Get 10% off your first eSIM!
AetopOne

Menu

DestinationsHelpResourcesAetopOne PrimeDownload AppAbout Us
Language & Currency

Data Policy & Privacy

We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your personal information.

PRIVACY POLICY

Last updated: August 25, 2025

This Privacy Notice for Studio 073X e.K. (doing business as AetopOne) ("we," "us," or "our"), describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

  • Visit our website at https://www.aetopone.com or any website of ours that links to this Privacy Notice
  • Download and use our mobile application (AetopOne), or any other application of ours that links to this Privacy Notice
  • Use AetopOne. AetopOne is a global eSIM store making international connectivity more accessible via eSIM technology. AetopOne offers travelers data, voice, and text packs in many countries, reducing the need for physical SIM cards. AetopOne's services include offering a variety of eSIM data, voice, and text packs from around the world, which can be purchased and used immediately on any eSIM compatible device, allowing seamless connectivity.
  • Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at legal@aetopone.com.

SUMMARY OF KEY POINTS

This summary provides key points from our Privacy Notice, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. Learn more about personal information you disclose to us.

Do we process any sensitive personal information? Some of the information may be considered "special" or "sensitive" in certain jurisdictions, for example your racial or ethnic origins, sexual orientation, and religious beliefs. We do not process sensitive personal information.

Do we collect any information from third parties? We may collect information from public databases, marketing partners, social media platforms, and other outside sources. Learn more about information collected from other sources.

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information.

In what situations and with which parties do we share personal information? We may share information in specific situations and with specific third parties. Learn more about when and with whom we share your personal information.

How do we keep your information safe? We have adequate organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Learn more about how we keep your information safe.

What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. Learn more about your privacy rights.

How do you exercise your rights? The easiest way to exercise your rights is through our mobile application (Settings → Account → Request My Data) or by visiting https://www.aetopone.com/request-data for detailed instructions. You can also contact us directly. We will consider and act upon any request in accordance with applicable data protection laws.

Want to learn more about what we do with any information we collect? Review the Privacy Notice in full.

TABLE OF CONTENTS

  1. WHAT INFORMATION DO WE COLLECT?
  2. HOW DO WE PROCESS YOUR INFORMATION?
  3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
  4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
  5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
  6. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?
  7. HOW DO WE HANDLE YOUR SOCIAL LOGINS?
  8. HOW LONG DO WE KEEP YOUR INFORMATION?
  9. HOW DO WE KEEP YOUR INFORMATION SAFE?
  10. WHAT ARE YOUR PRIVACY RIGHTS?
  11. CONTROLS FOR DO-NOT-TRACK FEATURES
  12. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
  13. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?
  14. DO WE MAKE UPDATES TO THIS NOTICE?
  15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
  16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
  17. ARTICLES AND CONTENT INTERACTIONS
  18. SUPPORT CHAT SYSTEMS AND CUSTOMER SERVICE DATA
  19. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You

The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

  • names
  • email addresses
  • passwords
  • usernames
  • billing addresses
  • country of residence

Sensitive Information

We do not process sensitive information.

Payment Data

We may collect data necessary to process your payment if you choose to make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is handled and stored by Stripe. You may find their privacy notice link(s) here: https://stripe.com/en-de/privacy.

Social Media Login Data

We may provide you with the option to register with us using your existing social media account details, like your Facebook, X, or other social media account. If you choose to register in this way, we will collect certain profile information about you from the social media provider, as described in the section called "HOW DO WE HANDLE YOUR SOCIAL LOGINS?" below.

Application Data

If you use our application(s), we also may collect the following information if you choose to provide us with access or permission:

Mobile Device Data: We automatically collect device information (such as your mobile device ID, model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, and Internet Protocol (IP) address (or proxy server). If you are using our application(s), we may also collect information about the phone network associated with your mobile device, your mobile device's operating system or platform, the type of mobile device you use, your mobile device's unique device ID, and information about the features of our application(s) you accessed.

Push Notifications: We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.

