Privacy Policy

Controller details and scope

The personal data controller is AIVA LLC, OGRN 1185053019491, TIN 5015015263, address: Meshchersky Boulevard 2, Zarechye urban settlement, Odintsovsky urban district, Moscow Region, Russia, contact email: hello@aiva.chat.

This Policy applies to personal data processed when visiting aiva.chat, submitting contact or request forms, using cookies, and contacting the company through the channels published on the website.

This Policy does not apply to third-party websites or services that may be linked from the website.

What data we collect

We may process your name, email address, phone number, Telegram or another contact method, company, role, request details, and any other information you voluntarily provide through website forms.

Technical data may also be collected automatically, including IP address, device type, browser type and language, on-site actions, traffic source, cookies, session identifiers, and similar web analytics data.

Legal grounds for processing

Personal data is processed on the basis of the data subject's consent and, where applicable, when processing is necessary to enter into or perform a contract or to take steps at the user's request before a contract is concluded.

Data may also be processed to comply with legal obligations under the laws of the Russian Federation and to protect the legitimate rights and interests of the controller, provided such processing does not override the rights and freedoms of the data subject.

Purposes of processing

Personal data is processed to respond to requests, communicate with users, arrange demos, prepare proposals for AIVA products and services, handle inquiries, maintain correspondence, improve the website, and analyze traffic.

Data may also be processed to ensure website security, prevent abuse, comply with legal requirements, and protect the controller's rights in the event of a dispute.

Cookies and web analytics

The website uses cookies and Yandex.Metrica to analyze traffic, measure page performance, store technical and user preferences, and support stable operation of certain website functions.

Users can restrict or disable cookies in their browser settings. This may affect the operation of some website features.

Where a cookie consent banner is used, the user's choice is respected within the website's technical capabilities.

Sharing with third parties

The controller does not sell personal data and does not disclose it to an undefined group of persons.

Personal data may be shared with contractors and services involved in hosting, analytics, CRM, communications, and other tools required to operate the website and communicate with users, but only to the extent necessary for the stated purposes.

Personal data may also be disclosed to state authorities or other authorized persons where required by the laws of the Russian Federation.

Data localization and retention

When collecting personal data, the controller ensures its recording, organization, accumulation, storage, updating, and extraction using databases located within the territory of the Russian Federation.

As of this version of the Policy, the controller does not carry out cross-border transfers of personal data in connection with the website. If that changes, the Policy will be updated accordingly.

Contact form data is generally retained for up to 1 year from the date of the request unless a longer period is required for correspondence, contract discussions, legal defense, or compliance with law. Technical data and cookies are retained for the period required by analytics and technical tools, but usually no longer than 1 year unless another period is required by the relevant service or by law.

Security measures

The controller implements necessary legal, organizational, and technical measures to protect personal data against unlawful or accidental access, destruction, alteration, blocking, copying, disclosure, and distribution.

Such measures include access control, secure communication channels, internal data handling rules, staff access restrictions, and protection of the infrastructure used to operate the website.

Rights of the data subject

The data subject has the right to obtain information about the processing of their data, request its correction, blocking, or deletion, withdraw consent where processing is based on consent, and challenge the controller's actions before Roskomnadzor or a court.

To exercise these rights, the data subject may send a request to hello@aiva.chat or by post to the controller's address. The request must allow the controller to identify the applicant and understand the substance of the request.

Requests are generally reviewed within up to 10 business days from receipt unless another deadline is required by law.

Minors, policy updates, and contacts

The website and its forms are intended for adults and authorized representatives of companies. The controller does not knowingly collect personal data of children under 14 and will take steps to delete such data if discovered.

The controller may amend this Policy unilaterally. A new version takes effect once published on the website unless a different effective date is stated in that version.

For any questions related to personal data processing, please write to hello@aiva.chat. Data subjects may also contact Roskomnadzor through https://pd.rkn.gov.ru.