DPO Radio

Free Website Privacy Check: Ensure Your Site's Compliant Now!
Sign Up
Privacy PolicyTerms and ConditionsRefund Policy

AesirX Privacy Policy

Privacy Policy | AesirX

1. Introduction - Who Are We?

AesirX ("we", "us", "our") is committed to protecting and respecting the privacy of our users ("user", "you", "your"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://aesirx.io (the "Site") and our AesirX first-party and Shield of Privacy solutions (the “Solutions”). Please read this Privacy Policy carefully. By using our Site and/or Solutions, you agree to the collection and use of your personal data in accordance with this privacy policy. If at any time you do not agree to this Privacy Policy, please do not use the Site and/or Solutions. If you have any questions about this, please contact us by e-mail at support@aesirx.io.

2. Data We Process

We take data privacy very seriously, it lies at the core of our values.

2.1 Regulation

All data is processed in compliance with the General Data Protection Regulation (GDPR), ePrivacy Directive (ePD), and other applicable regional privacy regulations.

2.2 Whose Data Is Processed?

We process personal data from:

  • Website visitors – Individuals who visit our site.
  • Users – Those who access or use our services, either for free or under an agreement.
  • Others – Includes potential customers, partners, and social media followers.

2.3 Data Types

Personal data refers to all information relating to an identified or identifiable person. Depending on how you use the Site and the Solutions, we receive and process the following information:

  • Contact information: For example, when you ask for help via contact forms, meeting requests, send us questions or comments via email, or report a problem, we will collect your name, email address, message, contact preferences. We only use this information to respond to your query.
  • Usage data: When you visit the Site and Solutions, we collect data to enhance functionality and prevent misuse. This includes:
    • Access Time & Location: The date and time of your visit, along with an approximate geographical location.
    • Referral Data: The website or link you used to access our Site.
    • Behavioral Data: Pages you visit, time spent on each section, and interactions within the Solutions.
    • De-identified IP Address: We collect IP addresses in a de-identified form, which means they cannot directly identify you but are used to approximate your location for analytics purposes.
    • Device and Browser Details: Information about your device type, operating system, screen resolution, browser version, and preferred language.

We analyze this usage data for statistical purposes, to improve our site, and to identify and prevent misuse.

  • Account registration: If you create an account to use our Services, we may ask you to provide us with information such as your name, email address and details about your organization. As otherwise detailed in this Privacy Policy, we will solely process this information to provide you with the service you signed up for
  • Consent: Based on your use of the Solutions, you will be given the option of consenting to the use of your usage data for cross-site and geo-localization purposes. Consent will be reinforced by the use of the Solutions within the websites that they are used in, and optionally (recommended) shielded by the use of your Concordium account and/or AesirX Shield of Privacy, which you can sign up for.
  • Cookie usage compliance: In line with ePrivacy Directive, GDPR, and similar regulations, we require explicit consent before using tracking cookies or non-essential scripts. Our solutions, including AesirX Analytics, Consent Management Platform, and the Consent Shield, block such technologies until consent is provided. Consent preferences can be updated or withdrawn at any time.
  • Blockchain data: We can collect public keys, transaction data and other data necessary for the operation of our services. Note that due to the inherent transparency of many blockchains, transactions and related information may be visible to the public. However, your personally identifiable information will not be included in these transactions without your consent.
  • Minors: We do not knowingly collect data from individuals under 18. If we discover such data, it will be deleted, and any related accounts deactivated. Contact support@aesirx.io if you believe a minor's information has been collected.
  • Social media: You may choose to register or log in to our services using your third-party social media account details (e.g., Facebook or Twitter). When you do, we may receive certain profile information from the social media provider, including your name, email address, profile picture, and any other information you have made public on the platform. We use this information only as described in this privacy policy or as otherwise communicated to you. Please note that your social media provider’s use of your information is governed by their own privacy policy. We recommend reviewing their privacy settings to manage how your information is shared.

