Last Updated: August 25, 2025

Aison International (“we,” “us,” or “our”) operates the website www.autoclave.se (the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable laws. It applies to all users, including visitors and registered users, particularly those in the European Economic Area (EEA).

1. Data Controller

Aison International, located at 123 Innovation Street, Tech City, EU, is the data controller responsible for your personal data. Contact us at privacy@autoclave.se.

2. Personal Data We Collect

We collect the following personal data to provide and improve our Service:

  • Account Information: When you register, we collect your name, email address, and password.
  • User Content: Inputs you provide to our Service (e.g., text prompts or queries), which may include personal data if you choose to share it.
  • Technical Data: IP address, browser type, device identifiers, and cookies to enhance functionality and security.
  • Contact Information: If you submit inquiries via our contact form, we collect your name, email, and message content.
  • Usage Data: Information about how you interact with our Service, such as pages visited or features used, collected via analytics tools.

We do not collect sensitive personal data (e.g., health, racial, or biometric data) unless explicitly provided by you, which we advise against.

3. Lawful Bases for Processing

We process personal data under the following GDPR lawful bases:

  • Consent: For optional data collection (e.g., marketing emails or cookies beyond those strictly necessary), where you have given clear consent (Article 6(1)(a)).
  • Contract: To provide the Service as per our Terms of Use, such as processing account data to enable access (Article 6(1)(b)).
  • Legitimate Interests: For improving our Service, ensuring security, or analyzing usage trends, where our interests are not overridden by your rights (Article 6(1)(f)).
  • Legal Obligation: To comply with applicable laws, such as tax or reporting requirements (Article 6(1)(c)).

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain the Service (e.g., account management, responding to queries).
  • Improve our Service through analytics and aggregated, anonymized data for AI training.
  • Communicate with you, including responding to support requests or sending service updates.
  • Ensure security, prevent fraud, and debug technical issues.
  • Comply with legal obligations or enforce our Terms of Use.

5. Data Sharing and Disclosure

We may share your personal data with:

  • Service Providers: Trusted third parties (e.g., cloud hosting, analytics) acting as processors under GDPR-compliant Data Processing Agreements (e.g., AWS, Google Analytics).
  • Legal Authorities: When required by law or to protect our rights, after assessing necessity and proportionality.
  • Business Transfers: In case of a merger or acquisition, with prior notice where required.

We do not sell your personal data or use it for automated profiling with legal or significant effects.

6. International Data Transfers

If you are in the EEA, your data may be transferred to countries outside the EEA (e.g., the U.S.). We ensure appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Ensuring recipients are in countries with adequacy decisions (e.g., per EU rulings).
    Contact us for a copy of our SCCs or details on transfer mechanisms.

7. Data Retention

We retain personal data only as long as necessary:

  • Account data: Until you delete your account, then up to 30 days for backup deletion, unless legally required otherwise.
  • Technical/usage data: Up to 12 months for analytics, then anonymized.
  • Contact form data: Up to 6 months after resolving your inquiry.
    Data is securely deleted or anonymized when no longer needed.

8. Your GDPR Rights

As an EEA resident, you have the following rights under GDPR:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data (subject to legal exceptions).
  • Restriction: Limit processing under certain conditions.
  • Data Portability: Receive your data in a structured, machine-readable format.
  • Object: Object to processing based on legitimate interests or for direct marketing.
  • Withdraw Consent: Revoke consent at any time, without affecting prior processing.
  • Automated Decision-Making: Not be subject to decisions based solely on automated processing with legal effects.

To exercise these rights, contact us at privacy@autoclave.se. We will respond within one month, extendable by two months for complex requests. We may verify your identity to prevent unauthorized access.

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Strictly Necessary: Enable core functionality (e.g., session management).
  • Analytics: Understand usage patterns (e.g., Google Analytics, anonymized where possible).
  • Marketing: Optional, with your consent, for personalized ads.

You can manage cookie preferences via our cookie banner or browser settings. See our Cookie Policy for details.

10. Security Measures

We implement robust safeguards to protect your data:

  • Encryption: AES-256 for data at rest, TLS 1.3 for data in transit.
  • Access Controls: Limited to authorized personnel, with logging and monitoring.
  • Regular Audits: Annual third-party penetration testing and internal reviews.
    In case of a data breach, we will notify you and the relevant supervisory authority within 72 hours, where feasible, per GDPR Article 33.

11. Third-Party Links

Our Service may contain links to third-party sites not covered by this policy. We are not responsible for their privacy practices. Review their policies before sharing data.

12. Children’s Privacy

Our Service is not directed to individuals under 16. We do not knowingly collect personal data from children. If you believe we have, contact us to request deletion.

13. Complaints

If you have concerns about our data practices, contact us first at privacy@examplecorp.com. You may also lodge a complaint with your local supervisory authority (e.g., the Information Commissioner’s Office in the UK or your national data protection authority in the EEA). Find your authority at edpb.europa.eu.

14. Changes to This Policy

We may update this policy to reflect legal or operational changes. We will notify you via email or a prominent notice on our Service at least 30 days before significant changes take effect. Continued use of the Service after changes constitutes acceptance.

15. Contact Us

For questions or to exercise your rights, contact: