-640x290.png "Slim")
Privacy Policy
1. Introduction and Data Controller
This Privacy Policy is based on the EU General Data Protection Regulation (GDPR) (No. 2016/679) and describes how Aether Innovations Inc. (hereinafter referred to as "we") collects, uses, stores, and protects personal data of users located in the European Union.
Data Controller: Aether Innovations Inc. You can contact us via our website at aetheriop.com or email at [email protected].
2. Scope of Personal Data Collection
We only collect personal data necessary to fulfill specific purposes, including:
Information you actively provide: name, email address, and phone number when registering for an account; delivery address and payment details when purchasing products; preferences you provide when participating in marketing activities (such as newsletters and loyalty programs); and inquiries you provide when interacting with customer service.
Information automatically collected: IP address, browsing path, duration of visit, and device type generated when you visit aetheriop.com; and page interaction data recorded through technologies such as cookies, which are used to optimize website functionality and user experience.
3. Purposes and Legal Basis of Data Processing
3.1 Purposes of Processing
Completing product sales and order fulfillment, including logistics and delivery, after-sales service, and invoicing;
Managing user accounts, ensuring login security, and providing a personalized service experience;
Carrying out marketing activities (with your prior explicit consent), such as sending new product information and promotions;
Optimizing website performance and analyzing user behavior to improve service quality;
Responding to legal claims and protecting our legitimate rights and interests.
3.2 Legal Basis
Performing contractual obligations with you (such as order processing);
Obtaining your explicit consent (such as sending marketing communications);
Complying with legal obligations (such as tax record retention);
Protecting our or others' vital legal rights and interests (such as combating fraud).
4. Data Sharing and Transfer
4.1 Data Sharing
Affiliated entities within the group, for centralized management of user services;
Third-party service providers, including payment processors, logistics providers, and IT support providers (all subject to confidentiality obligations and oversight by us);
Judicial or regulatory authorities, for disclosure of data upon lawful request;
Transferees in commercial transactions such as mergers and acquisitions, asset transfers, etc. (who must ensure that the level of data protection is not compromised).
4.2 Cross-border Transfers
If your data needs to be transferred outside the European Economic Area (EEA), we will transfer it through a region recognized as "adequacy" by the European Commission or utilize compliance safeguards such as standard contractual clauses to ensure data security.
5. Data Retention Period
Data collected for contractual purposes will be retained for 10 years after termination of the contract (consistent with the statute of limitations in most EEA countries);
Data collected based on your consent will be retained until consent is withdrawn or until the purpose has been fulfilled;
Data collected due to statutory requirements will be retained until the statutory period expires.
6. Your Rights
Under the GDPR, you have the right to:
Access your personal data and details of its processing;
Request the correction of inaccurate personal data;
Request the erasure of unnecessary data (the "right to be forgotten");
Restrict or object to certain data processing activities;
Request access to your data in a machine-readable format (the right to data portability);
Withdraw consent previously provided (without affecting processing carried out in compliance prior to withdrawal).
To exercise any of these rights, please contact us at [email protected] and we will respond within one month.
7. Data Security Measures
We use encryption, access control, and regular security audits to prevent data leakage, loss, or misuse. In the event of a data security incident, we will notify the relevant regulatory authorities and affected users within 72 hours.
8. Policy Updates and Inquiries
This policy is effective as of the date of publication. We may update it based on regulatory changes or business adjustments. Updates will be posted on aetheriop.com. If you have any questions, please contact us at [email protected] or lodge a complaint with your country's data protection authority.