers located in the European Union on servers provided by Google and Amazon Web Services. Personal data may be stored and processed in other regions only if the User has requested Services in such regions.
The personal data stored in the User Register may also be used by the Company to provide, develop and customize the Service and to communicate with the User. Such communication may include direct marketing, market research or research polls. The Company may use subcontractors when providing any services.
When necessary and to the extent required for the provision of the Service, personal data may be transferred outside of the European Union or European Economic Area. In such occasion the Company shall comply with the requirements set by the applicable law for such transfer of personal data.
The Company provides the representations and information in this section in compliance with European privacy laws, in particular the European General Data Protection Regulation (GDPR). They are specific to Users located in EEA countries or Switzerland, so please don’t rely on the below, if you’re not a User in one of those countries.
If you are a User from the European Territories, the Company’s legal basis for collecting and using the personal data described above will depend on the personal information concerned and the specific context in which it is collected. “European Territories” mean the European Economic Area and Switzerland.
However, the Company will normally collect personal data from Users where the processing is in the Company’s legitimate business interests to, for example, administer Services and fulfill contractual obligations as a service provider. In some cases the Company may collect and process personal data based on consent.
The Company may communicate the Users’ personal data to its affiliates, cooperation partners or other third parties only to the extent as may be required and permitted by applicable laws, required for the purpose of providing the Service or defending the Company’s legitimate interests in accordance with the applicable law or required due to an acquisition or other corporate transaction.
The Company provides the following data to the Company’s CRM provider/s (currently Hubspot and Intercom):
The Company provides the following data, provided by the User, to the Company’s payment processor (currently Stripe):
The Company uses Google Analytics, a service which transmits anonymous website traffic data to Google servers. The Company uses reports provided by Google Analytics to help the Company understand website traffic and usage.
The Company also uses Google Analytics to send and receive data to/from Google Ads to improve the performance of the Company’s Google Ads campaigns and develop remarketing lists.
User-level and event-level is automatically deleted from Google Analytics servers after 38 months. However, the 38 month period will reset if Google Analytics detects new activity, such as a site visit.
The Company uses Hotjar, a service that helps the Company better understand user website behavior, e.g. how much time is spent on which pages, which links are clicked, what a user likes and doesn’t, etc.
Hotjar collects the following user behavior and device data:
You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of the Company’s web properties and Hotjar’s use of tracking cookies on other websites by following this opt-out link.
UTM tags are appended as part of the visible URL for marketing campaigns and reports can be viewed in platforms like Google Analytics. The Company sends UTM tag information to Google Google Analytics/Intercom to evaluate campaign performance.
For example, if a user visits the website via a link with UTM parameters attached. These details, such as campaign source, medium, and name, are collected at an aggregated level and sent to Google Analytics.
Moreover, if a user who clicks a campaign link with a UTM tag becomes a registered user, the UTM information will associated with the registration and sent to Intercom. This information helps the Company assess the utility of its marketing channels.
To the extent required by the applicable law, the Company corrects, erases or supplements at the request of a User, possibly erroneous, unnecessary, incomplete or obsolete data processed in the User Register. However, Users are responsible for the validity and quality of the personal data they provide to the Company.
The Company has carried out reasonable technical and organizational measures to secure the personal data processed in the User Register against unauthorized access, against accidental or unlawful destruction, manipulation, disclosure and transfer and against other unlawful processing. For instance, any physical data is stored in locked facilities and access to automatically processed data is limited by user rights and passwords within the Company’s organization.
The User may limit the use of performance, functional, and targeting cookies by the Company through changing the browser or cookie settings. The User may also update his/her cookie consent at any time via the Cookie Settings under the Terms and Policies section of aiven.io’s footer
Lastly, the User can utilize industry opt-out tools provided by the member bodies below. By using these tools, the User can limit personalized ads from member companies, such as AdRoll:
If the User is a resident of a European Territory, he/she has the following enhanced rights under the EU data protection law:
Similarly, if the Company has collected and processed the User’s personal information with the User’s consent, the User can withdraw your consent at any time. Withdrawing consent will not affect the lawfulness of any processing the Company conducted prior to the User’s withdrawal, nor will it affect processing of the User’s personal information conducted in reliance on lawful processing grounds other than consent.
Additionally, the User can withdraw consent for the Company to drop cookies by clicking the Cookie Settings link in the footer of the Company’s marketing site or by withdrawing consent for the Company when the User sees the “consent banner”.
The User has the right to complain to a data protection authority about the Company’s collection and use of the User’s personal information. For more information, the User can contact his/her local data protection authority. Contact details for data protection authorities in the European Territories are available here. However, if the User has any questions about the Company’s collection and use of his/her personal information, the User can contact the Company first at email@example.com.
The Company does not operate within the scope of the California Consumer Privacy Act of 2018 (CCPA). However, NextRoll, one of the Company’s service providers does. The User can go here) to review NextRoll’s CCPA-mandated notices and disclosures.
Test the whole platform for 30 days with no ifs, ands, or buts.