Legal
Privacy
Privacy Policy
Last Updated: 25 October 2024
1. Identity and Contact Details of the Data Controller
AniForm Engineering B.V.
Thermen 1
7521 PS Enschede
The Netherlands
Email: privacy@aniform.com
2. Purpose of Data Processing
We collect and process personal data for the following purposes:
| - |
Service Provision and Management: To deliver and manage our software products and engineering services, fulfil our contractual obligations with customers, facilitate effective communication and collaboration in providing these services, and handle payment processing. |
| - |
Customer and Inquiry Support: To respond to inquiries, provide technical support, and communicate with customers and interested parties. |
| - |
Product Updates and Communication: To inform customers and interested parties about updates and other relevant information regarding our software products. |
3. Legal Basis for Processing
We process personal data based on the following legal grounds:
| - |
Performance of a Contract: Processing is necessary for the performance of a contract with our customers or to take steps at their request prior to entering into a contract. |
| - |
Customer and Inquiry Support: Processing is necessary for our legitimate interests, such as managing our services, communicating with customers and interested parties, improving our products and services, and responding to inquiries and requests for information. |
| - |
Product Updates and Communication: For certain marketing communications, we rely on the consent of the individual. |
4. Mechanisms and Categories of Personal Data Collection
We collect personal data through the following mechanisms:
| - |
Receiving emails: Information sent directly to us via email, such as name, email address, and any other details you choose to include. |
| - |
Visits to our Websites (aniform.com and aniformcloud.com): We collect and store logs on our servers to ensure the proper functioning and security of our websites. These logs may include data such as IP addresses, browser types, and timestamps. This data cannot be directly linked to an individual. Logs are retained until they reach a certain size or quantity. |
| - |
Contact Forms: Information provided via contact forms on our websites, such as name, email address, and message content. We use CAPTCHA functionality on our webforms to ensure security and prevent automated submissions. |
| - |
Logged-in Users: For logged-in users of our websites, we collect logs containing information about user access, IP addresses, and their activity. These users typically use our software or services. Logs are retained until they reach a certain size or quantity. |
| - |
Transactions: Payment details (e.g., credit card information) when making payments for using our cloud service. |
| - |
Cookies: We use session login cookies on our websites for users with accounts to manage and maintain their sessions. These cookies are essential for the functionality of our website and services. They are temporary and are deleted when you log out. |
5. Processors of Personal Data
We may transfer personal data to the following categories of processors to perform their contractual obligations:
| - |
Service Providers: Third-party vendors who provide services essential to our operations. We have agreements in place with these service providers, which include clauses that outline confidentiality commitments and restrict data access to only what is necessary for service provision. |
| - |
Business Partners: Partners with whom we collaborate to deliver our products and services. We share information that is minimally required for them to perform their contractual obligations. We also have agreements in place with these partners that include confidentiality commitments and restrict data access to what is necessary. |
| - |
Legal and Regulatory Authorities: Entities as required by law or to protect our rights. |
6. Data Transfers
We may transfer personal data to countries outside the EU/EEA, depending on the location of our service providers. While we prefer service providers within the EU, this is not always possible. Our service providers may use geographically redundant backups to ensure continuity, which could involve processing data outside the EU/EEA. In such cases, we ensure appropriate safeguards, including GDPR-compliant agreements and Standard Contractual Clauses, to protect your data.
7. Data Retention
We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including maintaining business relationships, complying with legal, accounting, or reporting requirements. We periodically review the data to ensure it is not kept longer than necessary. For example:
| - |
Customer Data: Retained for the duration of the customer relationship and for an additional period for business continuity. |
| - |
Inquiry Data: Retained until the inquiry is resolved and for a reasonable period thereafter to facilitate future communications. |
| - |
Transaction Data: Retained for accounting and tax purposes according to legal requirements. |
You may request deletion of your personal data at any time, and we will process your request in accordance with applicable laws.
8. Security Measures
We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, regular security reviews, and restricted access to authorized personnel only.
9. Links to Other Websites
Our website may contain links to other websites that are not operated by us. We are not responsible for the privacy practices or the content of these third-party websites. We encourage you to review the privacy policies of any third-party websites you visit.
10. Automated Decision-Making and Profiling
We do not use automated decision-making or profiling.
11. Data Subject Rights
Under the GDPR, you have the following rights regarding your personal data:
| - |
Access: Request access to your personal data. |
| - |
Rectification: Correct inaccurate or incomplete data. |
| - |
Erasure: Request deletion of your data under certain conditions. |
| - |
Restriction: Request restriction of processing under certain circumstances. |
| - |
Portability: Receive your data in a machine-readable format and transmit it to another controller. |
| - |
Objection: Object to processing in certain situations, including direct marketing. |
| - |
Withdraw Consent: Withdraw consent at any time if processing is based on consent. |
| - |
Complaint: Lodge a complaint with a supervisory authority. |
To exercise these rights, contact us at privacy@aniform.com.
12. Changes to the Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other reasons. When we make changes, we will update the "Last Updated" date at the top of this Privacy Policy.
