Privacy Policy for Aatos.app service
DATA CONTROLLER
Aatos Legal Technology Ltd (2901500-3) Lapinlahdenkatu 16 00180 Helsinki Finland
1. GENERAL
The privacy policy applies to the Aatos.app internet service ("Aatos"). Updated on 1st September 2023.
2. CONTRACT FOR PERSONAL DATA PROCESSING
With respect to personal data entered by the user themselves into the Aatos account document database or signature database, the user is deemed to be the data controller and Aatos the data processor. Aatos cannot view, edit, or delete document content or electronic signatures on a user's account without separate authorisation given by the user or a legal obligation. The user is responsible for ensuring that they have the right to process the personal data entered into the service when creating the document content.
3. PURPOSES AND BASIS FOR PROCESSING PERSONAL DATA
Personal data is used to identify Aatos users and fulfil contracts between Aatos.app and its users. Personal data is used in Aatos.app user bulletins, user statistics, service development and marketing. Processing of personal data is based on the service agreement entered into with Aatos at the time of registration. The processing of personal data can also be based on separate service agreements made with users after registration.
4. PROCESS OF PERSONAL DATA
We process one or more of the following personal data of the user: First name, last name, date of birth, personal ID, address, phone number, email address, kinship information, data on assets, debts and receivables, signature, data obtained from authorities, personal data apparent from documents added to the service, technical data collected by cookies, technical data collected on the use of the service, and payment data.
5. DATA SOURCES
Personal data is collected directly from the user, from information added by the user or through cookies used by the user. Personal data may also be added by another user of the service. In these cases, the user must primarily contact the user who added the data.
6. PERSONAL DATA PROCESSORS
Access to personal data is available only to individuals who have a basis for accessing personal data due to their work or duties. These individuals are obliged by the confidentiality agreement.
Personal data may be transferred outside of the European Union or the European Economic Area for technical reasons. The precondition for the transfer is that the European Commission has verified the data protection level in the destination country to be adequate or the party receiving the data outside the European Union has committed to adequate data protection measures as required by data protection legislation.
7. STORAGE PERIOD OF PERSONAL DATA
Personal data is mainly stored as long as the user has a user account in Aatos. Account removal can be requested from customer service. In certain situations, accounts that have been inactive for a long time may be removed. Before removing an inactive account, Aatos will first contact the user before any potential deletion measures.
8. PROTECTION OF PERSONAL DATA
Aatos has appropriate technical, organizational and administrative data security procedures in place to protect all data in our possession from loss, misuse, unauthorised access, disclosure, alteration and destruction.
9. DISCLOSURE OF PERSONAL DATA
We may disclose your personal data to other parties, such as authorities, goods and service providers, payment service providers, and business partners. We always ensure that relevant confidentiality obligations are adhered to before disclosing the information.
10. RIGHTS OF THE DATA SUBJECT
For matters related to the rights of the data subject, the user can contact by email at hello@aatos.app. Aatos is not responsible for the document content or electronic signatures produced by its users on their user accounts. For reasons of trust, Aatos does not examine these materials and Aatos cannot extend the measures below to personal data that may be contained in the content on user accounts. The data subject has the following rights: right to access and inspect information, right to rectification and deletion, right to restrict processing, right to object, and right to lodge a complaint.
11. CONTACTING AATOS OR DATA PROTECTION AUTHORITY
If you have any questions about the privacy statement, you can contact Aatos Customer Service.
