Introduction

The following privacy notice was written on the 15th of October 2019 and it will be reviewed and updated periodically according all applicable laws and regulations.

The purpose of this Privacy Notice is to easily inform you regarding:

1. Definitions according to the GDPR policy/regulations
2. What personal data may Aurus collect about you
3. How your personal data are processed by Aurus
4. Purposes and legal basis of the processing
5. Any disclosure of your personal data to third parties
6. Which are your rights and how can you effectively exercise them
7. Children – you must be over 13 years old
8. What security precautions does Aurustake to protect you
9. Privacy Notice changes
10. Information concerning Data Protection Supervisory Authority

1. Definitions according to the GDPR:
   NSAPDP – The National Supervisory Authority for Personal Data Processing
   Personal data – any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
   Processing – any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
   Restriction of processing – the marking of stored personal data with the aim of limiting their processing in the future;
   Controller – the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by the European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
   Processor – Ta natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
   Recipient – a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with the European Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
   Consent of the data subject – any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. What personal data may Aurus collect about you

   Personal data collected by Aurus may include data such:

   1. Email address, when you provide it to us;
   2. Technical standard Internet logs information which may include: your IP address, information about your computer or device used to access www.aurus.io (type and brand of your device, Operating System type and version, browser type etc.);www.aurus.io (type and brand of your device, Operating System type and version, browser type etc.);
   3. Aggregated statistical data such as: the city from where your traffic is coming from, customer demographics or interests and behavior. These data may reveal from your activity on our website;
3. How your personal data are processed by www.aurus.iowww.aurus.io

   Your personal data may be collected by Aurus in two ways:

   1. When you voluntarily provide such information to us (example: when you contact us with inquiries, when you choose to register to our newsletter etc.).
   We use the email address that you provide to us to periodically send you relevant information about our services, offers and activities.
   As a result, only with your prior consent, we may process for marketing purposes (e.g. e-newsletter) your personal data (email address) that you have provided to us.
   Please note that you can choose at any time to withdraw your consent by contacting us at team@aurus.io.Please note that you can choose at any time to withdraw your consent by contacting us at team@aurus.io.
   2. Technical standard Internet logs information which may include: your IP address, information about your computer or device used to access www.aurus.io (type and brand of your device, Operating System type and version, browser type etc.);www.aurus.io (type and brand of your device, Operating System type and version, browser type etc.);
   Based on your activity on our website, we collect standard Internet logs information and details of visitor behavior patterns, using a third-party service, Google Analytics.
   Your personal data may be collected by Aurus in two ways:
   This research may be compiled and analyzed on an aggregate basis.
   This aggregate information does not identify you personally. This information is gathered and expressed in a summary form for purposes such as statistical analysis.
   According to the Google Analytics policy “Google Analytics is a simple, easy-to-use tool that helps website owners measure how users interact with website content. As a user navigates between web pages, Google Analytics provides website owners JavaScript tags (libraries) to record information about the page a user has seen, for example the URL of the page. The Google Analytics JavaScript libraries use HTTP Cookies to “remember” what a user has done on previous pages / interactions with the website.”
   If you want to know more about Google Analytics features they have a special article regarding Information for Visitors of Sites and Apps Using Google Analytics.here.
   All data collected automatically will be used to administer or to improve our services and our website.
   We are doing this to know things such as: how many visitors we have on our website, the number of visitors to the various parts of the site, what version of our website have to be displayed to you (mobile/desktop) depending on the device used to access our website.
   All the collected personal data mentioned above are stored on our servers and we strongly ensure you that we have taken high security measures to respect the provisions of the Regulation no. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR.

   We will keep:

   1. any information that you provide to us (such as e-mail for newsletter) until such time as you request to unsubscribe or to delete them.
   2. technical standard internet log information until the end of your session.
   3. aggregated data according to our Cookie Policy*

   WHAT THAT MEANS

   We map and document data streams performed by third parties. You can configure your consent for identifying and processing data on our website.

4. Purposes and legal basis of the processing

   All the information that we collect about you are processed for the following purposes:

   1. we use the email address that you provide to us to constantly send you relevant information about our services, offers and activity.

   Your e-mail address is processed by Aurus on the legal basis stipulated in art. 6 para. 1 letter a) of GDPR – the data subject’s consent.

   Please note that you can choose at any time to withdraw your consent by contacting us at team@aurus.io.

   2. we process your technical standard internet login information, as defined above, because some of them are essential for our website to be functional while other help us to offer you the best experience on our website, including all the content as it is available on the website.

   Your technical data is processed by Aurus on the legal basis stipulated in art. 6 para. 1 letter f) of the GDPR which allows us to process personal data when its necessary for the purpose of our legitimate interests – website functionality.

   3. we process aggregated statistic data as defined above, using Google Analytics, to improve our services on our website.

   The aggregated statistic data are processed by Aurus on the legal basis stipulated in art. 6 para. 1 letter a) of GDPR – the data subject’s consent.

