top of page

Akouo Privacy

Last updated: 16.07.2023

Akouo Technologies Ltd (“Akouo”) takes data privacy and data security very seriously. We adhere to the strictest data privacy and security regulations.

This Privacy Policy explains how Akouo (“we”, “us”, “the company”) processes your personal data.

Definitions

GDPR

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

Responsible Person

means Akouo’s Chief Information Officer.

Register of Systems

means a register of all systems or contexts in which personal data is processed by the Akouo.

Personal Data

means any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Data Subject

means the natural person to whom the Personal Data refers.

Data Processor

means the natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller

means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.

Contracting party

means a third party who sells Akouo’s product or uses the product who, unless otherwise specified, coincides with the Data Controller.

User

means the individual using Akouo products who, unless otherwise specified, coincides with the Data Subject.

EU/EEA

Means European Union and European Economic Area. All references made in this policy include all current member states to the European Union and the European Economic Area, unless otherwise specified.

Contact for privacy and security data

For all queries related to data privacy and security please contact us at:

privacy@akouo.io

1. Data protection principles

Akouo is committed to processing data in accordance with its responsibilities under the GDPR.

Article 5 of the GDPR requires that personal data shall be:

  1. processed lawfully, fairly and in a transparent manner in relation to individuals;

  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;

  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;

  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and

  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

​​

2. General provisions
  1. This policy applies to all personal data processed by Akouo services, applications, platforms or website.

  2. The Responsible Person shall take responsibility for Akouo’s ongoing compliance with this policy.

  3. This policy shall be reviewed at least annually.

  4. We may collect the following categories of personal data about you:

  • First and last name

  • Email address

  • Job title

  • Company data

  • Address

  • Phone number

  • 3rd party system identifiers

​​

3. Lawful, fair and transparent processing
  1. To ensure its processing of data is lawful, fair and transparent, Akouo shall maintain a Register of Systems.

  2. The Register of Systems shall be reviewed at least annually.

  3. Individuals have the right to access their personal data and any such requests made to Akouo shall be dealt with in a timely manner.

​​

4. Lawful purposes
  1. All data processed by Akouo must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests.

  2. Akouo shall note the appropriate lawful basis in the Register of Systems.

  3. Where consent is relied upon as a lawful basis for processing data, evidence of opt-in  consent shall be kept with the personal data.

  4. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in the Akouo’s systems. 

  5. The Contracting Party needs to ensure that it has consent from the users to process their personal data.

​​

5. Data minimisation

Akouo shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

 

6. Accuracy
  1. Akouo shall take reasonable steps to ensure personal data is accurate.

  2. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.

 

7. Data Subject Rights

According to GDPR Data Subject has the following rights:

 

  1. Right to Information: The right to ask us for information about what personal data is being processed and the rationale for such processing.

  2. Right of Access: The right to access their personal data.

  3. Right of Rectification: The right of rectification of inaccurate personal data, and the right to have incomplete personal data completed.

  4. Right of Erasure (the right to be forgotten): The right of erasure of personal data if there is no reason for us continuing to process it.

  5. Right of Restriction of Processing (Right to Withdraw Consent): The right to obtain from us restriction of processing if there is legitimate reason. Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with Data Subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or of a Member State.

  6. Right to Data Portability: The right to receive the personal data, which was provided to us and have the right to transmit data to another controller.

  7. Right to object: The right to object at any time to processing of personal data which is processed for the purposes of our legitimate interests. Where personal data is processed for marketing purposes, Data Subject shall have the right to object at any time to processing of personal data.

  8. Right to withdraw consent: The right to withdraw consent at any time where we are relying on consent to process personal data. However, this will not affect the lawfulness of any processing carried out before the withdraw of the consent.

  9. Right to complain. Data Subject has the right to make a complaint at any time to the Supervisory Authority.

 

Any request related to the rights listed above shall be sent by email to: privacy@akouo.io

8. Archiving / removal
  1. To ensure that personal data is kept for no longer than necessary, Akouo shall put in place an archiving policy for each area in which personal data is processed and review this process annually.

  2. Personal data collected from users related to the performance of a contract between Akouo and the Contracting Party, shall be retained until such contract has been fully performed or as otherwise instructed by the Contracting Party in accordance with the terms of such contract.

  3. In case of a contract with multiple usages of the product, for each usage of the product by the Contracting Party, Akouo will retain the personal data for 3 months for accounting purposes.

  4. Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

 
9. Transfers to countries outside the EU/EEA

Akouo is not data controller and does not transfer data to countries outside EU/EEA. The Contracting Party is the data controller and may transfer the data according to legal basis. For further details please refer to the Contracting Party privacy policy.

10. Security
  1. Akouo shall ensure that personal data is stored securely using modern software that is kept-up-to-date. 

  2. Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.

  3. When personal data is deleted this should be done safely such that the data is irrecoverable.

  4. Appropriate back-up and disaster recovery solutions shall be in place.

​​

11. Breach

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, Akouo shall promptly assess the risk to people’s rights and freedoms; inform the affected Parties and if appropriate report this breach to the Authorities.

 

END OF POLICY

bottom of page