Aidovia ← Back to landing

Privacy Policy

Last updated: 24 November 2025

1. Controller and scope

Controller: Aidovia — Pflaumstraße 14, 76669 Bad Schönborn, Germany — privacy@aidovia.com.

This Privacy Policy explains how we process personal data when you visit our website, join the waitlist or communicate with us. We process personal data in accordance with the EU General Data Protection Regulation (EU GDPR), the UK GDPR, Germany’s Bundesdatenschutzgesetz (BDSG) and, where applicable, certain U.S. privacy laws such as the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA). Our website is hosted with Hostinger, and we use Selzy as our email service provider for the waitlist.

2. Data we collect

We may process the following categories of personal data, depending on how you interact with us:

  • Waitlist data: email address (required).
  • Technical and usage data: IP address, device and browser type, operating system, referring URL, timestamps, basic interaction data (such as pages visited and clicks) and limited server logs for security and performance.
  • Cookies and similar technologies: essential cookies needed to operate the site; and, only where enabled by you, analytics and/or marketing cookies. Details are provided in our Cookie Policy.
  • Consent and communication records: records of your subscribe and unsubscribe actions, confirmation of your email address, and basic email analytics (for example whether an email was delivered, opened or a link was clicked), together with associated timestamps, IP address, user agent, consent text and related technical metadata.

We do not intentionally collect special categories of data (such as health data or political opinions).

3. Purposes and legal bases

We process personal data for the following purposes and on the lawful bases listed below:

  • Operate the site and waitlist (provide access to the website, manage your signup and related communication) – GDPR Art. 6(1)(b) (performance of a contract) and/or Art. 6(1)(f) (legitimate interests).
  • Security and fraud prevention (monitoring for abuse, troubleshooting, protecting our systems) – GDPR Art. 6(1)(f) (legitimate interests).
  • Legal compliance (keeping records required by commercial, tax or privacy law, responding to authorities) – GDPR Art. 6(1)(c) (legal obligation).
  • Analytics and product improvement (understanding how visitors use the site, improving content and performance) – GDPR Art. 6(1)(a) (consent), where analytics cookies or similar technologies are used.
  • Marketing emails (sending you news about Aidovia, updates about the project or future platform) – GDPR Art. 6(1)(a) (consent). You can withdraw your consent at any time by using the unsubscribe link in our emails or by contacting us. If you unsubscribe, we may retain your email address in an internal suppression list solely to ensure that you do not receive further marketing emails from us.
  • Email infrastructure and delivery (using Selzy to send and track delivery of emails) – GDPR Art. 6(1)(f) (legitimate interests in reliable email delivery).
  • Consent logging and proof (storing records of your subscribe/unsubscribe and consent actions in our consent log database and email tools) – GDPR Art. 6(1)(c) (legal obligation where applicable) and Art. 6(1)(f) (legitimate interests in being able to demonstrate consent).

Where we rely on legitimate interests, we balance those interests against your rights and expectations and do not use your data for activities where our interests are overridden by your interests or fundamental rights.

4. Recipients, processors and international transfers

We do not sell your personal data. We may share personal data only to the extent necessary with the following categories of recipients:

  • Hosting provider: Hostinger, which hosts our website and related infrastructure.
  • Email service provider: Selzy, which manages our waitlist emails, email delivery and basic email analytics (for example whether an email was delivered, opened or a link was clicked).
  • Other service providers acting as data processors (e.g. security, logging or analytics providers, if used in future).

These providers process personal data only on our instructions and are contractually bound to appropriate data protection obligations.

Some of these providers or their sub-processors may be located outside the European Economic Area (EEA), the United Kingdom or Switzerland. Where such transfers occur, we implement appropriate safeguards, such as an adequacy decision by the European Commission or UK government or Standard Contractual Clauses (SCCs) combined with additional measures where required.

5. Retention periods

We keep personal data only for as long as necessary for the purposes described above or as required by law:

  • Waitlist data (email address): for as long as you remain on the waitlist and we need to communicate about Aidovia, plus up to 24 months after launch or after you unsubscribe, to maintain proof of consent and comply with legal obligations.
  • Security and technical logs: generally up to 12 months, unless a longer period is required for security incidents or legal purposes.
  • Consent records (including subscribe/unsubscribe events, consents and withdrawals, with associated timestamps, IP and technical metadata): while you remain subscribed and generally up to 24 months after you unsubscribe, or longer only where necessary to comply with limitation periods or regulatory requirements (for example in connection with legal claims).

Once data is no longer needed, we will delete or irreversibly anonymise it in line with our internal retention policies.

6. Your rights (EU/UK, including Germany)

If you are in the EU, EEA, Switzerland or UK, you have the following rights under the GDPR / UK GDPR:

  • Right of access (Art. 15 GDPR) – to obtain confirmation and a copy of your personal data.
  • Right to rectification (Art. 16 GDPR) – to correct inaccurate or incomplete data.
  • Right to erasure (Art. 17 GDPR) – to request deletion in certain circumstances.
  • Right to restriction of processing (Art. 18 GDPR).
  • Right to data portability (Art. 20 GDPR) – to receive data you provided in a structured, commonly used and machine-readable format, and transmit it to another controller where technically feasible.
  • Right to object (Art. 21 GDPR) – to object at any time to processing based on legitimate interests, and to direct marketing.
  • Right to withdraw consent at any time (Art. 7(3) GDPR) – without affecting the lawfulness of processing before withdrawal.

You can exercise your rights by contacting us at privacy@aidovia.com. For identification and security, we may ask for additional information to confirm your identity before responding.

7. United States privacy rights (California etc.)

To the extent CCPA/CPRA or other U.S. state privacy laws apply, California residents (and where applicable residents of similar jurisdictions) may have rights including:

  • the right to know/access certain information about the personal data we collect and use;
  • the right to request deletion of personal data, subject to certain exceptions;
  • the right to correct inaccurate personal data;
  • the right to opt out of the “sale” or “sharing” of personal data as defined by law.

We do not sell or share personal data as those terms are defined under CCPA/CPRA. You can contact us at privacy@aidovia.com to submit a request under applicable U.S. privacy laws.

8. Children

Our website and waitlist are not directed to children under the age of 16, and we do not knowingly collect personal data from children under 16. If you believe that a child has provided us with personal data, please contact us so we can delete the information.

9. Security

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. This includes using reputable providers such as Hostinger (hosting) and Selzy (email infrastructure) who also implement their own security measures. However, no system can be guaranteed to be 100% secure.

10. Contact and complaints

If you have questions or concerns about this Privacy Policy or our handling of personal data, you can contact us at:

privacy@aidovia.com

You also have the right to lodge a complaint with a data protection authority, in particular the authority in your habitual residence or place of work, or the authority for our main establishment in Germany (for example, the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit – BfDI). UK residents may also contact the Information Commissioner’s Office (ICO).

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of the page indicates the current version. We will post any changes on this page and, where appropriate, notify you through other channels.