AeraVision Privacy Policy
Effective date: 13 July 2025
Your privacy matters to us. This Privacy Policy explains how AeraVision (“AeraVision”, “we”, “us”, “our”) collects, uses, shares and protects personal data when you visit our websites, use our Proactive Market Intelligence platform or otherwise interact with us.
1. Who we are (Data Controller)
AeraVision
privacy@aeravision.com
If you are located in the United Kingdom, our Article 27 GDPR representative is privacy@aeravision.com. For California residents, we are a “business” under the CCPA/CPRA.
2. What data we collect
| Category | Examples | Source / table reference |
|---|---|---|
| Account & authentication | Name, email, password, role, company affiliation | users |
| Subscription & billing | Plan, number of users, payment IDs | plans, companies |
| Workspace content you upload | Internal docs, comments, battle-cards | documents, intelli_docs, comments |
| Competitive / market signals (public) | Social posts, job ads, news, reviews | competitor_social_posts, competitor_job_postings, reviews |
| Contact & CRM records | Prospect name, email, phone, notes | contacts, crm_activities |
| Usage & device info | IP, browser, pages viewed, cookies | analytics logs |
No special-category data (e.g., health, political opinions) is intentionally collected.
3. Why we process your data & legal bases (GDPR)
| Purpose | Legal basis |
|---|---|
| Provide and secure the Platform, create user accounts | Contract (Art. 6 (1)(b)) |
| Personalise dashboards, newsletters & AI summaries | Legitimate interest (Art. 6 (1)(f)) |
| Respond to inquiries, provide support | Contract; legitimate interest |
| Improve features, train AI models (non-identifiable data) | Legitimate interest |
| Marketing emails about similar services | Legitimate interest (opt-out anytime) |
| Comply with legal obligations (tax, security) | Legal obligation (Art. 6 (1)(c)) |
| With your consent (e.g., non-essential cookies, testimonials) | Consent (Art. 6 (1)(a)) |
4. How we use AI & automated decision-making
Our platform employs large-language models and autonomous agents to collect publicly available web data, generate relevance scores, summaries and battle-cards, and suggest actions. Outputs are assistive; no automated decisions produce legal or similarly significant effects on individuals without human review.
5. Cookies & tracking technologies
- Strictly necessary cookies – session management, security.
- Analytics cookies – aggregate usage statistics (Matomo self-hosted).
- Marketing cookies – only with consent.
A cookie banner appears on first visit; preferences can be changed any time via the “Cookie Settings” link in the footer.
6. Sharing & disclosure
We never sell personal data. We share it only with:
- Service providers (cloud hosting, email delivery, payment, analytics) under DPA-compliant contracts.
- Integration partners you authorise (e.g., Slack, Salesforce).
- Public bodies or courts when required by law.
- Affiliates & acquirers in case of a corporate transaction (with notice to you).
7. International transfers
Data may be processed outside the EEA/UK (e.g., USA). We rely on adequacy decisions, Standard Contractual Clauses (SCCs 2021/914/EU) and supplementary measures, plus intra-group agreements.
8. Data retention
| Data set | Typical retention period |
|---|---|
| Account data | While account active + 3 years |
| Workspace content | Until you delete it or 90 days after subscription ends |
| CRM & contact data | Active relationship + 2 years |
| Logs & analytics | 12 months (anonymised thereafter) |
We may retain data longer where required by tax, accounting or legal obligations.
9. Security
- ISO 27001-aligned controls
- Encryption in transit (TLS 1.3) & at rest (AES-256)
- Role-based access controls and audit logs
- Annual penetration tests
10. Your rights
EEA/UK/Swiss residents – access, rectification, erasure, restriction, portability, objection and right to lodge a complaint with your supervisory authority.
California residents – right to know, delete, correct, opt-out of sharing for cross-context behavioural advertising, limit use of sensitive personal information.
Submit requests at privacy@aeravision.ai or +[phone]. We will verify your identity and respond within the statutory timeframe.
11. Children
Our services are not directed to children under 16. We do not knowingly collect such data.
12. Third-party links
The Platform may contain links to sites we do not control. Please review their privacy notices.
13. Changes to this Policy
We may update this Policy from time to time. Material changes will be notified via email or in-app message at least 30 days before they take effect. Continued use after the effective date constitutes acceptance.
14. Contact us
Questions, concerns or requests?
Email: privacy@aeravision.com
Last updated: 13 July 2025
