Privacy Notice for California Residents

This Privacy Notice for California Residents (referred to as "Privacy Notice") informs why and how Aiven collects, uses, shares and protects personal information of California residents in compliance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

What rights do you have as a California resident?

Under the CCPA and CPRA, you have the following rights regarding your personal information:

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected, used, and shared about you in the past 12 months.
  • Right to Delete: You have the right to request the deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information. Aiven, however, does not “sell” or “share” personal information as defined in the CCPA.
  • Right to Non-Discrimination: Aiven will not discriminate against you for exercising your privacy rights.
  • Right to Correct: You have the right to correct inaccurate personal information.
  • Right to Limit: You have the right to limit the use and disclosure of sensitive personal information if we use or disclose sensitive personal information for other purposes than those permitted under the CCPA.

How to exercise your rights?

To exercise your rights or to ask any questions about this Privacy Notice, please contact us by sending a request to privacy@aiven.io.

We may need to verify your identity before processing your request, which may require you to provide additional information. You may designate an authorized agent to make a request under the CCPA on your behalf. To do so, you must provide the authorized agent written permission to submit the request and verify your own identity directly with us.

What information we collect?

We have collected the following categories of personal information from consumers within the last twelve (12) months:

  • Identifiers: information of the users of the services provided by us, such as full name, email address, company name, address, phone number, user’s IP address;
  • Internet or Other Network Information: type and device ID, browser type and version, service access times, statistics on page view and time spent on pages and any other automatically collectible information;
  • Geolocation data: geographical location based on the IP address;
  • Professional and Employment Information: such as prospects’ job title and company name;
  • Commercial Information: customer relationship details, such as the contract between Aiven and the customer, start and end date of customer relationship and services ordered; billing information, such as credit card details, bank account information, payments made, outstanding invoices, and invoices delivered; customer interaction, such as customer contracts, feedback and complaints; interaction in the Aiven Community forum, such as messages sent in the Community forum; marketing communications;
  • Personal Records: signatures from customer contracts;
  • Sensory Information: certain customer calls; and
  • Inferences: certain data collected with cookies.

Aiven collects this information directly from you when you use Aiven services or interact in the Aiven Community forum, Aiven staff at events, or automatically through our website. Aiven may also collect your information from public sources or third-party service providers and partners (for further information, please refer to our Sourced Leads Privacy Policy page.

For what purpose we process personal information?

We use personal information for the following purposes:

  • Performing business transactions by providing our services;
  • Providing a requested service such as customer support or other requests;
  • Protecting security and functionality by detecting and preventing fraudulent or illegal activities;
  • Improving our products and services by analyzing usage patterns and obtaining customer feedback;
  • Personalizing user experience by using the User’s preferences and interactions with our services such as personalized content or advertisements; and
  • Complying with legal obligations and other regulatory requirements such as accounting, record keeping and reporting obligations.

To whom we disclose your information with?

We may disclose the above categories of personal information to service providers or contractors for business purposes. The categories of third-parties to whom we disclose personal information for a business purpose in the preceding twelve (12) months are:

  • Affiliates: to our subsidiaries to the extent necessary to provide our services and to manage and organize customer service, marketing as well as information security measures within the group in an appropriate and practical way and use shared IT systems within the group;
  • Service Providers: to our third party service providers, including but not limited to hosting service providers, technology service providers, payment service providers and marketing providers;
  • Legal and Compliance: as required or permitted to comply with legal obligations, requests by competent authorities and courts and related legal proceedings and as required to establish, exercise or defend or to protect against legal claims; and
  • Business Partners: to prospective sellers or buyers if we are involved in a merger, acquisition, or sale of all or a portion of our assets.

Selling and Sharing of Personal information

Aiven does not sell or share personal information subject to the CCPA. In the preceding twelve (12) months, Aiven has not sold or shared personal information.

Aiven does not have actual knowledge that we would collect, sell or share the personal information of consumers under 16 years of age.

What security measures have we taken?

We have carried out reasonable technical and organizational measures to secure the personal information processed against unauthorized access, against accidental or unlawful destruction, manipulation, disclosure and transfer and against other unlawful processing. For instance, any physical data is stored in locked facilities and access to automatically processed data is limited by user rights and passwords within our organization.

Please be aware that, although we endeavor to provide reasonable security measures for personal data, no security system can prevent all potential security breaches.

How long will we retain personal data?

We will only retain personal data for as long as necessary to fulfill the purposes defined in this Privacy Notice. The main retention periods are as follows:

  • We retain personal data for the duration of customer relationship and after that as required by legal obligations (e.g. accounting laws) or our contractual rights or obligations (e.g. for invoicing purposes).
  • If a dispute arises or a customer fails to make payment for our services, we may retain relevant information until such dispute is resolved or until such payment is made.
  • Where we process personal data for marketing purposes, we will delete or anonymise the data after one (1) year has lapsed from last contact between us to the User or when the User asks us to stop marketing and for a short period after this (to allow us to implement the request).

Contact information

If you have questions regarding this Privacy Policy or wish to exercise your rights under the CCPA, please contact us at: privacy@aiven.io.