3. How We Use Your Information

The data we collect is used to provide, maintain and improve our services. It also helps us to understand and analyze how our services are used. We may use the information we collect from you for the following purposes:

  • To Personalize Your Experience: Deliver content that matches your interests and preferences.
  • To Improve Our Website and Services: Enhance functionality and user experience based on feedback and analytics.
  • To Provide Customer Support: Respond to inquiries, resolve issues, and improve support services.
  • To Facilitate Account Management: Help with account creation, authentication, and maintaining account functionality.
  • To Deliver Services: Process your information to provide requested services effectively.
  • To Fulfill Orders: Manage orders, payments, returns, and exchanges.
  • To Send Administrative Information: Notify users of changes to terms, policies, and updates about products or services.
  • To Conduct Marketing and Promotions: Send promotional materials and updates aligned with your preferences.
  • To Ensure Compliance: Fulfill legal obligations and respond to regulatory requirements.
  • To Protect Our Services: Monitor for fraud, unauthorized access, and maintain service security.
  • To Analyze User Behavior: Understand user interactions to improve performance and identify trends.
  • To Save or Protect Vital Interests: Take necessary actions to prevent harm or protect safety.
  • To Perform Reporting and Analytics: Create insights and monitor business trends.
  • For Newsletter Subscriptions: Use personal data to deliver newsletters until you unsubscribe.
  • To Use Our Demo: We also collect such data when you register and get access to a demo or a free version of any of our Services.

4. How We Store Your Information and For How Long

4.1 Data Centre

When you use the Site, your information is stored with Azure data centers, located in Sweden. We do not make international data transfers. We do not use information to create profiles or make automated decisions. We will only keep your personal information for as long as it is required to fulfill the purposes for which it was collected, such as AesirX account and licensing.

4.2 Newsletter

By signing up for our Newsletter, we will store your personal data, including your name and email address, for as long as we continue to provide you with the Newsletter, and until you decide to unsubscribe from it.

4.3 Blockchain

Data stored on the blockchain is secured using cryptographic technologies. It is decentralized and distributed across a network of computers, reducing the risk of loss or tampering. However, no method of transmission or storage is 100% secure, so we cannot guarantee absolute security.

We provide you with tools to restrict the sharing of your information on our blockchain. However, once information is stored on the blockchain, it may not be possible to fully delete it due to the technology's decentralized nature.

5. How We Protect Your Information

We adopt appropriate data collection, storage and processing practices, and security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal information.

While we strive to protect your information, no online transmission or storage can be entirely secure. We cannot guarantee against unauthorized access by hackers or other parties. Use our Services at your own risk and ensure you access them in a secure environment.

6. Sharing Your Information

We do not sell, trade, or rent users' information to others. We do not share anything with third parties unless required by law.

We may disclose your data when legally required, to cooperate with law enforcement or protect against misuse, unauthorized use, or for the safety of users and the public.

When using the Solutions, you have the right to consent to share your analytics and geo-localized information with third parties for marketing purposes. This is entirely optional and managed through our Shield of Privacy.

All data processing is strictly limited to opt-in consent. We only collect first-party data for analytics and form submissions. Third-party data is loaded exclusively for payment processing (e.g., Sellix, Stripe) or OpenAI services, and only when users explicitly provide consent.

Because we operate on a 100% opt-in model, opt-out mechanisms are not required. Your data is only used with your explicit consent, which can be managed or revoked through tools like the AesirX Shield of Privacy or any WalletConnect-compatible wallet, including Concordium’s CryptoX Wallet and others. This functionality applies to managing your consent for services like analytics or OpenAI integrations, where applicable.

7. GDPR Roles

AesirX operates as a data controller or processor only when required under legal obligations, such as invoicing and documentation requirements. We do not process or share any personal data unless mandated by law.

Specifically, for payment processing, we use services like Sellix and Stripe, which handle personal data directly, and require opt-in consent from users. Additionally, our Privacy Advisor AI integrates with OpenAI, also requiring explicit opt-in consent. Beyond these services, we do not collect, process, or share personal data with any other parties.

8. Specific Regional Clauses

To address specific privacy rights and requirements under various global regulations, this section outlines region-specific clauses to ensure compliance with local laws. If you reside in any of these jurisdictions, additional rights may apply to you.

8.1 European Union (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access, correct, or delete your personal data.
  • Restrict or object to the processing of your data.
  • Data portability: Receive your personal data in a machine-readable format.
  • Withdraw consent at any time without affecting the lawfulness of processing conducted before withdrawal.
  • Data Transfers: Personal data may be transferred outside the EU only if appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place.
  • Supervisory Authority: You can lodge a complaint with your local Data Protection Authority (DPA).

We process your personal data based on the following legal grounds:

  • Consent (Article 6(1)(a))
    Contact forms, newsletter subscriptions, marketing communications, demo access.
    Tracking cookies and analytics (explicit consent required).
  • Performance of a Contract (Article 6(1)(b))
    Account registration, service subscriptions, customer support, license management.
  • Legal Obligation (Article 6(1)(c))
    Compliance with privacy laws, accounting and invoicing, responding to legal requests.
  • Vital Interests (Article 6(1)(d))
    Protecting user safety in emergencies.
  • Legitimate Interests (Article 6(1)(f))
    Service improvements, fraud prevention, security monitoring, business communications.

8.2 ePrivacy Directive

Under the ePrivacy Directive (Directive 2002/58/EC), European users have the following rights regarding electronic communications and cookies:

  • Consent for Cookies and Tracking Technologies: Article 5(3) requires prior consent for any non-essential cookies or similar technologies used to access or store information on a user’s device. This consent must be informed, specific, and freely given. Exceptions include cookies that are strictly necessary for the transmission of communications or for providing a service explicitly requested by the user. Users have the right to refuse or withdraw consent at any time.
  • Confidentiality of Communications: Communication data, including metadata, must remain confidential unless explicitly permitted or required by law.
  • Opt-In for Marketing Communications: Marketing via electronic channels requires prior user consent, with an option to withdraw consent at any time.
  • Transparency: Clear information about the purpose and duration of cookies or tracking technologies must be provided, along with tools to manage preferences.

8.3 United States (CCPA/CPRA)

California Consumer Privacy Act (CCPA). California residents have the right to:

  • Know: Request information about the personal data we collect and how it is used.
  • Request Deletion: Ask for the deletion of personal data, subject to applicable legal and contractual obligations.
  • Opt-Out: Opt-out of the sharing of personal information where applicable.
  • Non-Discrimination: Exercise your privacy rights without facing discrimination or changes to service quality.

Data Sharing Practices: We do not sell personal data. Data is only shared when:

  1. You have provided opt-in consent for specific purposes.
  2. It is required to fulfill legal or contractual obligations, such as invoice documentation for the purchase of licenses or services, which is retained for up to 5 years in compliance with accounting and legal requirements.

To opt-out of any applicable data sharing, use the tools provided on our site or contact us at support@aesirx.io.

Data Processing Notice: We collect limited categories of personal information, including:

  • Identifiers: Such as name, email address, and related account details.
  • Internet Activity: Such as browsing behavior on our website.
  • Geolocation Data: Only if necessary for providing services or as part of consented use.

Children's Privacy: We do not knowingly collect data from individuals under 13 years of age, in compliance with the Children’s Online Privacy Protection Act (COPPA)

8.4 Brazil (LGPD)

Lei Geral de Proteção de Dados (LGPD). Brazilian users have the following rights:

  • Confirm the existence of data processing and access your personal data.
  • Correct incomplete or outdated data.
  • Anonymize, block, or delete unnecessary or excessive data.
  • Data portability upon request.
  • Revoke consent at any time.

8.5 Canada (PIPEDA)

Personal Information Protection and Electronic Documents Act (PIPEDA). Canadian users have the right to:

  • Access and correct personal data held about them.
  • Withdraw consent for certain types of data processing.
  • File a complaint with the Office of the Privacy Commissioner of Canada (OPC) if they feel their data rights have been violated.
  • When transferring data outside Canada, we ensure contractual obligations that align with PIPEDA requirements.

8.6 Japan (APPI)

Act on the Protection of Personal Information (APPI). Japanese users have the right to:

  • Request disclosure of their personal data.
  • Correct, add, or delete personal data that is inaccurate.
  • Cease the use or sharing of personal data if it violates APPI.
  • Personal data transferred outside Japan is subject to adequate protection standards or user consent.

8.7 Australia (Privacy Act 1988)

Australian Privacy Principles (APPs). Australian users can:

  • Access and correct personal information held about them.
  • Make a complaint about the misuse of personal data.
  • Personal data is disclosed only to countries with comparable privacy laws or through explicit user consent.

8.8 India (DPDP Act, 2023)

Digital Personal Data Protection Act. Indian users have the right to:

  • Access, correct, or erase their personal data.
  • Data portability upon request.
  • Lodge complaints with the Data Protection Board of India.
  • Purpose Limitation: Data is processed only for specified, lawful purposes and retained for the duration necessary to fulfill these purposes.

8.9 Vietnam (PDPL)

Personal Data Protection Law (PDPL). Vietnamese users are entitled to:

  • Be informed about how their personal data is processed.
  • Consent to the collection, use, or sharing of personal data, except where exemptions apply (e.g., for legal obligations).
  • Access and correct their personal data.
  • Object to processing that negatively affects their rights.
  • Request the deletion of their data unless required to be retained by law.
  • Cross-border transfers of personal data comply with Vietnam’s requirements, ensuring that foreign data recipients meet adequate protection standards.

For regions not explicitly mentioned, we comply with privacy laws applicable to our operations and users. If local laws grant additional rights not outlined in this policy, AesirX will respect those rights as required by applicable law. Users can contact support@aesirx.io for region-specific inquiries.

