Last Updated: 1 December 2018
In this policy, “Aerofiler” refers to the Aerofiler entity that you have contracted with. Aerofiler is the company responsible for your personal data under this policy.
You may be an individual user who has an Aerofiler account for one or more of our services, a visitor to one of our websites, or a customer organization who is receiving services from us.
1. What information do we collect from you?
We collect numerous categories of information from you. We’ve listed these below under three headings, based on the way in which collect the information. We explain the legal bases under which we collect personal data in Section 2, which describes what we use the personal data for.
1.1. Information we ask you for
- Contact information. This may include names, email addresses, phone numbers, and social media account usernames. We may collect these details when you fill out a web form, sign up for an account, or communicate with Aerofiler (such as for sales information or support).
- Account information. This may include account access credentials (such as usernames and passwords) and account profile information (such as your preferences and settings). We may collect these details when you establish an Aerofiler account. Your organization may provide these details to us on your behalf if they create your Aerofiler account.
- Billing and payment information. This may include billing details, payment instrument details, and transaction data. We initially collect these details when you purchase or renew a product from Aerofiler.
- User content. We collect any content you upload or send using our services, such as documents and document metadata.
- Communications. We collect any communications you send to Aerofiler or to other Aerofiler users via our services.
1.2. Information we collect in the background when you access our services
- Usage information. This may include your activity when using our services (such as what features you use, what you click on, and your Aerofiler search and viewing history) and log files (such as the standard log files our web servers create to record requests made to it).
- Device and browser data. This may include information about your device (such as its IP address, operating system, hardware information and geolocation information), and your browser (such as the browser type and cookie data).
- Referral information. If you arrive at our website from an external source (such as a third party web page or a link in an email), we may record that source.
1.3. Information we collect from third parties
- Third parties. We may collect your personal data from third parties if you have given them permission to share it with us. To the extent permitted by applicable law, we may also collect your personal information from third parties, such as demographic data, and combine it with information we already have about you.
- Public information. We may collect your personal data from publicly available sources.
2. What do we use your information for?
We use your information for a variety of reasons which are categorized below.
2.1. To provide, maintain, monitor, improve and develop our services
We process your information to provide, maintain and monitor our services, as is necessary to perform our contractual obligations to you. We also process your information given our legitimate interest in improving and developing our services. For example, we may process your information to:
- Provide you with access to and use of our services
- Operate, monitor, and maintain our services
- Enable you to communicate and share documents with other users
- Provide customer support
- Improve and develop the services for our customers, including optimizing, personalizing and customizing your experience when using the services
- Conduct profiling and analysis based on your account settings, your interactions with the services, how you interact with the services, and the content you submit to the services, in order to monitor, personalize, improve, and develop our services
Some features of our service that process your information require you to consent to using them by enabling the relevant feature through your account settings. You can also withdraw consent by disabling such features through your account settings.
2.2. To secure and protect our services and operations
Given our legitimate interest in protecting our services and the data stored with our services, we process your information to secure and protect our services, operations, and data. We also do so to comply with applicable laws and to perform our contractual obligations to you. For example, we may process your information to:
- Detect and prevent abuse, fraud, security incidents, spam, and other harmful or malicious activity
- Conduct security risk assessments and investigations
- Verify or authenticate your identity, and any information you provide to us
- Resolve disputes and enforce our agreements and policies with you and third parties
- Conduct profiling based on your account settings, your interactions with the services, and the content you submit to the services for security purposes
In limited circumstances, automated processes may limit or suspend access to our services if we detect activity or information that we believe indicates a security threat or other risk to our services, other users, or third parties. If your access has been limited or suspended in this way, you can contact us and we can review the situation with you.
2.3. To conduct marketing and advertising
We have a legitimate interest in processing your information for advertising and marketing purposes, such as offering you additional products and services that you may be interested in. You can opt-out of receiving marketing communications by clicking on the unsubscribe or opt-out link in those communications, by changing the relevant communication settings in your Aerofiler account, or by contacting us. Our marketing activities include:
- Sending you marketing and other promotional communications that may be of interest to you based on your profile and preferences, and how you interact with our services
- Conducting advertising through social media platforms such as LinkedIn and Google
- Personalizing and improving our targeting of marketing communications
- Measuring, and improving our marketing relevance and effectiveness
- Conducting and administering referral and incentive programs, surveys, sweepstakes, contests, and promotional events or activities
- Conducting profiling based on your account settings, your interactions with the services, and information obtained from third parties, to send you more relevant and targeted marketing communications
3. Who do we share your information with?
We share your information in a variety of circumstances and with various third parties.
3.1. With your consent
Our services let you share information with others with your consent. For example, you can decide to make links to your documents stored on Aerofiler publicly accessible, which means they will be shared with anyone who knows the link. When you share information publicly (including in publicly accessible forums), it may also be indexed by search engines.
3.2. With third party integrations
If you use any part of the service which integrates with a third party service, they can receive information from your Aerofiler account that is required for the integration to operate. For example, if you connect your account with a third party cloud storage provider to use them as a backup store of your documents, we will send them a copy of your documents.
3.3. With service providers
Aerofiler uses a variety of service providers who help us to provide our services. These service providers are contractually required to only use your information as needed for this purpose, and to appropriately secure your information. For example, we engage service providers to:
- facilitate sending emails (both transactional emails about your account and the services, as well as marketing emails)
- process your financial transactions with Aerofiler, such as credit cards payments
- help provide customer service
- perform product development, maintenance, and troubleshooting
- assist Aerofiler to advertise, or publish advertisements on our behalf
- perform analytics on how users use our services or interact with our advertisements
Where permitted by applicable law, we may hash certain of your personal data (such as your email address) and share it with social media platforms (such as Google or LinkedIn) to generate leads, drive traffic to our websites, or otherwise promote our services. These hashing and matching services are offered by those social media platforms and are not controlled by Aerofiler. Contact your social media platform provider to understand how they use your personal data in such situations, or contact us if you us to stop processing your personal data for direct marketing purposes in this manner.