   Please note that you can choose at any time to withdraw your consent by contacting us at team@aurus.io.

5. Any disclosure of your personal data to third parties

   Our employees:

   Our employees have access to your personal data. They have been trained to respect the confidentiality of your personal data.

   Business development:

   We are trying to do the best in our industry so sometimes we may choose to collaborate with other companies to perform certain business-related functions such as hosting or Google Analytics’ features. In this case we will provide them only with the information that they need to perform their specific function.

   We use:

   1. for Cloud Services : Amazon Web Services – if you want to know more about their privacy policy you can find it here.
   2. for delivering e-newsletter: MailChimp – if you want to know more about their privacy policy you can find it here.
   3. for monitoring the website activity: Google Analytics – if you want to know more about their privacy policy you can find it here.

   Legal Requirements:

   Your personal data may be communicated to governmental authorities and/or law enforcement agencies if required by the applicable law.

6. Which are your rights and how can you effectively exercise them?

   Aurus, as a controller, ensures technical and organizational measures to be sure that your rights (as a data subject) are respected:

   Right of access - You have the right to obtain the confirmation as to whether or not personal data concerning you are being processed by us, and, where that is the case, access to your personal data and information on how they are processed.
   Right to data portability - You have the right to receive some of your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and you have also the right to transmit those data to another controller without hindrance from us, where technically feasible.
   Right to object – You have the right to object to processing of your personal data, when processing is necessary for the performance of a task carried out in the public interest or for the purposes of the legitimate interests pursued by us. You have the right to object at any time if your personal data are being processed for direct marketing purposes.
   Right to rectification – You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. The rectification shall be communicated to each recipient to whom the data was sent unless this proves impossible or involves disproportionate (demonstrable) efforts.
   Right to erasure(‘right to be forgotten’) – You have the right to obtain from us the erasure of personal data concerning you without undue delay and we have the obligation to erase your personal data without undue delay where one of the following grounds applies: your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraws consent on which the processing is based and there is no other legal ground for the processing; you objects to the processing and there are no overriding legitimate grounds for the processing; your personal data have been unlawfully processed; your personal data have to be erased for compliance with a legal obligation; your personal data have been collected in relation to the offer of information society services.
   Right to restriction of processing – You have the right to obtain from us restriction of processing where one of the following applies: you contest the accuracy of your personal data, for a period enabling us to verify the accuracy of your personal data; the processing is unlawful and you oppose the erasure of your personal data and request the restriction of their use instead; we no longer need your personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; you has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.

   The processing of personal data obtained through the website www.aurus.io is carried out in compliance with the provisions of GDPR.

   For any information or requests in accordance with your rights, please contact us at the following email address: team@aurus.io.

   You, as a visitor and user, have plenty of rights. Here, we inform you about them.

7. Children

   Aurus does not collect any Personal Data from individuals under the age of 18. So, if you are under 18 please do not submit to us any Personal Data.

8. What security precautions does Aurus take to protect you?

   We have assumed the responsibility to implement proper technical and organizational measures regarding the protection of privacy and security of your personal data. We have taken all reasonable measures to protect your Personal Data from damage, loss, misuse, unauthorized access, alteration, destruction or disclosure, as following:

   1. Users who have access to the filing system are only those nominated by Aurus, each of whom accesses the system with their own account name and password.
   2. All employees, collaborators and service providers of Aurus who are in contact with personal data must act in accordance with the principles and policies relating to processing of personal data by signing declarations and confidentiality agreements regarding such data.
   3. All users are required to keep confidential the data they have access to, and at each end session in the database they will close the session. If one or more users are revoked for various reasons, access accounts are suspended automatically.
   4. Users access personal data only for the fulfillment of their service duties and only in accordance with the stated purpose of data collection.
   5. Computers from which the filing system is accessed are password-protected and have antivirus, antispam and firewall security updates.
   6. Personal data is printed only by authorized users for this operation and only for purposes required by legislation in force.

   Please also select carefully what personal data do you choose to submit thinking that internet or e-mails aren’t fully secure, an unhappy event can be caused by an error.

9. Changes to the privacy policy

   Thinking that we are continually developing we are sure that our platform will have new features soon.

   When appropriate our Privacy Notice will be updated.

   In order to keep you informed, we will always publish the latest version of the Privacy Notice on our website.

   We want to ensure you that the way in which we collect and process your personal data is in accordance with the provisions of the GDPR.

   If you have any questions about our Privacy Policy, please contact to us at: team@aurus.io.

10. Information concerning Data Protection Supervisory Authority

    If you consider that your rights provided by Regulation no. 679/2016 have been violated, you have the possibility to address directly to us or to our Data Protection Supervisory Authority: UK Information Commissioner’s Office, by submitting a complaint.

    Contact details of the authority:

    Link for compliances: https://ico.org.uk/concerns

    Contact link: https://ico.org.uk/global/contact-us/

    Website: https://ico.org.uk/concerns

    Link for compliances: https://ico.org.uk

    Address:

    Information Commissioner’s Office
    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF