Privacy Policy

Last Updated: December 2024

1. Introduction

Aureivia ("Company," "we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and services (collectively, the "Service").

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service. By accessing and using Aureivia, you acknowledge that you have read, understood, and agree to be bound by all the provisions of this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information:Name, email address, company name, job title, phone number, password, and billing information.
  • Company Data:Business information about companies you search for, prospect information, lead lists, and historical communication records.
  • Communication Data:Messages, emails, call recordings, and feedback you provide through our support channels.
  • Payment Information:Credit card details and billing addresses (processed securely by our payment processor).

2.2 Information Collected Automatically

  • Usage Data:Pages visited, features used, search queries, campaigns created, time spent, and interaction patterns.
  • Device Information:IP address, browser type, operating system, device identifier, and mobile device information.
  • Analytics Data:Session duration, click patterns, conversion data, and aggregated usage statistics.

2.3 Information from Third Parties

We may receive information about you from third-party data providers, enrichment services, and publicly available sources to enhance our Service, including:

  • Business intelligence and company information databases
  • Public business registries and directories
  • Social media platforms (with appropriate permissions)
  • Email service providers and deliverability partners
  • Payment processors and verification services

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • Service Delivery:Providing, operating, and maintaining the Aureivia platform and all its features.
  • Account Management:Managing your account, processing transactions, and sending administrative notices.
  • AI & Enrichment:Training machine learning models and enriching business data (anonymized where possible) to improve lead quality and discovery accuracy.
  • Personalization:Customizing your experience and providing recommendations based on your usage patterns.
  • Analytics & Optimization:Analyzing usage patterns to improve our Service, detect fraud, and enhance security.
  • Communications:Sending product updates, security alerts, and marketing communications (with opt-out options).
  • Legal Compliance:Complying with applicable laws, regulations, and legal processes.
  • Business Operations:Conducting business research, customer surveys, and support operations.

4. Third-Party Services

We use third-party service providers to support our Service. These providers may have access to your personal information to perform services on our behalf:

Key Service Providers:

Supabase

Cloud database and authentication services. Data stored in EU-compliant infrastructure.

OpenAI

AI-powered search, enrichment, and content generation. Data may be processed according to their privacy terms.

Google APIs

Maps data, location services, and analytics. See Google's privacy policies for details.

Brave Search

Web search and discovery data services.

Stripe / Payment Processors

Payment processing and billing services. Credit card data is not stored by us.

Email Providers (Resend, Gmail)

Email sending and mailbox synchronization services.

We ensure all third-party providers are subject to data protection agreements and maintain appropriate security standards. We are not responsible for the privacy practices of third parties, and we encourage you to review their privacy policies.

5. Cookies & Tracking

5.1 What Are Cookies?

Cookies are small text files stored on your device that help us recognize you and enhance your experience. We use both session-based and persistent cookies.

5.2 Types of Cookies We Use

  • Essential Cookies: Required for authentication, security, and platform functionality
  • Analytics Cookies: Google Analytics 4 (GA4), Mixpanel - to understand usage patterns
  • Preference Cookies: Remember your settings and preferences
  • Marketing Cookies: Track conversions and advertising performance

5.3 Tracking Technologies

We use analytics services like Google Analytics 4 and Mixpanel to collect and analyze information about your use of the Service. These services may use cookies, web beacons, and similar tracking technologies.

5.4 Managing Cookies

Most browsers allow you to control cookies through their settings. You can opt out of certain cookies, but this may affect Service functionality. Some analytics services allow opt-out:

6. Data Security

We implement comprehensive security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

  • Encryption:All data in transit is encrypted using TLS 1.2 or higher. Sensitive data at rest is encrypted using industry-standard methods.
  • Authentication:We use secure password hashing and support multi-factor authentication (MFA).
  • Access Controls:Access to personal data is restricted to authorized personnel with legitimate business needs, on a need-to-know basis.
  • Regular Audits:We conduct regular security assessments and penetration testing to identify and address vulnerabilities.
  • Incident Response:We have procedures in place to detect, respond to, and notify users of any data breaches as required by law.

Note: While we implement strong security measures, no system is completely secure. We cannot guarantee absolute security of your information.

7. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. Retention periods vary based on data type:

Account InformationUntil account deletion + 90 days
Transaction Records7 years (regulatory compliance)
Lead & Campaign DataUntil project deletion or 3 years
Analytics DataUntil anonymized or 1 year
Backup DataUntil securely deleted

You may request deletion of your data at any time. We will delete or anonymize data as required by applicable law.

8. Your Rights

Depending on your location, you may have certain rights regarding your personal information:

  • Right to Access:You can request a copy of the personal information we hold about you.
  • Right to Rectification:You can request that we correct inaccurate or incomplete information.
  • Right to Erasure:You can request deletion of your personal information, subject to legal obligations.
  • Right to Portability:You can request your data in a structured, machine-readable format.
  • Right to Opt-Out:You can opt out of marketing communications and certain data processing activities.
  • Right to Withdraw Consent:You can withdraw any consent previously given for data processing.

To exercise any of these rights, please contact us at basheer@aureivia.ai with "Privacy Request" in the subject line. We will respond within 30 days.

9. POPIA Compliance (South Africa)

As Aureivia is based in South Africa and processes personal information of South African residents, we comply with the Protection of Personal Information Act, 2013 (POPIA).

Information Officer

Aureivia's Information Officer is responsible for overseeing POPIA compliance and data subject requests.

Contact: basheer@aureivia.ai

Key POPIA Principles

  • We collect and process personal information lawfully and fairly
  • We limit collection to what is necessary for identified purposes
  • We maintain data quality, accuracy, and completeness
  • We implement appropriate security safeguards
  • We ensure openness and transparency in data handling practices
  • We respect your rights to access and correct your information
  • We provide accountability for data processing activities

Data Subject Rights Under POPIA

You have the right to request confirmation of whether we hold your personal information, obtain a copy of your information, correct inaccurate data, object to processing, and lodge a complaint with the Information Regulator.

Information Regulator Contact

If you believe your privacy rights have been violated, you can lodge a complaint with:

The Information Regulator (South Africa)
Email: complaints.ir@justice.gov.za
Website: www.justice.gov.za/inforeg

10. GDPR Compliance (European Union)

If you are located in or a resident of the European Union, your personal information is protected under the General Data Protection Regulation (GDPR). We comply with all GDPR requirements.

Legal Basis for Processing

We process personal information based on the following lawful bases:

  • Contract performance - to provide the Service you've signed up for
  • Legal obligations - to comply with applicable laws
  • Legitimate interests - to operate and improve our Service
  • Consent - for marketing communications and optional features

Data Processing Agreement

For customers in the EU, we offer a Data Processing Agreement (DPA) as required by GDPR Article 28. Organizations can request a DPA by contacting our legal team.

Data Subject Rights

Under GDPR, you have additional rights including the right to withdraw consent, the right to restrict processing, and the right to lodge a complaint with your national data protection authority.

Data Transfer Mechanisms

Where data is transferred outside the EU/EEA, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or rely on adequacy decisions as approved by the European Commission.

11. CCPA Compliance (California)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

Your CCPA/CPRA Rights

  • Right to Know: What personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate information
  • Right to Opt-Out: Opt out of the sale or sharing of your personal information
  • Right to Non-Discrimination: We will not discriminate for exercising your rights
  • Right to Opt-Out of Targeted Advertising: Disable behavioral tracking for advertising

Submitting a Request

To exercise your CCPA/CPRA rights, submit a verifiable request to basheer@aureivia.ai or visit our Do Not Sell My Personal Information page. We will respond within 45 days.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Aureivia

Website:

aureivia.ai

Location:

South Africa

We will acknowledge receipt of your request and provide a substantive response within the timeframe required by applicable law.

Disclaimer: This Privacy Policy is a template for informational purposes. While designed to comply with major data protection regulations (POPIA, GDPR, CCPA), it is not a substitute for legal advice. Consult with a qualified attorney to ensure full compliance with regulations applicable to your specific situation.