3.4. With your organization
If you are a user, we may share your information with the customer who provided you with your Aerofiler account (typically, your organization). Your information may be accessible and used by other users (including administrators) who have been given permission to do so.
3.5. To comply with the law, respond to legal requests, prevent harm and protect our rights
Aerofiler may disclose your information, including personal data, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law (including to comply with legal process), or if such disclosure is reasonably necessary: (a) to comply with our legal obligations, (b) to respond to claims asserted against Aerofiler, (c) to enforce and administer our agreements with customers and users, (d) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us to legal liability, or (e) to protect the rights of Aerofiler.
If we receive legal requests, we will endeavor to notify the affected customer or user unless that is prohibited by law, or if we believe that providing notice would be futile, ineffective, or create a risk of harm (whether financial or otherwise).
3.6. Corporate transactions
3.7. Anonymized and aggregated data
We may share anonymized data (including aggregated data which has been de-identified) for marketing and advertising purposes, business analysis, regulatory compliance, and other business purposes in which we have a legitimate interest.
4. What rights do you have regarding your information?
To protect the security and privacy of your information, we may ask you to verify your identity before taking further action on your request. This may require you to provide us with personal data in order for us to be able to do this. Unless we’ve specified otherwise, you may exercise any of the rights in this section by sending an email to privacy [at] aerofiler.com.
Aerofiler’s customers may store documents in their Aerofiler accounts that contain personal data. If you wish to exercise any of your rights with respect to such personal data, you should contain that customer, as Aerofiler does not act the controller of that data.
4.1. Managing your information
Some of your information can be accessed and updated through your account. You are responsible for keeping your personal data in your account up to date.
4.2. Correcting your personal data
You have the right to ask us to correct inaccurate or incomplete personal data concerning you that you cannot correct yourself through your account.
4.3. Accessing and porting your personal data
Applicable law in some jurisdictions entitles you to request copies of your personal data that is held by us. You may also be entitled to request copies of personal data that you have provided to us in a structured, commonly used, and machine-readable format, and may also request that data to be sent to another service provider where doing so is technically feasible.
4.4. Erasing your data and data retention
We generally retain your personal data for as long as is necessary to perform the contract between you and us, and to comply with our legal obligations.
You may request the erasure of your personal data and the closure of your account if you no longer want us to use the personal data to provide our services to you. However, we may retain your personal data to the extent necessary to comply with our legal obligations, or as necessary for our legitimate business interests. For example, we may need to retain personal data related to financial transactions for tax, legal reporting, and audit obligations. If you are a user, you should contact the organization that issued you with with your user account if you want to close it.
We back up customer data as as security measure in order to protect against accidental or malicious loss of data. Due to technical reasons, residual copies of personal data may remain in backup systems for a limited amount of time.
4.5 Withdrawing your consent
Where you have provided your consent to the processing of your personal data by us, you may withdraw your consent at any time. Consent may be withdrawn through your account (if available), or by contacting us and specifying which consent you wish to withdraw.
4.6. Restricting processing of personal data
Applicable law in some jurisdictions entitles you to restrict the ways in which we process your personal data, in particular where: (a) you contest the accuracy of your personal data; (b) the processing is unlawful and you oppose the erasure of your personal data; (c) we no longer need your personal data for the purposes of the processing, but you require the data for the establishment, exercise, or defence of legal claims; or (d) you have objected to the processing pending the verification of whether the legitimate grounds of Aerofiler override your own.
4.7. Objecting to processing of personal data
Applicable law in some jurisdictions entitles you to require us not to process your personal data for certain specific purposes where such processing is based on our legitimate interest. If you object to such processing, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defence of legal claims.
Where your personal data is processed for direct marketing purposes, you may request us to stop processing your personal data for such purposes by either clicking on the relevant opt-out or unsubscribe link, or by contacting us.
4.8. Lodging complaints
You have the right to lodge complaints about the data processing activities carried out by Aerofiler before competent data protection authorities.
4.9. California privacy rights
Do Not Track. Aerofiler currently does not respond to “Do Not Track” signals in the HTTP headers from your browser or mobile application due to a lack of standardization regarding how those signals should be interpreted.
5. International Transfers
Aerofiler may use a variety of affiliates and service providers who help us to operate our services. Because some of these service providers may be located throughout the world (including in the United States, Australia, United Kingdom, and the European Union), Aerofiler may process your information in countries outside of where you are located. These countries may have data protection laws that differ to the laws that apply in your country.
If you are located in the European Union, where we process your personal data outside of the European Economic Area, we have ensured that we have implemented appropriate safeguards to ensure an adequate level of data protection.
Aerofiler employs a variety of administrative, physical, and technical security measures that are designed to protect your information against unauthorized access, loss, deletion, or modification (whether intentional or accidental). We also periodically review our security measures and consider how to improve them. Learn more about Aerofiler’s security practices.
We may make changes to this policy from time to time and post the changes to this page. If the changes we make reflect a material change in the way we process your personal data, we will provide you with at least 30 days’ notice by email before those changes become effective.
8. How to Contact Aerofiler
Aerofiler Pty Ltd
Attn: Privacy Officer
3 Spring St
Sydney NSW 2000
Email: privacy [at] aerofiler.com
Attn: Privacy Officer
50 Woodside Plaza, Suite 515
Redwood City, CA 94061
Email: privacy [at] aerofiler.com