Privacy Policy

Aerodei Privacy Policy

Aerodei, Inc. respects your privacy and is committed to protecting it through compliance with this Privacy Policy and applicable law.

This Privacy Policy describes:

  • What personal data we collect and process, including from our websites Aerodei.com (the “Site”), and Aerodei.io (the “Service”);
  • How we use the data;
  • Our certification to the EU-US and Swiss-US Privacy Shield to, inter alia, permit transfers under the General Data Protection Regulation (GDPR);
  • With whom we may share the personal data;
  • Legal grounds for the processing of data;
  • Protection and storage of your data;
  • The rights and choices you may have, including with regard to access, correction and deletion of your data; and
  • Disclosures, links to other sites and Privacy Policy updates.

Introduction

Aerodei provides a Cloud platform through a Software as a Service (SaaS) model. At Aerodei, the privacy and security of our customers, respondents and visitors are of paramount importance. Aerodei is committed to protecting the data you share with us. This Privacy Policy governs our data collection, processing and usage practices. It also describes your choices regarding use, access and correction of your personal information. If you do not agree with the data practices described in this Privacy Policy, you should not use the Websites or the Aerodei Service. This Policy describes how we treat personal information on the websites where it is located. This includes Aerodei.com and *Aerodei.io sites. By interacting with us, you consent to these practices.

For the purposes of European data protection laws, the data controller is Aerodei, Inc.

This privacy policy explains how Aerodei processes information that can be used to directly or indirectly identify an individual (“Personal Data”) collected through use of its website and services.

Any information stored on Aerodei’s platform is treated as confidential. All information is stored securely and is accessed by authorized personnel only. Aerodei implements and maintains appropriate technical, security and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.

We recommend that you read this Privacy Policy in full to ensure you are fully informed. However, if you want to access a particular section of this Privacy Policy, please refer to the below table.

Contents

  • Use of Information
  • How We Collect Information
  • Information Sharing
  • Your Choices
  • Children's Privacy
  • California Residents' Privacy
  • Users From Outside the United States
  • Retention of Information
  • How We Protect Your Information
  • Changes to This Policy
  • How to Contact Us

Use of information

Compliance with Our Privacy Policy

We use the information we collect only in compliance with this Privacy Policy. The different types of data use are outlined here below by type; Public/Website only, and clients. Clients who subscribe to our Aerodei Services are obligated through our agreements with them to comply with this Privacy Policy.

We use information as disclosed and described here.

General Public and Website Visitors:

We use information to respond to your requests or questions. For example, we might use your information to respond to your customer feedback. We also use your information to create and administer your account.

We use information to improve our products and services. We may use your information to make our website and products better. We might use your information to customize your experience with us. We use your information to measure and analyze the website.

Use of the Aerodei Service by Aerodei and our Clients

Information we collect and process as a data processor.

Aerodei’s services are used by our customers to design, build and perform electronic signatures on documents that they request be signed. On behalf of our customers, who are the data controllers, we solicit and process information from signers that is required to complete various types of documents. Aerodei collects personally identifiable information from users at several different points on the Site to fulfill the requirements of the Uniform Electronic Transactions Act (UETA) of 1999, the Electronic Signatures in Global and National Commerce Act (E-SIGN) of 2000, and Regulation (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 July 2014 (eIDAS). Additionally, Aerodei may gather information as directed by our clients to fulfill the requirements of any document presented to be signed. Information obtained for the purpose of fulfilling documents presented to be signed on behalf of Aerodei Clients is applied to the produced PDF (portable document format) on behalf of our clients. Any presentation of this document or the digital form fields to collect the data is provided using industry accepted transport secure-socket layer technology (TSL). We do not provide this information to third parties that are not a party or do not have a legitimate business interest in the electronic document being signed. Public website visitors to Aerodei.com may voluntary supply personal data to sign up for our newsletter, request information, and contact us or for other business inquiries.

We act as a platform for client on-boarding and servicing. We act as your front door to digital distribution of products and customer onboarding. We clean up and validate application input, augment the submission with external data sources. We enable our clients to capture data and documents, enrich or validate it with external data sources while providing powerful analytics that will help improve your experience.

Our online Aerodei Service allows any company that uses it to create and share product offerings and customer applications for enrollment content.

