Personal data is all the information relating to a natural person or the personal and material circumstances of that person, such as names, addresses, telephone numbers, email addresses etc.
The processing of your personal data by Aintro serves multiple purposes. The purpose of the processing include:
Your personal data will not be stored longer than strictly necessary for the purpose of the processing. Certain data may be stored for a period following the termination of the provision of products and services, but only when and for as long as this is necessary to comply with our obligations under applicable law. For example, by law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for 7 years after they cease being customers for tax purposes. Please contact us for details of retention periods for different aspects of your personal data.
Aintro will take all appropriate technical and organisational measures to prevent the loss, destruction, alteration, unauthorised disclosure or unauthorized access of personal data or unlawful processing and to comply with Article 32 of the GDPR (security of processing). Information is sent to and stored on our secure servers or in secure filing systems and your information is processed in accordance with European data protection laws. The security measures also include confidentiality agreements concluded with third parties. In addition, we limit access to your personal data to those employees, contractors, agents and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We also ensure that any processors and sub-processors we engage have taken the appropriate technical and organisational measures to prevent the loss of personal data or unlawful processing. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your personal information will be processed by third parties if it is necessary to comply with the obligation arising from a contract to which you are a party, for the supply of our services, for the provision of further information or if you consented into such transferring of data. We may have to share your personal data with the parties set out below for the purposes set out in paragraph 4 above. Your personal data can in any case be shared with the parties listed below:
Such third parties’ places of business may be outside the European Economic Area (“EEA”). By way of example, this may happen if one or more of our servers are from time to time located in a country outside the EEA or one of our service providers or group companies is located in a country outside the EEA. Furthermore, we have implemented Social Plugins on our Website from social networks like LinkedIn Ireland Unlimited Company (“Linkedin”), Wilton Place, Dublin 2, Ireland, so that you can share anything of interest to you with your connections. If you use our services and provide us with your consent, your browser not only connects to our server but also to Linkedin’s servers. Thus, the content of the Plugin is transmitted to your browser which embeds content on the Website. Hence, Linkedin receives information that you used our services. In all these cases, we will take the necessary steps to ensure that your privacy rights continue to be adequately protected. In addition, we will process personal information in an appropriate manner if we are legally obliged or entitled to disclose such information. We will limit the transfer of personal data to the United States (“US”) as much as reasonably possible. In case we have to transfer personal data to the US, for example because of our use of Google Analytics, we will use Standard Contractual Clauses (“SCC”) to adequately safeguard your data. We will continuously monitor developments related to the transfer of personal data outside the EEA and will implement additional measures if and when required by applicable law to ensure that your personal data will be adequately protected outside the EEA as well as within the EEA.
Under the data protection legislation, you have several rights regarding your personal data that is processed by Aintro:
You may exercise any of the above rights as set out under paragraph 10 below. We will respond to a request for access to personal information within a reasonable period after the request is made, and give access to the personal information in the manner requested by you, if it is reasonable and practicable to do so.