Privacy policy

General Provisions

Privacy Policy for the Processing of Personal Data has been prepared in accordance with the requirements of the Personal Data Protection Act of May 10, 2018 (Journal of Laws of 2018, item 1000) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data. It defines the procedures for processing personal data and the measures taken to ensure the security of personal data by the Operator. The Operator is the legal owner of the websites, services, programs, and other products, including but not limited to those of informational, communicational, advertising, educational, and entertainment nature (collectively referred to as "Services" and individually as "Service"), available online at https://aetherix.cloud/ (hereinafter referred to as the "Website") and individual internet users (hereinafter referred to as the "User") in relation to the processing of information about the User, including personal data, during their use of the Services. This Privacy Policy for the processing of personal data (hereinafter referred to as the "Policy") applies to all information that the Operator may obtain about visitors to the website https://aetherix.cloud/. The relations related to the processing of information, including but not limited to the collection, use, storage, dissemination, and protection of information about the Website users, are governed by this Policy and the applicable laws of the Republic of Poland. Before using the Services, the User is required to familiarize themselves with this Policy. By registering, accessing, and/or actually using any of the Services, the User agrees to the terms of this Policy, the privacy policies of the individual Services, as well as the terms, conditions, and rules of the Services they use, which are posted on the pages (in sections) of the respective Services in the versions that were in effect at the time of actual use of such Services.

Key Definitions Used in the Policy

• Automated processing of personal data: Processing of personal data employing computer technology.
• Blocking of personal data: Temporary suspension of the processing of personal data (except where processing is necessary to clarify personal data).
• Website: A collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https://aetherix.cloud/.
• Information system of personal data: A collection of personal data contained in databases and the information technologies and technical means ensuring their processing.
• Anonymization of personal data: Actions resulting in the impossibility of identifying, without additional information, the specific User or other Subject to whom the personal data pertains.
• Processing of personal data: Any action (operation) or a set of actions (operations) performed with or without the use of automation tools concerning personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, usage, transfer (dissemination, provision, access), anonymization, blocking, deletion, and destruction of personal data.
• Operator: A state authority, municipal authority, legal entity, or individual who independently or jointly with other persons organizes and (or) carries out the processing of personal data, as well as determines the purposes of the processing of personal data, the composition of personal data to be processed, and the actions (operations) performed with personal data.
• Personal data: Any information relating directly or indirectly to a specific or identifiable User of the website https://aetherix.cloud/.
• Provision of personal data: Actions aimed at disclosing personal data to a specific person or a specific group of persons.
• Dissemination of personal data: Any actions aimed at disclosing personal data to an undefined group of persons (transfer of personal data) or at making personal data known to an unlimited number of persons, including the publication of personal data in mass media, placement in information and telecommunication networks, or provision of access to personal data in any other way.
• Destruction of personal data: Any actions resulting in the irreversible destruction of personal data with no possibility of further restoration in the personal data information system and/or the destruction of physical media containing personal data.

Processed Data

• Username
• E-mail address
• IP address
• Operating system
• Unique PC identifiers

The Website also collects and processes anonymized data about visitors (including "Cookies") using internet statistics services.

Cookies are small pieces of data that websites request from a browser on a computer or mobile device. These cookies are stored locally on the User's computer or mobile device. The Operator collects and processes cookies for Users who visit the Website.

Legal Grounds for Processing Personal Data

The Operator processes the User's personal data only if the User fills them in and/or sends them independently through specific forms on the Website https://aetherix.cloud/. By filling in the relevant forms and/or sending their personal data to the Operator, the User consents to this Policy.

The Operator processes anonymized data about the User if permitted by the User's browser settings (i.e. if cookies are enabled and JavaScript technology is used).

The Operator guarantees that the User's personal information will not be disclosed to any third party, including law enforcement or government agencies.

Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing

The Operator processes personal data, meaning operations performed with or without the use of automation tools, including the collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (provision, access), anonymization, blocking, deletion, and destruction of personal data. The security of personal data processed by the Operator is ensured by implementing legal, organizational, and technical measures necessary to fully comply with the requirements of the applicable legislation in the field of personal data protection. The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized access to it. The term of personal data processing is valid during the term of validity of the account on the Website. It is terminated in case of withdrawal of consent or deletion of the account. The User may at any time revoke their consent to the processing of personal data and/or delete their account by sending a request to the Operator by sending a request to legal@aetherix.cloud with the Subject of the request "Deleting an account and revoking consent to the processing of personal data".

The personal data being processed are subject to destruction or anonymization upon the achievement of the processing purposes, upon revocation of the Personal Data Subject's consent to the processing of personal data, or in case of loss of necessity and achievement of these purposes, unless otherwise provided for by the Personal Data Law. Data shall be destroyed by complete destruction of the physical medium or by deletion of data on electronic storage.

Cross-border Transfer of Personal Data

The Operator is required to ensure that the foreign state, to the territory of which the transfer of personal data is supposed to be carried out, provides reliable protection of the rights of personal data subjects before the start of the cross-border transfer of personal data. The cross-border transfer of personal data to the territories of foreign states that do not meet the above requirements may be carried out only if the personal data subject consents in writing to the cross-border transfer of their personal data and/or if an agreement to which the personal data subject is a party is executed.

Data Security

In processing personal data, the Operator takes necessary legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, and dissemination, as well as from other unlawful actions concerning personal data. The Operator shall take the following measures:

• Ensures the confidentiality of personal data and takes all possible measures to prevent unauthorized access to personal data.
• Identifies potential threats to the security of personal data during its processing in Information Systems of personal data.
• Assesses the effectiveness of the measures taken to ensure the security of personal data before the Information System of personal data is put into operation.
• Keeps a record of the media containing personal data.
• Detects instances of unauthorized access to personal data and takes appropriate measures.

The measures to ensure the security of Personal Data implemented within the framework of the Personal Data Protection system include:

• Identification and authentication of access subjects and access objects.
• Managing access of access subjects to access objects.
• Protection of machine-readable information carriers on which Personal data are stored and/or processed.
• Security event logging.
• Antivirus protection.
• Intrusion detection (prevention).
• Control (analysis) of the security of Personal data.
• Ensuring the integrity of the Personal Data Information System.
• Ensuring the availability of Personal Data.
• Protection of the virtualization environment.
• Protection of technical equipment.
• Protection of the information system, its resources, communication systems, and data transmission.
• Detection and response to incidents (a single event or a group of events) that may lead to failures or disruption of the functioning of the information system and/or to the emergence of threats to the security of Personal Data, and response to them.

The Operator shall not be liable for the disclosure and dissemination of information about the User by other Users or other Internet users if such persons have gained access to the said information in accordance with the privacy level settings selected by the User, or in the event of a breach by the User of the security of their login and/or password or other data necessary for authorization.

Final Provisions

The User may obtain any clarifications on issues of interest regarding the processing of his personal data by contacting the Operator at legal@aetherix.cloud. This Policy, and any amendments thereto, may be made by the Operator with notice to the User, including by posting a new version of the amended Policy on the Website. Any changes made by the Operator to the Policy will come into effect the day after the new version of the Policy is posted on the Website. The User is obligated to independently review this Policy for any changes. Failure by the User to review the Policy cannot serve as grounds for the User's non-compliance with their obligations or the restrictions outlined in this Agreement. The processing of personal data may be terminated upon the achievement of the purposes for which it is processed, the expiration of the consent's validity period, or the withdrawal of consent by the personal data subject, as well as upon the identification of unlawful processing of personal data. Any changes to the Operator's personal data processing policy will be reflected in this document. This Policy remains in force indefinitely until replaced by a new version. The current version of the Policy is freely available online at https://aetherix.cloud/privacy-policy.