The information added to the Aerodei Service, either by site visitors providing their contact information or when an Aerodei Service Client adds the information, is stored and managed on our cloud service providers' servers. This information is then used to contact visitors about their interest in the company's goods or services and interact with the company.

Use by Our Clients

Our clients use the Aerodei Service to build digital forms that people can receive on any connected device such as desktop or laptop computers, tablets and smart phones and complete for their business products or services and or to opt in or purchase those products or services. Aerodei does not control the content of these web forms or the types of information that our customers may choose to collect or manage using the Aerodei Service. That information belongs to them and is used, disclosed and protected by them according to their privacy policies and Aerodei is the data processor per the EEA (European Economic Act) and Privacy Shield.

Aerodei processes our clients' information as directed and in accordance with our agreements with our clients, and we store it on our service providers' servers, but we do not have control over its collection or management on external client infrastructure. Clients of Aerodei services must provide any and all legal notices, content text and placement in their form and application process to support and comply with local, regional and global privacy and business law for the products or services they are offering via the Aerodei platform.

Our agreements with our clients prohibit us from using that information, except as necessary to provide and improve the Aerodei Service, as permitted by this Privacy Policy, and as required by law. We have no direct relationship with individuals who provide Personal Information to our customers.

Personal data is not solicited by Aerodei for any other use in a client instance other than to apply information to documents, which are also made available to the signers, on behalf of our clients, and to pass the data through to our clients, on whose behalf such data has been collected for the purposes of electronic signing and purchasing product or services offered by that Client.

Aerodei does not obtain such data from our client’s document signers for any internal purposes. Signers of electronic documents are agreeing to conduct business with, and share information with, the specific client on whose behalf Aerodei is requesting information for the completion and signing of specific documents.

Data that Aerodei solicits from signers:

is not provided to public information databases;
is not provided to other third parties not associated with documents being signed by signers.

Aerodei collects information under the direction of its clients, and has no direct relationship with the individuals whose Personal Data it processes. We may transfer limited Personal Data to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our clients.

Aerodei Staff and HR Data

Aerodei does not at this time host HR data internal to the Aerodei Business offices or platform. All HR data is stored by the HR providers TriNet for US and Globalization Partners for UK/EU HR services and BambooHR across all locations and their contact and privacy policy can be found on the Provider Websites. Aerodei is a TriNet, BambooHR and Globalization Partners customer so as an employee or contractor of Aerodei, these providers collect the information necessary to provide HR benefits and payroll services for our staff, providers may collect it either from you directly or from your employer HR team. This collection is limited to the purpose of providing the service for which the customer has engaged these HR service partners.

How we collect information

General Public and Website Visitors:

To provide and improve our Services, we collect information about visitors to our sites, users of our Services, the devices they use, and sometimes their locations.

We collect certain information directly from you, such as when you fill out forms with a name or email address. We collect other information, usually about devices, browsers, or locations, automatically (without you typing it into a form).

We collect information from and about you.

To provide and improve our Services, we collect information about visitors to our sites, users of our Services, the devices they use, and sometimes their locations.

We collect certain information directly from you, such as when you fill out forms with a name or email address. We collect other information, usually about devices, browsers, or locations, automatically (without you typing it into a form).

Information We Collect from You.

You provide us with information about yourself when you:

  • Register or log in to your account
  • Start, sign, or review an electronic document
  • Create or edit your user profile
  • Contact customer support
  • Comment on our blogs or in community forums
  • Your main choice for this type of information is simply not providing it, such as by not creating a profile or not leaving a comment in a blog.

Your main choice for this type of information is simply not providing it, such as by not creating a profile or not leaving a comment in a blog.

"Personal Data"

This refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, and other information about yourself or your business. Personal Data can also include information about any transactions, both free and paid, that you enter into on the Websites, and information about you that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.

Information We Collect Automatically

Device, Usage Information, and Transactional Data:

We collect information about how you use our Services and the computers or other devices, such as mobile phones or tablets, you use to access our Services. Some examples include:

  • IP address
  • Precise geolocation information that you allow our apps to access
  • Unique device identifiers and device attributes, like operating system and browser type
  • Usage data, such as: web log data, referring and exit pages and URLs, platform type, number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used our Services, the frequency of your use of our Services, error logs, and other similar information

We get information about you from third parties. For example, our business partners may give us information about you.

