This is the Privacy Policy of aincient B.V., domiciled in Amsterdam at Amstelkade 151-1, 1078 AW (hereafter referred to as “Aincient”, or “we”), containing a description of how we handle your personal data. The AI museum tool Cleo is a project of Aincient. We value your privacy, and illustrate how we protect your rights in this Privacy Policy.
1. Scope
This Privacy Policy applies to all personal data about you that is collected and used by Aincient when you visit our website, create a profile in Cleo, buy extra queries for Cleo or a subscription, perform searches in Cleo and save objects to My Collection, sign up for our newsletter, or participate in one of our receptions and events. Personal data are data that allow us to identify you as an individual, as set out below under “Personal data processed by us”.
2. Personal data processed by us
Depending on the type of services you use, or products you purchase, the personal data we collect and process about you include:
- Your contact details, such as name and email address.
- Your account details and (electronic) identification data, such as your Cleo account, purchased queries in Cleo, electronic identification data such as your IP or MAC address, as well as the data you have added to your account yourself (such as your username and password).
- Information related to the use of our online services or applications, such as the web pages you visit, the objects you save and/or export in Cleo, the products and services you are interested in, or the contents of your shopping cart.
- Information related to the products and services that you purchase/use from us, such as the knowledge that you have used a specific product or service. We will occasionally send you account related emails.
- The content of your communications with us, for example, when you contact us by email, phone, or otherwise.
- An image that you upload in Cleo. The image is only available for searches in your account and it will not be shared with other users. The uploaded image is stored in Cleo.
3. The purposes and legal basis for processing your personal data
Aincient collects and uses your personal data, which we do on the legal bases illustrated below. Insofar as Aincient already holds your personal data, these personal data will be used for the same purposes and on the same legal basis.
- Required for the execution of an agreement
Your personal data are collected and processed to handle your purchase of products and your request to provide services. We need to process this data in order to properly fulfill our obligations under purchase agreements you conclude with us. In addition, we process your personal data to handle any of your requests, complaints, or questions, related to the aforementioned purchase agreements. When you fail to provide us with the aforementioned necessary data, we will not be able to fulfill our obligations under the said purchase agreements, to handle your requests, complaints or requests related thereto. - Required to represent the legitimate interests of Aincient
We may use the aforementioned personal data to improve our products and services and to better understand and approach our visitors and relations. - Based on consent
To the extent necessary, we will ask for your consent to keep you informed about news or offers related to our products and services. You can withdraw your consent at any time. How you can do this is described below, under section 9. Withdrawal of your consent does not affect the lawfulness of processing based on your consent before the withdrawal. - Required to comply with a legal obligation
We may use your personal data to comply with applicable laws, to comply with requests from public bodies and authorities, or to cooperate with law enforcement.
4. Use of cookies
Our website and tool use cookies to improve usability, effectiveness, and security. Cookies are small text files on your computer that are stored by your browser. For more information about the use of cookies by Aincient, please refer to the Cookie Policy.
5. Who receives your personal data?
Only authorised employees of Aincient have access to your personal data to the extent necessary for the performance of their work at Aincient.
We will not disclose the personal data you have provided to us to third parties without your express prior consent, unless we are required to do so for the purposes set out under section 3. For example, we may pass on your personal data to suppliers/service providers for the execution of agreements we have concluded with you, such as payment processing. In addition, we may disclose your personal data to public authorities to comply with applicable legal obligations.
6. Transfer of your personal data
Unless otherwise stated, we process and store your personal data within the European Union. It may be that our service providers transfer your personal data to a country outside the European Economic Area (“EEA”) that does not offer the same level of protection under European law as the country where you normally use your products and/or services. In that case, we will take the necessary steps to ensure that your personal data are adequately protected, such as drafting standard EU contracts with parties outside the EEA.
7. Security
We take appropriate and reasonable security measures to protect your personal data against unauthorised access, modifications, disclosure, loss, or improper use, and to protect the accuracy and integrity of your personal data. In order to ensure a risk-adapted level of security, we implement technical and organisational measures, including security with regard to access to our systems.
8. How long do we keep your personal data?
We keep your personal data as long as necessary or permitted with respect to the objectives for which they were obtained, and as set out in this Privacy Policy. The criteria used to determine our retention periods include: (i) the period during which we have an ongoing relationship with you; (ii) whether there is a legal obligation we are subject to; and (iii) whether retention is desirable in light of our legal position (for example, in relation to the enforcement of general terms and conditions, lawsuits, or legal investigations).
9. What rights do you have with regard to your personal data and how can you exercise these rights?
Under the applicable laws and regulations, you have a number of rights with regard to your personal data, including:
- Right of access. At your request, we will provide you, free of charge, with information regarding the personal data we process about you.
- Right to rectification. At your request we will correct, supplement, block, or delete your personal data in the event that these are factually incorrect, incomplete, or irrelevant for the objective or objectives of the processing, or when these are processed in any other way that infringes a legal provision.
- Withdrawal of consent. You can withdraw your consent at any time for future processing by us of your personal data.
- Right to object. You have the right to object to the processing of your personal data.
- Right to restriction of processing. If applicable, you have the right to request a restriction on the processing of your personal data by Aincient. This means that your personal data may (temporarily) not be processed and changed.
- Right to erasure. When we are legally obliged to, we will delete your personal data without unreasonable delay (right to be forgotten).
- Right of opposition. If applicable, you have the right to object to the processing of your personal data based on, among other things, the basis of the “legitimate interest” of Aincient.
- Right to transfer data. If applicable, we will provide you with the personal data you have provided to us, so that these data can be transferred to another data controller, to the extent that this (data portability) is technically feasible.
- Right to file a complaint. Finally, you have the right to file a complaint with the supervisory authority if you believe that your personal data are being processed in violation of this Privacy Policy.
If you wish to exercise one of your rights, you can do so by using the contact information set out below.
10. Contact information
If you have any questions about this Privacy Policy, the way we process your personal data, or if you want to exercise any of the above rights, please contact Aincient using the contact information below:
Aincient
Amstelkade 151-1
1078 AW Amsterdam
cleo@aincient.org
This Privacy Policy is updated from time to time. This Privacy Policy enters into force in August 2018. The most recent version is published on cleo.aincient.org.