Skip to main content

Aevaro · Legal

Privacy Policy

Last updated: May 2, 2026. Effective: Immediately upon publication; we will note any changes on this page and adjust the "Last updated" date.

This Privacy Policy explains what information aevaro.com ("the site," "we," "us") collects when you visit it or contact us, how we use that information, and what choices you have. It applies to the public marketing site only. If and when you sign up for an Aevaro product, that product will have its own separate terms and data-processing agreement that govern your use of the product.

We aim to be plain-spoken about data. Where we have a choice, we err on the side of collecting less and explaining more.

Quick summary

  • We collect what you give us through the contact form (your name, work email, company, and message), and a small amount of routine technical information (IP address, browser, device type, the pages you visit) that any web server sees.
  • We use a privacy-first analytics provider (Plausible) that does not set tracking cookies and does not collect personally identifying information about you.
  • We share information only with the service providers and partners we need to run the site (hosting, email delivery, content management, analytics, error monitoring) and only to the extent they need it to provide their service. A current list is at /sub-processors.
  • We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising or for third-party targeted advertising.
  • You can ask us to access, correct, or delete information we hold about you at any time. See the rights section below.
  • This site is intended for adults using it on behalf of an organization. We do not knowingly collect information from children under 16.

What we collect, and why

We collect three categories of information.

Information you give us. When you submit the contact form, you give us your name, work email, the company you represent, and whatever you choose to write in the "what brings you here" field. We use this information to read your message and respond to it. We may keep it as a record of the conversation if it leads to a business relationship.

Information we observe automatically. When you visit any web page, the server that serves it sees your IP address, your browser type and version, your device type, and the page you requested. We use this information for security (recognizing and stopping abuse), reliability (knowing when something is broken), and aggregate understanding of which pages people read. Our analytics provider does not link this information to a person; we do not either.

Information from limited error-monitoring telemetry. If a page errors in your browser, our error-monitoring service may capture the error message and a stack trace. We configure it not to capture form contents, request bodies, or other potentially sensitive data. Its sole purpose is to let us notice and fix bugs.

We do not place advertising trackers, marketing pixels, or session-replay tools on this site at this time. If we ever do, we will update this policy first and ask for consent where required.

How long we keep things

We retain information only as long as we have a legitimate reason to keep it.

  • Contact-form submissions: retained in our inbox and CRM (when used) for as long as the conversation is active and for a reasonable period afterward — typically up to 24 months — so we can pick up the thread if you reach back out.
  • Server logs: typically retained for 30 days for security and reliability purposes, then rotated and discarded.
  • Aggregate analytics: retained in non-identifying form indefinitely.
  • Error reports: retained for up to 90 days.

If you ask us to delete information about you, we will do so unless we are legally required to retain it. See "Your rights" below.

Who we share information with

We share information with three categories of recipients, and only to the extent they need it.

Service providers — vendors who run parts of the site on our behalf, under a contract that limits their use of your information to providing their service. The current list of sub-processors, along with what each one does and where it is based, is at /sub-processors. Examples: our hosting provider (serves the site), our email-delivery provider (sends your contact message to us), our content-management provider (stores marketing copy), our analytics provider (runs the privacy-first analytics).

Partners — entities we work with to deliver value to you (for example, a partner whose product integrates with ours). When we share information with a partner in connection with your inquiry — for example, because your message asked about a partner's integration — we will share only what's necessary and we will tell you in advance, in this policy or in the response to your message. We do not sell your personal information to partners.

Legal and safety recipients — courts, regulators, law enforcement, or other parties when we are legally compelled to share, when we believe in good faith that sharing is necessary to protect rights, property, or safety, or in connection with a corporate transaction (such as a financing, acquisition, or sale of substantially all of our assets — in which case the recipient will be bound by this policy or one no less protective).

We do not sell your personal information for monetary consideration. We do not "share" your personal information for cross-context behavioral advertising as that term is defined under the California Consumer Privacy Act (CCPA) or comparable state laws.

Cookies and similar technologies

This site does not set advertising cookies and does not run ad-network pixels.

The site may set a small number of strictly-necessary cookies (for example, to remember a session token if you log into the embedded content studio at /studio) and our analytics provider's configuration is cookieless. We may use the browser's localStorage for non-tracking purposes (for example, to remember that you've dismissed a banner).

If we ever add cookies that go beyond strictly necessary, we will update this policy and present a consent prompt where required by law (including the EU ePrivacy Directive and the California Consumer Privacy Act, as applicable to you).

Your rights

Depending on where you live, you may have specific rights regarding your personal information.

If you are in the European Economic Area, the United Kingdom, or Switzerland: you may have the right to access the personal information we hold about you; to request that we correct inaccuracies; to request that we delete it; to object to or restrict our processing of it; and to receive a copy of it in a portable format. You also have the right to lodge a complaint with your local supervisory authority. The legal bases on which we rely are: (a) your consent (when you submit a form); (b) our legitimate interests in operating the site, responding to inquiries, and keeping the site secure and reliable; and (c) compliance with our legal obligations.

If you are in California: you may have the right to know what categories of personal information we have collected, the categories of sources, the business or commercial purposes for collecting it, and the categories of third parties with whom we have shared it; the right to delete it; the right to correct inaccuracies; the right to opt out of any "sale" or "sharing" (as those are defined under the CCPA — we do not engage in either, but you may still exercise the right); and the right not to be discriminated against for exercising any of these rights.

Everyone else: you may have similar rights under your local law. We will honor those rights to the extent our legal counsel advises that they apply.

To exercise any right above, email privacy@aevaro.com. We will respond within the time required by applicable law (typically 30 to 45 days). We may need to verify your identity before acting on a request.

Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information. No system is perfectly secure, and we cannot guarantee absolute security. If we become aware of a breach affecting your personal information, we will notify you to the extent required by applicable law.

For security reports, see /.well-known/security.txt.

International transfers

The site is operated from the United States. Service providers we use may operate from other countries. When we transfer personal information out of your home jurisdiction, we rely on the safeguards permitted by applicable law (for example, the European Commission's Standard Contractual Clauses for transfers from the EEA to the US).

Children

This site is intended for adults using it on behalf of an organization. It is not directed at children under 16, and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, please contact privacy@aevaro.com and we will delete it.

Changes to this policy

We may update this policy from time to time. We will note the "Last updated" date at the top, and we will give reasonable notice (through the site, by email if we have your address, or both) of material changes before they take effect.

Contact

For privacy questions, requests, or complaints:

  • Email: privacy@aevaro.com
  • Postal: send via the contact form at /contact and ask for postal correspondence; we will provide a current address.

If we are acting as a "data processor" for an Aevaro product customer (and not as a "data controller" for visitors to this site), the Aevaro product agreement and its data-processing addendum govern that processing instead.