As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.

We use this information, which does not identify individual users (other than the IP address of the user’s device), to analyze trends, to administer the Site, to track users’ movements around the Site and to gather demographic information about our user base as a whole. Data from the Aerodei.com site is separate from Client service instances and is anonymized.

Other than tying IP addresses to personally identifiable information to verify the authenticity of the signing party on digitally signed documents, we do not link automatically-collected data to personally identifiable information.

We combine information. For example, we may combine information that we have collected offline with information we collect online. Or we may combine information we get from a third party with information we already have.

We collect information from you passively. We use tracking tools like browser cookies and web beacons. We collect information about users over time when you use this website.

Aerodei Services Clients

Purpose of data collection

Aerodei is the Data Processor:

Aerodei, through its Client services platform, (*.Aerodei.io) collects personal data at several different points on that site to fulfill the requirements of the Uniform Electronic Transactions Act (UETA) of 1999, the Electronic Signatures in Global and National Commerce Act (E-SIGN) of 2000, and Regulation (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 July 2014. Additionally, Aerodei may gather information as directed by our clients to fulfill the requirements of any document presented to be signed as a data processor.

Data Controller(s) on Aerodei.io Services

Aerodei Clients remain the data controller and owner at all times on our services platform sites. Information obtained for the purpose of fulfilling documents presented to be signed on behalf of Aerodei Clients is applied to the produced PDF (portable document format) on behalf of our clients. Any presentation of this document or the digital form fields to collect the data is provided using industry accepted transport layer security technology (TLS). We do not provide this information to third parties that are not a party or do not have an interest in the electronic document being signed.

Cookies and Related Technologies.

We may use cookies, which are text files containing small amounts of information that are downloaded on your device (“Cookies”), or related technologies, such as web beacons, to store or collect information. We also allow others to use Cookies within the Services as described below. Cookies can store your preferences, your username, and help tailor advertisements.

  • Analytics. We use services like Google Analytics. They use Cookies to gather usage data and help us learn how people use our Services, such as the pages they visit and for how long and the website or page they were on before coming to an Aerodei website.

Learn more about these tools and how you can control them, here.

We use information for security purposes. We may use your information to protect our company and our customers. We also use information to protect our websites or our services, as well as to detect and investigate activities that may be illegal or prohibited.

Links to other sites

Please be aware that while visiting our site, Visitors can follow links to other sites that are beyond our sphere of influence. Aerodei is not responsible for the content or privacy policy of these other sites.

EU-US Privacy Shield and Swiss-U.S. Privacy Shield

The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies in the US and Europe with a mechanism to comply with data protection requirements under the EU Data Directive and the General Data Protection Regulation (GDPR) when transferring personal data from Europe to the United States in support of transatlantic commerce.

For personal information of employees, consumers, customers, investors, and government officials that Aerodei receives from the European Economic Area, Aerodei has committed to handling such personal information in accordance with the EU-US Privacy Shield and Swiss-U.S. Privacy Shield Principles.

Aerodei complies with the EU and United Kingdom-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from European Union and United Kingdom and its member countries or Switzerland as applicable. Aerodei has certified that it adheres to the Privacy Shield Principles with respect to such information. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/list.

Sharing personal data

We Never Sell Personal Information

We will never sell your Personal Information to any third party.

With whom we share your personal data

Aerodei is a global provider of services headquartered in the United States, and as such may need to share information with internal personnel located in different geographic locations in order to fulfill our contractual and legal obligations. We may also share your personal data to third parties (within or outside your country of residence) who perform services on our behalf, including our technology providers, administrative personnel and providers, and professional advisors.

Information obtained for the purpose of fulfilling documents presented to be signed is applied to the produced PDF (portable document format) on behalf of our clients. Any presentation of this document is provided using secure socket layer technology (SSL). We do not provide this information to third parties that are not a party or do not have an interest in the electronic document being signed.

Legal grounds for data processing

We rely on the following legal grounds to process your personal information:

Consent. We may use your personal data as described in this Privacy Policy subject to your consent. To withdraw your consent, please contact us at privacy@Aerodei.com.

