Privacy Policy for Aiben Ltd.

1. Introduction

• This privacy policy applies to Aiben Ltd., operating the website https://aiben.ai, as well as our apps and other solutions.
• This policy covers all data collection and processing activities related to our website, apps, and other solutions provided by Aiben Ltd.
• The purpose of this privacy policy is to be transparent about how we handle users’ data, ensuring you understand what information we collect, why we collect it, how we use it, and your rights regarding your personal data.

2. Types of Data Collected

2.1 Website Data (https://aiben.ai)

• Contact form data
• Wishlist signup data
• Newsletter subscription data

2.2 App and Solution Data

• Types of data collected through Aiben Ltd.’s apps and other solutions
• Specific data points collected (e.g., usage data, device information, etc.)

3. Purpose of Data Collection and Processing

3.1 Website Data (https://aiben.ai)

• To enable us to respond to your inquiries and provide the services you request.
• To send marketing materials to individuals who have provided their contact information through our forms (from time to time).

3.2 App and Solution Data

• To provide the best possible user experience and tailor our services to individual needs.
• To improve our products and services (for free products and services).

4. Types of Personal Data Collected

We collect and process the following types of personal data:

• Data provided by users: numerical, text, voice, and other data types
• IP addresses
• Payment information
• Biometric identification data (if enabled by the user)

5. Data Storage and Transfer

• All personal data is stored within the European Union.
• We use Standard Contractual Clauses for any data shared with third-party providers, such as our cloud services.
• Personal data is not shared outside of the EU, except for payment information, which is handled in accordance with legal procedures specific to various locations.

6. Third-Party Service Providers

We use the following third-party service providers for data processing:

• Amazon Cloud Services
• Microsoft Azure

These providers are used for cloud storage and data analysis.

7. Children’s Privacy

We require a minimum age of 18 years to use our applications and services. We do not knowingly collect or process data from individuals under 18 years of age.

8. Data Retention Periods

8.1 General Data Retention

• We store data for as long as it is relevant to our products and services.
• If a product is discontinued, users will be contacted and given the option to:
  a) Have their data removed, or
  b) Indicate their interest in other products, in which case we will retain their data.

8.2 Website Data

• Data collected through website forms is retained for as long as a relevant product is available or until the person unsubscribes.

8.3 App and Solution Data

• Data is retained as long as the associated product or service is active and relevant.
• Users can request data deletion at any time (see Section 21: Data Deletion and Account Closure).

8.4 Conversation Logs

• Logs of conversations with our assistants and technologies are stored in their original form until they have been anonymized.
• Once anonymized, these logs are no longer considered personal data under GDPR.
• The anonymization process occurs within 12 months of the data collection.

9. Data Subject Rights

Users have the right to access, rectify, erase, restrict processing, data portability, and object to processing of their personal data. To exercise these rights:

• Contact us at [email protected]
• We will provide an initial response within one week
• The request will be executed within one month’s time if found to be correct and valid

10. Data Breach Notification

In the event of a data breach that risks the rights and freedoms of individuals, we will:

• Notify affected users via email or through in-app notifications
• Provide information about the nature of the breach and steps taken to address it
• Notify relevant supervisory authorities as required by law

11. Automated Decision Making

At this time, we do not engage in automated decision-making processes that produce legal effects or similarly significant effects on users.

12. Cookie Policy

We use cookies on our website, solutions, and apps. Here’s what you need to know:

• Types of cookies used: We use cookies for essential, functional, analytical, and advertising purposes.
• Purpose of cookies:
• To remember user preferences
• To analyze site traffic data
• To identify if user acquisition is functioning correctly
• Third-party cookies: We may use third-party cookies, but only for the purpose of ensuring our analytics is working correctly.
• Cookie consent: When a user comes to our sites, they get the option for opting out of non-essential cookies.

We do not have a separate cookie policy available at this time.

13. Legal Bases for Processing

The primary legal basis for processing your personal data is to provide you with the products and services you require. This includes:

• Fulfilling our contractual obligations to you
• Complying with legal requirements
• Pursuing our legitimate interests in providing and improving our services

14. Changes to Privacy Policy

• We update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.
• The latest version of the privacy policy will always be available at https://aiben.ai/privacy-policy
• We encourage users to check our privacy policy regularly to stay informed about how we are protecting your information.
• For significant updates, we will send emails or notifications to users of our services and apps.

15. Contact Information

For any questions or concerns regarding this privacy policy or your personal data:

• Email: [email protected]
• Postal address: Runonlaulajantie 64, 00420, Helsinki, Finland
• Data Protection Officer: Our DPO can be reached at [email protected]

16. Right to Lodge a Complaint

Users have the right to lodge a complaint with a supervisory authority. In Finland, you can contact:

Office of the Data Protection Ombudsman

• Website: https://tietosuoja.fi/en/home
• Postal address: Office of the Data Protection Ombudsman, PO Box 800, 00531 Helsinki, Finland
• Email: [email protected]
• Telephone: +358 29 566 6700

We encourage you to contact us first with any concerns, but you have the right to go directly to the supervisory authority if you prefer.

17. Profiling

We engage in profiling activities to enhance user experience:

• Users are segmented into different categories based on their behavior and preferences.
• This segmentation allows us to provide personalized services and a tailored user experience.

18. Data Minimization and Accuracy

We are committed to data minimization principles:

• We anonymize personal data where possible.
• Identifying information is removed when it’s no longer necessary.
• To ensure data accuracy, we verify user logins regularly.

19. Data Protection Impact Assessment (DPIA)

• We conduct Data Protection Impact Assessments for products that we determine require them.
• DPIAs help us identify and minimize data protection risks.

20. Free Apps and Solutions

• Aiben Ltd. offers some apps and solutions free of charge.
• For these free products, we store logs of conversations with our assistants and technologies.
• This data is used solely for the purpose of improving our products and services.
• We do not share this conversation data with any third parties.
• Conversation logs are retained in their original form for up to 12 months, after which they are anonymized as described in Section 8.4.
• Once anonymized, these logs are no longer considered personal data under GDPR.
• Users should be aware that while the product is free, their usage data contributes to our product development.

21. Data Deletion and Account Closure

• Users can request deletion of their personal data at any time by contacting [email protected].
• Upon receiving a deletion request, we will remove all personal data associated with the user, except where we are required to retain it by law.
• If a user closes their account, they will be given the option to have their data deleted or retained (in case they wish to use our services again in the future).
• For discontinued products, users will be contacted and given the option to have their data deleted or transferred to other active products.