This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.

eSIM Service Data

As an eSIM telecommunications service provider, we collect additional data specific to our services:

eSIM Profile Information:

  • ICCID (Integrated Circuit Card Identifier) numbers
  • eSIM activation status and timestamps
  • QR code generation and usage logs
  • LPA (Local Profile Assistant) activation data

Network and Usage Data:

  • Network operator partnerships and coverage areas
  • Data usage statistics and patterns
  • Connection quality and performance metrics
  • Roaming and international usage data
  • Network authentication logs

Device and Compatibility Information:

  • eSIM capability verification
  • Device model and eSIM support status
  • Operating system versions for compatibility
  • Network frequency band support
  • Multiple eSIM slot information (where applicable)

This eSIM-specific data is essential for:

  • Providing reliable telecommunications services
  • Ensuring device compatibility
  • Optimizing network performance
  • Complying with telecommunications regulations
  • Preventing fraud and unauthorized usage

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Notice: https://www.aetopone.com/en/legal/cookie-policy.

The information we collect includes:

  • Log and Usage Data: Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called "crash dumps"), and hardware settings).

  • Device Data: We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.

  • Location Data: We collect location data such as information about your device's location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. However, if you choose to opt out, you may not be able to use certain aspects of the Services.

Google API

Our use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Information collected from other sources

In Short: We may collect limited data from public databases, marketing partners, social media platforms, and other outside sources.

In order to enhance our ability to provide relevant marketing, offers, and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and from other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for purposes of targeted advertising and event promotion.

If you interact with us on a social media platform using your social media account (e.g., Facebook or X), we receive personal information about you from such platforms such as your name, email address, and gender. You may have the right to withdraw your consent to processing your personal information. Learn more about withdrawing your consent. Any personal information that we collect from your social media account depends on your social media account's privacy settings. Please note that their own use of your information is not governed by this Privacy Notice.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We process the personal information for the following purposes listed below. We may also process your information for other purposes only with your prior explicit consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

  • To facilitate account creation and authentication and otherwise manage user accounts: We may process your information so you can create and log in to your account, as well as keep your account in working order.

  • To deliver and facilitate delivery of services to the user: We may process your information to provide you with the requested service.

  • To respond to user inquiries/offer support to users: We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.

  • To send administrative information to you: We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.

  • To fulfill and manage your orders: We may process your information to fulfill and manage your orders, payments, returns, and exchanges made through the Services.

  • To enable user-to-user communications: We may process your information if you choose to use any of our offerings that allow for communication with another user.

  • To save or protect an individual's vital interest: We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.

Additional processing purposes:

  • IP Address: Tax Calculation
  • Tax Country: Tax Calculation

eSIM-Specific Processing:

  • To provision and activate eSIM profiles: We process your information to generate, deliver, and activate eSIM profiles for your devices
  • To manage network partnerships: We process your information to coordinate with our network operator partners worldwide
  • To monitor service quality: We process usage and performance data to ensure reliable telecommunications services
  • To comply with telecommunications regulations: We process your information as required by telecommunications authorities in various jurisdictions
  • To prevent telecommunications fraud: We process your information to detect and prevent SIM swapping, cloning, and other fraudulent activities
  • To optimize network performance: We process connection and usage data to improve service quality and coverage

Marketing Communications and Email Service Providers (Brevo)

We use Brevo (formerly Sendinblue) to deliver certain transactional and marketing emails. We only send marketing emails where allowed by applicable law and where you have provided the required consent (opt-in). You can unsubscribe at any time using the link included in all marketing emails or by contacting us. We configure contacts to receive transactional-only communications until consent is provided and verified (double opt-in for web subscribers). Email delivery is managed by Brevo under a GDPR-compliant data processing agreement.

Data processed for email delivery may include: your email address, subscription status (e.g., verified, consent granted), and minimal metadata needed for delivery and troubleshooting. We do not sell your data, and we do not share personal information for advertising purposes.

Legal Bases for Processing (EEA/UK/Switzerland)

Where GDPR or similar laws apply, we rely on the following legal bases:

  • Performance of a contract: to provide and support our eSIM services, including provisioning and activation.
  • Legitimate interests: to secure our Services; prevent fraud; improve the Services; and communicate strictly service-related messages.
  • Consent: for optional features such as marketing emails and certain cookies/analytics where required by law. You can withdraw consent at any time.
  • Compliance with legal obligations: to meet tax, accounting, telecom, and other regulatory requirements.

3. NETWORK PARTNER DATA SHARING

In Short: We do not share your personal information with network operator partners like Airalo. We only share the minimum technical data required for eSIM service delivery, and this does not include personal user information.

As an eSIM service provider, we must share specific technical information with our network operator partners to deliver telecommunications services, but we do not share any personal user data:

Data Shared with Network Partners

Essential Service Data Only:

  • ICCID and eSIM profile identifiers (technical identifiers, not personal)
  • Device authentication credentials (encrypted, non-personal)
  • Network access authorization tokens (technical, non-personal)
  • Basic subscription and plan information (service level, not user details)

What We Do NOT Share:

  • Personal information (names, emails, addresses, phone numbers)
  • User account details or login credentials
  • Payment information or billing details
  • Location data or usage patterns
  • Any data that could identify individual users

Network Partner Privacy Protections

  • No personal data sharing: We never share personal user information with network partners
  • Technical data only: Only non-personal, technical data required for service delivery
  • Contractual protections: All network partners are bound by strict data protection agreements
  • Purpose limitations: Partners may only use technical data for telecommunications service delivery
  • Retention limits: Partners must delete technical data when services are terminated

Your Rights Regarding Network Partner Data

  • You can request information about which network partners have access to technical data
  • You can request confirmation that no personal data is shared with partners
  • You can file complaints about network partner data handling practices
  • Your personal information remains completely protected and never shared

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following third parties.

We may need to share your personal information in the following situations:

  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

  • Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Notice. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.

  • Business Partners: We may share your information with our business partners to offer you certain products, services, or promotions.

  • Other Users: When you share personal information or otherwise interact with public areas of the Services, such information may be viewed by all users and may be publicly made available outside the Services in perpetuity.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice: https://www.aetopone.com/cookies.

6. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?

In Short: We offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies, including AI-generated social media content and automated posting systems.

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies (collectively, "AI Products"). These tools are designed to enhance your experience and provide you with innovative solutions, including automated social media content generation and posting.

Use of AI Technologies

We provide the AI Products through third-party service providers ("AI Service Providers"), including OpenAI and other AI technology companies. However, we do not share your personal information with these AI systems. AI-generated content is created using only publicly available industry information and trends, not user data.

Our AI Products

Our AI Products are designed for the following functions:

  • Natural language processing for content generation and analysis
  • Automated social media content creation for platforms like X.com
  • Intelligent content scheduling and optimal posting time analysis
  • AI-powered content moderation and filtering
  • Automated content curation and industry trend analysis
  • Smart content adaptation for different social media platforms

AI-Generated Social Media Content

Content Generation Process:

  • AI systems analyze publicly available industry trends and information to generate social media posts
  • Content is automatically scheduled and posted across various social media platforms
  • AI-generated content may include text, hashtags, and content recommendations
  • All content undergoes human review and quality assurance before publication

Data Processing for AI Content:

  • We process only publicly available industry information and trends
  • AI systems do not access or process your personal information
  • Content generation is based on aggregated, anonymized industry data
  • No individual user data is used to personalize AI-generated content
  • Your personal information is never shared with AI systems or used for content generation

Automated Social Media Posting

Posting Automation Features:

  • Automated scheduling based on AI-analyzed optimal posting times
  • Multi-platform content distribution and adaptation
  • Intelligent hashtag and content optimization
  • Automated content performance tracking and analytics

Privacy and Data Protection:

  • Automated posting systems do not access your personal social media accounts
  • We do not collect or store your social media passwords or private content
  • Automated content is posted only to our official company social media accounts
  • Your social media interactions with our content are governed by platform privacy policies
  • No user data is processed or analyzed by AI systems for posting automation

How We Process Your Data Using AI

Important: We do not process your personal information using AI systems. AI-generated content and automated posting are based solely on publicly available industry information and do not involve user data processing.

AI Data Processing Safeguards:

  • AI systems do not have access to user personal information
  • AI-generated content does not include or reveal personal user information
  • We maintain full control over what data is shared with AI systems
  • AI processing follows GDPR and other applicable privacy regulations
  • User data is completely isolated from AI content generation systems

Your Rights Regarding AI Products

AI Content Controls:

  • You can opt-out of AI-generated content recommendations
  • You have the right to request information about AI data processing
  • You can report concerns about AI-generated content accuracy
  • You can request human review of AI-generated content decisions

Data Processing Rights:

  • You can request confirmation that your data is never shared with AI systems
  • You have the right to object to any future AI processing of your personal information
  • You can file complaints about AI system data handling practices
  • Your personal information is never used for AI training or content generation

7. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

In Short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you.

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or X logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, profile picture, as well as other information you choose to make public on such social media platforms.

We will use the information we receive only for the purposes that are described in this Privacy Notice or that are otherwise made clear to you on the relevant Services. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their Privacy Notice to understand how they collect, use, and share your personal information, and how you can set your privacy preferences on their sites and apps.

8. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this Notice will require us keeping your personal information for longer than the period of time in which users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

10. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your state of residence in the US or in some regions, such as the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, you have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your account at any time, depending on your country, province, or state of residence.

In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right:

  1. to request access and obtain a copy of your personal information
  2. to request rectification or erasure
  3. to restrict the processing of your personal information
  4. if applicable, to data portability
  5. not to be subject to automated decision-making

If a decision that produces legal or similarly significant effects is made solely by automated means, we will inform you, explain the main factors, and offer a simple way to request human review. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below.

We will consider and act upon any request in accordance with applicable data protection laws. If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your Member State data protection authority or UK data protection authority.

If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

Withdrawing your consent

If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below or updating your preferences.

However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

Opting out of marketing and promotional communications

You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can:

  • Log in to your account settings and update your user account.

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

Cookies and similar technologies

Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. For further information, please see our Cookie Notice: https://www.aetopone.com/en/legal/cookie-policy.

If you have questions or comments about your privacy rights, you may email us at legal@aetopone.com.

15. ARTICLES AND CONTENT INTERACTIONS

Content Engagement Data

When you interact with articles, blog posts, and educational content on our Services, we may collect:

  • Reading behavior: Which articles you view, how long you spend reading, and your navigation patterns
  • Interaction data: Likes, comments, and sharing activities
  • Content preferences: Topics and categories you engage with most
  • Feedback data: Comments, ratings, and other user-generated content

User-Generated Content

When you post comments or interact with content:

  • Comment content: Your written feedback, questions, and responses
  • Interaction metadata: Timestamps, article context, and user identification
  • Moderation data: Content review status and any moderation actions taken
  • Community engagement: How other users interact with your contributions

Data Processing Purposes

We process this information to:

  • Improve content: Analyze engagement patterns to create better articles and resources
  • Personalize experience: Recommend relevant content based on your interests
  • Community safety: Moderate content to maintain a respectful environment
  • Service optimization: Understand what content is most valuable to our users

Data Retention

  • User interactions: Retained for the duration of your account plus 2 years
  • Comments: Retained for 5 years or until content removal is requested
  • Analytics data: Aggregated and anonymized after 3 years
  • Moderation records: Retained for 7 years for compliance and safety purposes

Your Rights

You have the right to:

  • Access your interactions: View all your comments, likes, and engagement history
  • Edit or delete: Modify or remove your comments and interactions
  • Data portability: Export your content engagement data
  • Anonymization: Request that your interactions be anonymized while preserving content

Third-Party Sharing

We do not share your content interaction data with third parties except:

  • Service providers: Analytics and moderation tools (under strict data protection agreements)
  • Legal requirements: When required by law or to protect our rights and safety
  • Aggregated insights: Anonymous, statistical data for industry research

18. SUPPORT CHAT SYSTEMS AND CUSTOMER SERVICE DATA

Support Chat Services Overview

Our Services include multiple support chat systems that collect and process information to provide customer assistance:

  • AI-Powered Support Chat (Mobile App): OpenAI-powered chatbot for instant support
  • Brevo Live Chat Widget (Web): Real-time human support chat for website users
  • Support Ticket System: Integrated ticketing for complex issues requiring escalation

Data Collected in Support Chats

Chat Conversation Data:

  • Messages and responses exchanged during support conversations
  • Timestamps of chat sessions and individual messages
  • Chat session duration and interaction patterns
  • File attachments shared during troubleshooting

User Identification Data:

  • Email address and name (if provided during chat)
  • Account information (if user is logged in)
  • Device and browser information for technical support
  • IP address for security and fraud prevention

Support Context Data:

  • Issue category and description
  • Product or service being discussed
  • Previous support history and ticket references
  • User preferences and communication style

AI-Powered Support Chat Data Processing

OpenAI Integration:

  • Chat content is processed by OpenAI's language models for response generation
  • No personal user data is shared with OpenAI beyond chat content
  • Chat conversations are logged for service improvement and quality assurance
  • AI responses are generated based on chat context, not user profiling

Data Security Measures:

  • All chat data is encrypted in transit and at rest
  • Personal information is not used for AI training or model improvement
  • Chat logs are stored securely with access limited to authorized personnel
  • Data retention follows strict privacy and security protocols

User Privacy Protections:

  • Users can request deletion of their chat history
  • Chat data is not used for marketing or advertising purposes
  • Users can opt-out of AI chat and request human support instead
  • No personal data is shared with third parties except OpenAI for chat processing

Brevo Live Chat Widget Data Processing

Brevo Service Integration:

  • Chat widget is hosted and managed by Brevo
  • Chat conversations are stored on Brevo's secure servers
  • Brevo processes chat data for widget functionality and support agent access
  • All data processing is governed by strict data protection agreements

Data Handling by Brevo:

  • Chat conversations are encrypted and secure
  • Personal information shared during chat is protected
  • Chat logs are accessible only to authorized support personnel
  • Data retention follows our privacy policy and GDPR requirements

User Control and Transparency:

  • Users can access their chat history through our support portal
  • Users can request deletion of chat data from Brevo systems
  • Users can opt-out of chat analytics and improvement features
  • Chat data is never used for marketing or third-party purposes

Support Ticket System Data

Ticket Creation and Management:

  • Support tickets are created from chat escalations or direct submissions
  • Each ticket includes relevant chat history and user information
  • Tickets are categorized and prioritized based on issue type and urgency
  • Support agents have access to full conversation history for context

Data Retention and Access:

  • Support tickets are retained for service quality and compliance purposes
  • Ticket data is accessible only to authorized support personnel
  • Personal information is anonymized after ticket resolution
  • Data retention follows GDPR and other applicable regulations

Third-Party Service Providers

OpenAI (AI Chat Processing):

  • Processes chat content for AI response generation
  • Bound by strict data protection agreements
  • Does not retain or use chat data for other purposes
  • Implements industry-standard security measures

Brevo (Live Chat Hosting):

  • Hosts and manages live chat widget functionality
  • Stores chat conversations securely on their servers
  • Bound by GDPR-compliant data processing agreements
  • Provides chat analytics and support agent tools

Slack (Chat Management and Logging):

  • All support chat conversations are managed and logged via Slack
  • Support team members access chat logs through secure Slack channels
  • Chat data is stored in Slack's secure infrastructure
  • Slack access is restricted to authorized support personnel only
  • Chat logs in Slack are retained according to our data retention policies

Data Protection Agreements:

  • All third-party services are bound by strict data protection terms
  • No user personal data is shared beyond what's necessary for service delivery
  • Third-party services implement appropriate security measures
  • Data processing is limited to support service delivery only

Your Rights Regarding Support Chat Data

Data Access and Control:

  • You can request access to your complete chat history
  • You can request deletion of specific chat sessions or all chat data
  • You can opt-out of chat analytics and improvement features
  • You can request human support instead of AI chat

Data Portability:

  • You can export your chat history in a machine-readable format
  • You can transfer chat data to other service providers
  • You can request anonymization of chat data while preserving support quality
  • You can specify data retention preferences for chat logs

Privacy Controls:

  • You can control what information is shared during chat sessions
  • You can request that chat data not be used for service improvement
  • You can report privacy concerns about chat data handling
  • You can file complaints about third-party data processing

Data Retention and Deletion

Chat Data Retention:

  • Chat logs are retained for support quality and training purposes
  • Personal information is anonymized after support resolution
  • Data retention follows GDPR and other applicable regulations
  • Users can request immediate deletion of chat data

Automatic Data Cleanup:

  • Chat data is automatically cleaned up after specified retention periods
  • Personal information is permanently deleted after support resolution
  • Anonymized data may be retained for service improvement
  • Data deletion follows secure data destruction protocols

Deletion Requests:

  • Users can request immediate deletion of their chat data
  • Deletion requests are processed within 30 days
  • Confirmation is provided when data deletion is complete
  • Deleted data cannot be recovered or restored

20. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at legal@aetopone.com or contact us by post at:

Studio 073X e.K.
Rienzistr. 12
Stuttgart 70597
Germany

17. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

You have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

To request to review, update, or delete your personal information:

Mobile App (Recommended):

  1. Open the AetopOne mobile app
  2. Go to Settings → Account
  3. Select "Request My Data" or "Delete Account"

Web Instructions: Visit https://www.aetopone.com/request-data for detailed instructions

Email Contact: legal@aetopone.com

Secure payment processing with all major credit cards, digital wallets, and local payment methods.