Aerodei may also share such information with service vendors or contractors in order to provide a requested service or transaction or in order to analyze the Visitor behavior on its website. Information shared will be limited to the service such as email or newsletter distribution functions you have chosen to receive only.

Legitimate Interests. We may use your personal information for our legitimate interests to provide our services and to improve our services and the content on our Site. We process information on behalf of third parties who have legitimate interests in conducting their businesses and entering into transactions as part of the contractual process. We may use technical information as described in this Privacy Policy and use personal information consistent with our legitimate interests and any choices that we offer or consents that may be required under applicable law.

Our Legal Obligation to Disclose Personal Information

Aerodei, may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements, and when we believe that disclosure is necessary to protect our rights. The US Federal Trade Commission has jurisdiction over Aerodei’s compliance with the EU-US and Swiss-US Privacy Shield.

We strive to provide you with choices regarding the personal information you provide to us. This section describes mechanisms to control certain uses and disclosures of your information. If you do not want your information collected, used, and disclosed as described in this Privacy Policy, you should not submit your information to the Services.

Tracking Technologies. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies or block the use of other tracking technologies, some parts of the Services may then be inaccessible or not function properly.

Location Information. You can choose whether or not to allow the Website to collect and use real-time information about your device’s location through the device’s privacy settings. If you block the use of location information, some parts of the Website may then be inaccessible or not function properly.

Click Here for information on our tracking and location technology and how to opt out and take control of what information you share with Aerodei.

Choices about Your Information

We use standard security measures.

The Internet is not 100% secure. We cannot promise that your use of our sites will be completely safe. We encourage you to use caution when using the Internet. This includes not sharing your passwords. We keep personal information as long as it is necessary or relevant for the practices described in this Policy. We also keep information as otherwise required by law.

Links to other sites

Please be aware that while visiting our site, Visitors can follow links to other sites that are beyond our sphere of influence. Aerodei is not responsible for the content or privacy policy of these other sites.

Website Visitors

If you are a Visitor to our website only, and not a Respondent to an application or a user of our platform, then this section is relevant for you.

By visiting this website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not visit this website.

You can opt out of receiving our marketing and newsletter emails. To stop receiving emails from us through our service, email us at privacy@Aerodei.com or log in to your account and change your settings or follow the instructions in any promotional message you get from us. Even if you opt out of getting marketing and newsletter messages, we will still send you transactional messages. These include responses to your questions.

We may process and store information in the United States.

Information we collect from you will be transferred to, processed in, or stored in the United States or another destination outside of the European Economic Area ("EEA"). The laws of the United States do not afford the same protection as those of the EEA. Information may be processed by personnel operating in these locations who work for us or one of our business partners. By submitting your personal data, you agree to this transfer, storing and processing.

If you are a resident of the EEA, you may access, delete or object in the processing of your personal data

Except as otherwise identified in this Policy, you may request that we stop, or limit, using your information. You may also request that we remove your personal information from our system or that we rectify your personal information if the personal information we have stored is incorrect or incomplete. You may also request a description of the personal information we have collected about you, or to receive a copy of your collected data.

If you have provided us with your consent to collect or use your personal information, you may withdraw your consent at any time and for any reason, without affecting the lawfulness of our processing based on your consent prior to the withdrawal. If you feel that we have violated your privacy rights, you have the right to make a complaint to us using the information listed below or to contact your local data protection authority.

To exercise the foregoing rights, please contact us using the information listed below. Please note your right to access your personal data is not absolute. We may deny you access to your personal data when required or authorized by law. For example, we may deny access if granting access would have an unreasonable impact on another individual’s privacy.

Independent Recourse Mechanism

Your rights and choices:

Prospective signers of electronic documents whose information is received under EU-US and Swiss-US Privacy Shield frameworks may choose to decline to sign documents presented to them or may instead elect to use other available options for signing agreements that Aerodei clients may elect to provide.

You may contact us to request information about the personal data we have collected from you. In compliance with the EU-US Privacy Shield and Swiss-U.S. Privacy Shield Principles, Aerodei commits to resolve complaints about your privacy and our collection or use of your personal information. Individuals whose personal data Aerodei processes have a right under the Privacy Shield to request access, correction, modification or deletion of such personal data, which requests we will do our best to honor subject to any legal and contractual obligations. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact Aerodei at:

Aerodei Privacy
114 5th Avenue; 2nd Floor
New York, NY 10011
privacy@Aerodei.com

Aerodei has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, and has appointed the American Arbitration Association AAA. The ICDR-AAA provides several dispute resolution and administrative services related to the Privacy Shield Program. In, to resolve your complaints in relation to our compliance with the Privacy Shield Principles that are not resolved by the Aerodei Privacy Office. The services of the American Arbitration Association are free of charge, and details of how your complaint will be handled may be found at here.

If your complaint has not been resolved by the Aerodei Privacy Office, or by the American Arbitration Association or the US Department of Commerce, having given each of them an opportunity to do so, you may apply for binding arbitration as set out in the Privacy Shield: Annex I (Binding Arbitration).

All disputes regarding data privacy, removal requests or corrections to personal data and information stored by Aerodei are bound by the Terms of Service and will be subject to binding Arbitration resolution.

If you are not satisfied with our response to your compliant or believe our processing of your information does not comply with EEA data protection law, you can make a complaint to the UK Information Commissioner’s Office (ICO): here.

Under certain limited conditions, it may be possible for individuals to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.

All disputes regarding data privacy, removal requests or corrections to personal data and information stored by Aerodei are bound by the Terms of Service and will be subject to binding Arbitration resolution.

If you are not satisfied with our response to your compliant or believe our processing of your information does not comply with EEA data protection law, you can make a complaint to the UK Information Commissioner’s Office (ICO): https://ico.org.uk/concerns/.

Respondents

Respondents are customers of Aerodei Service Client Users and should be aware that in responding to applications for products or services and product and service invitations received via email from clients of Aerodei, they could be disclosing information that could make them personally identifiable to Aerodei. All Aerodei Services Client Users are required to correctly and clearly identify themselves to every respondent customer. Aerodei will not process Personal Data of Respondents for other purposes or by other means than instructed by its Aerodei Services Client Users. Respondent completing applications or service invitations must be shown the proper notices and disclosures by the Client Users of the Aerodei services and Aerodei requires this compliance in every master service agreement it signs.

Inquires

If you wish to inquire about your Personal Data that may have been collected in an Aerodei services application, we recommend that you contact the entity that created or sent you the application or invitation for service. As Aerodei is a Processor, it does not control the Personal Data used or stored in the application, but processes it on behalf of its Client User only.

Aerodei Services Client Users

Collection of Client User data for use of Aerodei’s platform, they provide information such as name, company name, email, address, telephone, and other relevant data. This information is used by Aerodei to identify the Client User and provide them with support, services, mailings, sales and marketing actions, billing and to meet contractual obligations.

Aerodei Client Users can at any time access and edit, update or delete their contact details by logging in with their username and password to the Aerodei Services platform. Aerodei Client Users may create more Client Users with different privilege levels within their account. It is the responsibility of the Client User that creates other Client User accounts, to choose the level of access each User should have. Once these new Client Users log into Aerodei, they meet the definition of Client User in this policy. Aerodei will not retain Client User data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.

Children’s privacy

These sites are not intended for children.

Our sites are meant for adults. We do not knowingly collect personally identifiable information from children under 13 without permission from a parent or guardian. If you are a parent or legal guardian and think your child under 13 has given us information, you can email us at privacy@Aerodei.com. You can also write to us at the address listed at the end of this policy. Please mark your inquiries “COPPA Information Request.” Parents, you can learn more about how to protect children's privacy on-line here.

California residents’ privacy

Your California privacy rights.

California Residents have new rights under CCPA: Consumers may only make a personal information request twice in a 12-month period, Aerodei will need to collect information from the requesting party so that Aerodei can verify their identity, and Aerodei will respond within 45 days of receiving a personal information request.

California residents may email Privacy@Aerodei.com or Call Aerodei’s business line at 1-917-818-4339 and request a CCPA data inquiry report from our data privacy team. This Data inquiry report will include a clear defined list of any data Aerodei currently has about the data subject and the data purpose, i.e retained in logs only as navigation data or say Full Name, address and newsletter preferences for marketing or event materials if applicable for example. Data inquires will also include how to request removal or correction of the data shown if desired by data subject and any third parties we may have shared the data with to support the services requested.

