This Privacy Policy has been updated on 16 September 2024.
1.1 At Aila (hereinafter "Aila" or "us" or "we" or "our"), we are committed to your privacy and it underscores our technology and business decisions. We go to the best possible extent to protect your data and keep it private and secure when you use our Services as defined in our Terms of Service.
1.2 Data we may collect within the scope of our Service are with the purpose of providing best solutions, personalized experience and to continuously improve our Services.
1.3 This privacy policy applies to the collection, use, and disclosure of personal data for marketing and sales of services, customer agreements and when you use our Services, and visit our website.
2.1 We collect data to assist you and your company with sustainability management and reporting. Additionally, we may utilize our own data to assist us in this process, provide insights, and extend offers from our third-party service providers.
2.2 We collect personal data from you when you utilize our services:
(i) basic information, such as name, title, and your relation to a company you represent and contact details (email address, phone number);
(ii) information relating to our relationship, such as services and order details, contract information, payment details, billing information;
(iii) marketing and communication data e.g., your interests and preferences, selections, marketing permissions and prohibitions;
(iv) your interaction and related records such as correspondence, your comments, or responses to our surveys; (v) personal data generated while visiting our website through cookies or otherwise, and how you use the website;
(vi) service-related information, e.g., user IDs, authentication credentials as well as data generated in connection with service provision e.g., login information, and how services are used; and
(vii) other data, which is based on your consent and defined in detail on a case-by-case basis.
2.3 We may collect and use aggregated data for any purpose, where individual person is not identified from e.g., statistical data collected in connection with the provision of services.
3.1 We may market and inform you about our services. We may combine the personal data collected about you from publicly available sources, and from our different interactions with you. Further, your personal data may also be used for market research and customer surveys. Processing of personal data is based on our legitimate interest to collect and analyse relevant information to better understand our customers and develop relevant services.
3.2 Based on your consent we may store and access information, including personal data, on your device in order to create personalized ads profile and deliver relevant content at the website (e.g., information and ads about the Services) as well as to measure the effectiveness of the advertising. Respectively, your personal data may also be processed to develop and improve the website, or for developing our own or our partners’ services.
4.1 The purposes for which we process your data are:
(i) Marketing and Sales of Services to contact you regarding your interest in our Services;
(ii) Keeping our Services running - Providing Services to you and ensuring the functioning and maintenance of Services;
(iii) Verifying your identity for the purposes of signing into the Service;
(iv) Managing the customer relationship with you, including customer communication, user account management and processing payments;
(v) Improving our Services;
(vi) Interacting with you for feedback on our Services;
(vii) Improving and personalizing Services and to develop new services and providing notifications on new features, changes, and improvements;
(viii) Managing, pursuing, analysing, and improving the customer relationship with you;
(ix) Customer Support, corresponding with users, solving issues, and providing customer support through phone or email; and
(x) Informing you of new services, features, and content we may offer.
4.2 We may process your personal data also for specific purposes if you have consented to such processing.
5.1 We process your personal data for the performance of an agreement to provide our Services to you, or our processing is based on legitimate interest in providing quality services to our customers, to improve our Services, and to comply with legal obligations.
6.1 When you visit our website, cookies, and other similar technologies (“Cookies”) may be used to automatically collect information about your visit. It is possible for you to accept or refuse the use of the Cookies.
6.2 Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. Examples of Cookies we use:
(i) Session Cookies. We use Session Cookies to operate our Service.
(ii) Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
(iii) Security Cookies. We use Security Cookies for security purposes.
6.3 If the Cookies are collected, you have the option to disable them through the cookie banner or clear your Cookie history for all visited websites via your browser settings.
6.4 Accepting Cookies will enable you to get the best from our website. If you refuse Cookies, some aspects of the website may not work on your device, and you may not be able to access all areas thereof.
7.1 We may share your personal data with third-party service providers to provide the Service on our behalf, to perform Service-related services such as payment processing or to assist us in analyzing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
7.2 We may also disclose your personal data to comply with legal obligations or protect our legal interests.
8.1 The data we collect is processed by us within the European Union (EU)/European Economic Area (EEA) and in third party data processing facilities within the EU/EEA.
8.2 Some of our service providers may have access or are located outside the EU/ EEA and their processing of your personal data will involve a transfer of data outside of EU/EEA. We will take necessary steps to provide appropriate safeguards for international data transfers and to the extent necessary implement supplementary measures for protection of personal data as required by applicable laws. Personal data is transferred only to countries that have been deemed to provide an adequate level of protection of personal data, and where not we will implement the standard contractual clauses and implement necessary technical, organisational, or contractual supplementary measures to ensure that personal data has the same protection as in EU/EEA.
9.1 We will retain your personal data only for as long as necessary to provide Services to you, and for two (2) years after that, or as long as required by law (different data categories have different retention periods). After that, we will securely dispose of your personal data.
10.1 You have certain rights regarding your personal data:
10.2 Right to Access: You have the right to access your personal data that we hold.
10.3 Right to Rectify Personal Data: You have the right to request that we correct any inaccurate or incomplete personal data that we hold.
10.4 The Right to Object to the Processing: You have the right to object to the processing of your personal data for certain purposes.
10.5 The Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
10.6 The Right to Be Forgotten: You have the right to request that we erase your personal data under certain circumstances.
10.7 The Right to Restriction of the Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.
10.8 The Right to Give and Withdraw Your Consent: You have the right to give or withdraw your consent for the processing of your personal data.
11.1 We use the stringent technical measures and best practices within the Aila platform to ensure the confidentiality, integrity, and availability of all data stored within our Service.
11.2 Hosting and Data Transmission Security: The Platform is hosted on the Google Cloud Platform and utilizes its container-based service, Google Cloud Run. To safeguard data transmission, all interactions between administrators, business clients, and other users are encrypted end-to-end through Transport Layer Security (TLS). Google Cloud Run offers a built-in feature for TLS termination, thereby enhancing the security of data in transit.
11.3 Data Storage and Encryption: Data within the Aila Platform is stored on Google Cloud Platform, specifically using the fully managed database service Cloud SQL for PostgreSQL and the managed file storage service known as Google Cloud Storage. By default, all data stored in Google Cloud SQL for PostgreSQL is encrypted. Additionally, files stored in Google Cloud Storage are encrypted at rest. To further ensure data integrity and availability, Google Cloud SQL offers automated backup services. Application logs are securely stored in Google Cloud Logging.
11.4 Although our good faith efforts to store your data in a secure operating environment that is not available to the public, please remember that unfortunately no data transmission or storage is 100% risk free. You provide your personal data at your own risk, and we cannot guarantee the absolute security of your data. In the unfortunate case of a security breach that that endangers your privacy or data we will inform you as well as the relevant authorities, as required by law. We may also temporarily shut down services to protect the personal data.
12.1 We may update this privacy policy from time to time. We will notify you of any significant changes by posting a notice on our website or by sending you an email.
13.1 If you have any concerns or questions about this privacy policy or our use of your personal data, please feel free to get in touch with our Data Protection Officer: contact@aila.earth, Aila.Earth Oy, business ID: 3340395-7, Hallakuja 6, 33960 Pirkkala.