Your Database in the Cloud
18 January, 2017
|Name of the Personal Data File||User Register of Aiven Cloud Services|
|Controller||Aiven Ltd, Business ID: 2795743-5 (the "Company")|
According to law, personal data means any information on a private individual and any information on his/her personal characteristics or personal circumstances, where these are identifiable as concerning him/her or the members of his/her family or household.
The Company stores and processes the following data provided by the User:
- Email address
- Full name
- Company name
- Credit card number (last 4 digits only)
- Credit card expiration date
The Company also provides the following data, provided by the User, to the Company's payments processor (currently Stripe, subject to change):
- The items listed above
- Credit card number (full)
- Credit card security code
Additionally, the Company automatically collects and processes the following data about the User:
- User's IP addresses
- Geographical location based on the IP address
- Service access times
- Statistics on page views
- Any other automatically collectible information
Furthermore, the Company may also collect anonymized statistics about the way the User uses the Services provided by the Company.
The primary purpose of collecting personal data is to provide Services to the User and to issue accurate charges for the use of Services.
The Company stores personal data on servers located in the European Union on servers provided by Google and Amazon Web Services. Personal data may be stored and processed in other regions only if the User has requested Services in such regions.
The personal data stored in the User Register may also be used by the Company to provide, develop and customize the Service and to communicate with the User. Such communication may include direct marketing, market research or research polls. The Company may use subcontractors when providing any services. When necessary and to the extent required for the provision of the Service, personal data may be transferred outside of the European Union or European Economic Area. In such occasion the Company shall comply with the requirements set by the applicable law for such transfer of personal data.
The Company may communicate the Users' personal data to its affiliates, cooperation partners or other third parties only to the extent as may be required and permitted by applicable laws, required for the purpose of providing the Service or defending the Company's legitimate interests in accordance with the applicable law or required due to an acquisition or another corporate transaction.
The Company has carried out reasonable technical and organizational measures to secure the personal data processed in the User Register against unauthorized access, against accidental or unlawful destruction, manipulation, disclosure and transfer and against other unlawful processing. For instance, any physical data is stored in locked facilities and access to automatically processed data is limited by user rights and passwords within the Company's organization.