We only share your information as described in this policy for newsletter and events you have chosen to receive. Aerodei processes your information for the purposes described in this policy found under “How we collect information about you”, which include “business purposes” under the CCPA. These purposes include:

  • Protecting against security threats, abuse, and illegal activity. Aerodei uses and may disclose information to detect, prevent and respond to security incidents, and for protecting against other malicious, deceptive, fraudulent, or illegal activity. For example, to protect our services, Aerodei may receive or disclose information about IP addresses that malicious actors have compromised.
  • Auditing and measurement. Aerodei uses information for analytics and measurement to understand how our services are used. We may disclose non-personally identifiable information for auditing purposes.
  • Maintaining our services. Aerodei uses information to ensure our services are working as intended, such as tracking outages or troubleshooting bugs and other issues that you report to us.
  • Research and development. Aerodei uses information to improve our services and to develop new products, features and technologies that benefit our users and the public.
  • Use of service providers. Aerodei shares information with service providers to perform services on our behalf, in compliance with our Privacy Policy and other appropriate confidentiality and security measures. For example, we may rely on service providers to help provide customer support or to send you marketing information for events you have signed up to receive from us.

Aerodei also uses information to satisfy applicable laws or regulations, and discloses information in response to legal process or enforceable government requests, including to law enforcement.

If you have additional questions or requests related to your rights under the CCPA, you can contact Aerodei.

To make a request, please send us an email, or write to us at the address listed below. Indicate in your letter that you are a California resident making a “Shine the Light” inquiry.

Aerodei Privacy
114 5th Avenue; 2nd Floor
New York, NY 10011

Users outside of the United States

Geographical location

Aerodei offers a number of data regions. An Aerodei “Data Region” is a set of data centers located within a defined geographical area where Client User and Respondent data is stored. Personal Data is not transmitted between Data Regions. For Aerodei Client Users with accounts located in Aerodei’s European Data Region, all Personal Data is processed in the EEA. For Client Users with accounts in the Data Regions: United States of America (US) and Canada, all Personal Data is processed solely in the respective country. For Users with accounts in our Asia Pacific Data Region, all Personal Data is processed in Singapore.

Processing in the European Economic Area (EEA)

For Users with accounts located in Aerodei’s European Data Region, all processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and Aerodei’s processing will take place in accordance with the GDPR.

Controller

Aerodei processes Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR:

The Aerodei entity which you as a Client User entered an agreement with when using Aerodei’s platform, will be the Controller for Client User data, as outlined above in “Collection of Client User data” section.

For Respondent data, the Client User will be the Controller in accordance with Directive and GDPR, and Aerodei will be the Processor.

Aerodei adheres to the privacy principals of the Privacy Directive of 1995 and the GDPR from May 25th, 2018. Consequently, Aerodei will processes all data provided by its Client Users with accounts in its European Data Region, in the European Economic Area (EEA) only.

All data collected by Aerodei Client Users through surveys will be stored exclusively in secure hosting facilities provided by Amazon Web Services. Aerodei has a data processing agreement in place with its provider, ensuring compliance with the Directive. All hosting is performed in accordance with the highest security regulations. All transfers of data internally in the EEA is done in accordance with this data processing agreement.

Processing in the United States of America (US)

For Client Users with accounts in the Aerodei US Data Region, Aerodei processes data solely in data centers located in the US. Aerodei has adopted reasonable physical, technical and organizational safeguards which substantially mirror the EU safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the Client User’s data in Aerodei’s possession. Aerodei will promptly notify the Client User in the event of any known unauthorized access to, or use of, the Client User’s data.

All data collected by Aerodei Client Users through applications will be stored exclusively in secure hosting facilities provided by Amazon Web Services. Aerodei's Contracts with its Clients and Corporate Policy is to protect and safeguard any personal information obtained by Aerodei in accordance with United States state or federal laws governing the protection of personal information and data. Accordingly, Aerodei adheres to practices and policies that aim to safeguard the data.

Processing in Canada

For Client Users with accounts in the Aerodei Canada Data Region, Aerodei processes data solely in data centers located in Canada. Aerodei has adopted reasonable physical, technical and organizational safeguards which substantially mirror the EU safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the Users data in Aerodei’s possession. Aerodei will promptly notify the Client User in the event of any known unauthorized access to, or use of, the Client User’s data.

