Last Updated: 1 December 2018
In this policy, "Aerofiler" refers to Aerofiler Inc. Aerofiler is the company responsible for your personal data under this policy.
You may be an individual user who has an Aerofiler account for one or more of our services, a visitor to one of our websites, or a customer organization who is receiving services from us.
We collect numerous categories of information from you. We've listed these below under three headings, based on the way in which collect the information. We explain the legal bases under which we collect personal data in Section 2, which describes what we use the personal data for.
We use your information for a variety of reasons which are categorized below.
We process your information to provide, maintain and monitor our services, as is necessary to perform our contractual obligations to you. We also process your information given our legitimate interest in improving and developing our services. For example, we may process your information to:
Some features of our service that process your information require you to consent to using them by enabling the relevant feature through your account settings. You can also withdraw consent by disabling such features through your account settings.
Given our legitimate interest in protecting our services and the data stored with our services, we process your information to secure and protect our services, operations, and data. We also do so to comply with applicable laws and to perform our contractual obligations to you. For example, we may process your information to:
In limited circumstances, automated processes may limit or suspend access to our services if we detect activity or information that we believe indicates a security threat or other risk to our services, other users, or third parties. If your access has been limited or suspended in this way, you can contact us and we can review the situation with you.
We have a legitimate interest in processing your information for advertising and marketing purposes, such as offering you additional products and services that you may be interested in. You can opt-out of receiving marketing communications by clicking on the unsubscribe or opt-out link in those communications, by changing the relevant communication settings in your Aerofiler account, or by contacting us. Our marketing activities include:
We share your information in a variety of circumstances and with various third parties.
Our services let you share information with others with your consent. For example, you can decide to make links to your documents stored on Aerofiler publicly accessible, which means they will be shared with anyone who knows the link. When you share information publicly (including in publicly accessible forums), it may also be indexed by search engines.
If you use any part of the service which integrates with a third party service, they can receive information from your Aerofiler account that is required for the integration to operate. For example, if you connect your account with a third party cloud storage provider to use them as a backup store of your documents, we will send them a copy of your documents.
Aerofiler uses a variety of service providers who help us to provide our services. These service providers are contractually required to only use your information as needed for this purpose, and to appropriately secure your information. For example, we engage service providers to:
Where permitted by applicable law, we may hash certain of your personal data (such as your email address) and share it with social media platforms (such as Google or LinkedIn) to generate leads, drive traffic to our websites, or otherwise promote our services. These hashing and matching services are offered by those social media platforms and are not controlled by Aerofiler. Contact your social media platform provider to understand how they use your personal data in such situations, or contact us if you us to stop processing your personal data for direct marketing purposes in this manner.
If you are a user, we may share your information with the customer who provided you with your Aerofiler account (typically, your organization). Your information may be accessible and used by other users (including administrators) who have been given permission to do so.
Aerofiler may disclose your information, including personal data, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law (including to comply with legal process), or if such disclosure is reasonably necessary: (a) to comply with our legal obligations, (b) to respond to claims asserted against Aerofiler, (c) to enforce and administer our agreements with customers and users, (d) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us to legal liability, or (e) to protect the rights of Aerofiler.
If we receive legal requests, we will endeavor to notify the affected customer or user unless that is prohibited by law, or if we believe that providing notice would be futile, ineffective, or create a risk of harm (whether financial or otherwise).
We may share anonymized data (including aggregated data which has been de-identified) for marketing and advertising purposes, business analysis, regulatory compliance, and other business purposes in which we have a legitimate interest.
To protect the security and privacy of your information, we may ask you to verify your identity before taking further action on your request. This may require you to provide us with personal data in order for us to be able to do this. Unless we've specified otherwise, you may exercise any of the rights in this section by sending an email to privacy [at] aerofiler.com.
Aerofiler's customers may store documents in their Aerofiler accounts that contain personal data. If you wish to exercise any of your rights with respect to such personal data, you should contain that customer, as Aerofiler does not act the controller of that data.
Some of your information can be accessed and updated through your account. You are responsible for keeping your personal data in your account up to date.
You have the right to ask us to correct inaccurate or incomplete personal data concerning you that you cannot correct yourself through your account.
Applicable law in some jurisdictions entitles you to request copies of your personal data that is held by us. You may also be entitled to request copies of personal data that you have provided to us in a structured, commonly used, and machine-readable format, and may also request that data to be sent to another service provider where doing so is technically feasible.
We generally retain your personal data for as long as is necessary to perform the contract between you and us, and to comply with our legal obligations.
You may request the erasure of your personal data and the closure of your account if you no longer want us to use the personal data to provide our services to you. However, we may retain your personal data to the extent necessary to comply with our legal obligations, or as necessary for our legitimate business interests. For example, we may need to retain personal data related to financial transactions for tax, legal reporting, and audit obligations. If you are a user, you should contact the organization that issued you with with your user account if you want to close it.
We back up customer data as as security measure in order to protect against accidental or malicious loss of data. Due to technical reasons, residual copies of personal data may remain in backup systems for a limited amount of time.
Where you have provided your consent to the processing of your personal data by us, you may withdraw your consent at any time. Consent may be withdrawn through your account (if available), or by contacting us and specifying which consent you wish to withdraw.
Applicable law in some jurisdictions entitles you to restrict the ways in which we process your personal data, in particular where: (a) you contest the accuracy of your personal data; (b) the processing is unlawful and you oppose the erasure of your personal data; (c) we no longer need your personal data for the purposes of the processing, but you require the data for the establishment, exercise, or defence of legal claims; or (d) you have objected to the processing pending the verification of whether the legitimate grounds of Aerofiler override your own.
Applicable law in some jurisdictions entitles you to require us not to process your personal data for certain specific purposes where such processing is based on our legitimate interest. If you object to such processing, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defence of legal claims.
Where your personal data is processed for direct marketing purposes, you may request us to stop processing your personal data for such purposes by either clicking on the relevant opt-out or unsubscribe link, or by contacting us.
You have the right to lodge complaints about the data processing activities carried out by Aerofiler before competent data protection authorities.
Do Not Track. Aerofiler currently does not respond to "Do Not Track" signals in the HTTP headers from your browser or mobile application due to a lack of standardization regarding how those signals should be interpreted.
Aerofiler may use a variety of affiliates and service providers who help us to operate our services. Because some of these service providers may be located throughout the world (including in the United States, Australia, United Kingdom, and the European Union), Aerofiler may process your information in countries outside of where you are located. These countries may have data protection laws that differ to the laws that apply in your country.
If you are located in the European Union, where we process your personal data outside of the European Economic Area, we have ensured that we have implemented appropriate safeguards to ensure an adequate level of data protection.
Aerofiler employs a variety of administrative, physical, and technical security measures that are designed to protect your information against unauthorized access, loss, deletion, or modification (whether intentional or accidental). We also periodically review our security measures and consider how to improve them. Learn more about Aerofiler's security practices.
We may make changes to this policy from time to time and post the changes to this page. If the changes we make reflect a material change in the way we process your personal data, we will provide you with at least 30 days' notice by email before those changes become effective.
Attn: DPO / Privacy Officer
50 Woodside Plaza, Suite 515
Redwood City, CA 94061
Email: privacy [at] aerofiler.com