All data collected by Aerodei Client Users through applications will be stored exclusively in secure hosting facilities provided by Amazon Web Services. Aerodei’s contract with its hosting provider ensures that all hosting is performed in accordance with the highest security regulations. Aerodei’s policy is to protect and safeguard any personal information obtained by Aerodei in accordance with Canadian laws governing the protection of personal information and data. Accordingly, Aerodei adheres to practices and policies that aim to safeguard the data.

Processing in other regions

For Users with accounts in our Asian Pacific Data Region, Aerodei processes data solely in data centers located in Singapore. Aerodei has adopted reasonable physical, technical and organizational safeguards which substantially mirror the EU safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the Users data in Aerodei’s possession. Aerodei will promptly notify the Client User in the event of any known unauthorized access to, or use of, the Client User’s data.

All data collected by Aerodei Client Users through applications will be stored exclusively in secure hosting facilities provided by Amazon Web Services. Aerodei’s contract with its hosting provider ensures that all hosting is performed in accordance with the highest security regulations. Accordingly, Aerodei adheres to practices and policies that aim to safeguard the data.

Retention of Personal Information

How long we keep information we collect about you depends on the type of information. As described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.

We retain Personal Information that you provide to us where we have an ongoing legitimate business need to do so (for example, as long as is required in order to contact you about the Aerodei Service or our other services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements).

When we have no ongoing legitimate business need to process your Personal Information, we securely delete the information or anonymize it or, if this is not possible, then we will securely store your Personal Information and isolate it from any further processing until deletion is possible. We will delete this information from the servers at an earlier date if you so request, as described in "To Unsubscribe from Our Communications" below.

If you provide information to our customers as part of their use of the Aerodei Service, our customers decide how long to retain the personal information they collect from you on their infrastructure. For services and digital forms presented by our customers, Personal Information provided by you is anonymized within Aerodei Services upon signed submission of the product or service application and acceptance by the customer. If a customer terminates its use of the Aerodei Service, then we will provide customer with access to all information stored for the customer by the Aerodei Service, in addition to anonymized data, for export by the customer according to our agreement with our customer. After termination, we may, unless legally prohibited, delete all customer information, including your Personal Information, from the Aerodei Service.

How Aerodei protects your Data

To keep your information safe all information is stored securely and is accessed by authorized personnel only. Aerodei implements and maintains appropriate technical, security and organizational tools and measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure. At Aerodei the privacy and security of our customers, respondents and visitors are of paramount importance. Aerodei is committed to protecting the data you share with us. We take handling and the trust involved with holding data very seriously. We apply these controls and technology based on the sensitivity of the information we collect, use, and store, and the current state of security tools available. Aerodei performs scans and risk assessments of our Services, software code and websites on a regular basis to prevent data loss and risk as well as ensure our services are secure as we can offer to our clients and to the general public. Although we take steps to prevent unauthorized access to or use of personal information, the Internet and our Services are not 100% secure. For this reason, we are not able to guarantee that information we collect or store will always be protected from unauthorized access, or that it will only be used as described in this Privacy Policy.

Jurisdiction

Aerodei is a Delaware Incorporated company. The Site is controlled and operated from the United States. If you are an individual from the European Union, Canada or any other jurisdiction with laws or regulations governing personal data collection, use, and disclosure that differ from United States laws, please be advised that we may store the information we collect in the United States or in other countries where we or our third party service providers have operations. Personal data may also be transferred from the country of your residence to other countries, including the United States.

Policy Updates and Changes

We periodically update this Privacy Policy. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by sending you an email notification.

While we will notify you of any material changes to this Privacy Policy, we encourage you to review this Privacy Policy periodically. We will also keep prior versions of this Privacy Policy in an archive for your review.

Privacy Contact

If you have any questions about this Privacy Policy or our treatment of the information you provide us, please write to us by email at privacy@Aerodei.com, or in writing via traditional mail delivery at: Aerodei; 114 Fifth Avenue, 2nd Floor; New York, NY 10011.

Aerodei Logo

Interested in joining Aerodei’s inclusion movement?

Unlock unparalleled insights into employees’ workplace experience, performance, and organizational trends, while receiving actionable strategies powered by Aerodei AI.