9. Data Subject Rights

As per GDPR and applicable privacy laws, you have the following rights regarding your personal data:

1. Access Your Data: You have the right to request a copy of the personal data we hold about you.

  1. How to Exercise This Right: Contact us at support@aesirx.io with the subject line "Data Access Request." Include details to help us verify your identity.

2. Rectify Incorrect Data: You can request corrections to any inaccurate or incomplete data.

  1. How to Exercise This Right: Email us at support@aesirx.io specifying the data to be corrected and any supporting information.

3. Request Erasure: You may request the deletion of your personal data, subject to legal retention requirements.

  1. How to Exercise This Right–Deletion Process:
    • Automatic Deletion: When consent is revoked, off-chain data linked to that consent is automatically deleted instantly.
    • Manual Deletion: Submit a "Data Deletion Request" by emailing support@aesirx.io. Clearly state the data you wish to have deleted. Data will be reviewed and securely deleted within 30 days unless legal retention requirements apply. You will be notified if data cannot be deleted due to such requirements.
    • Confirmation: Confirmation of deletion is provided via email or directly through the AesirX Shield of Privacy interface.
    • Off-chain Data: Sensitive data, such as usernames, email addresses, transaction details, and consent preferences, is securely stored off-chain using advanced encryption protocols and strict access controls. Since your data is only used with your explicit consent, this can be managed or revoked through tools like the AesirX Shield of Privacy or any WalletConnect-compatible wallet, including Concordium’s CryptoX Wallet and others. You can also request deletion of data through our support team at support@aesirx.io

4. Restrict Processing: You can request a limitation on the processing of your data under certain circumstances, such as contesting accuracy.

  1. How to Exercise This Right: Send an email to support@aesirx.io detailing your request and the reason for restricting processing.

5. Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format.

  1. How to Exercise This Right: Submit a "Data Portability Request" to support@aesirx.io specifying the data you need transferred.

6. Object to Processing: You can object to the processing of your personal data, such as for direct marketing.

  1. How to Exercise This Right: Email us with the subject line "Objection to Processing" at support@aesirx.io specifying the type of processing you wish to stop.

7. Withdraw Consent: You may revoke any consent you’ve provided at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

  1. How to Exercise This Right: Adjust your consent preferences through the AesirX Shield of Privacy or contact us for support at support@aesirx.io

Note: If you have provided Consent for data usage, such as for AesirX Analytics, and later choose to revoke it (through AesirX Shield of Privacy), your data will be removed automatically. You will NOT need to contact us for this process, as revoking consent triggers automated deletion of the relevant data.

  • Verification Process: To ensure security and compliance, we may request proof of identity before processing any rights-related request.
  • Response Timeframe: We will respond to all rights-related requests within 30 days. If more time is needed, we will notify you and provide a reason for the delay.

10. Third-Party Websites

Our Site may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third-party's site. We strongly advise you to review the Privacy Policy of every site you visit. We do not endorse or control these websites and bear no responsibility for their content or activities.

11. Social Media Clause

We may use social media platforms such as Facebook, Instagram, LinkedIn, X, Twitter, Telegram, to share content and engage with users. Interactions with these platforms are governed by their privacy policies. We may also use social media tracking technologies for analytics and advertising purposes, based on your consent, which you can manage through our consent management platform.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to align with global privacy standards and emerging regulations. We will notify you of any changes by posting the new Privacy Policy on this page. For significant updates, users will be notified by email and asked to re-accept the changes.

13. Supervising Authority

If you have concerns about our data processing practices, or are unhappy with AesirX's response to privacy-related concerns, you may contact your local supervisory authority. 

For example:

Europe: For GDPR-related issues, this would typically be the Data Protection Authority (DPA) in your jurisdiction. Contact details for these authorities can be found on their respective websites or through the European Data Protection Board (EDPB) resources.

USA: In the United States, privacy complaints are governed by laws such as the California Consumer Privacy Act (CCPA) or other state-specific regulations.

For a detailed list of applicable laws and regulations, check with your country’s or state’s regulatory authority.

14. Contact Us

If you have any questions about this privacy policy, please contact our privacy team at  support@aesirx.io    

Enjoyed this read? Share the blog!

TABLE OF CONTENTS

  1. 1. Introduction - Who Are We?
  2. 2. Data We Process
  3. 3. How We Use Your Information
  4. 4. How We Store Your Information and For How Long
  5. 5. How We Protect Your Information
  6. 6. Sharing Your Information
  7. 7. GDPR Roles
  8. 8. Specific Regional Clauses
  9. 9. Data Subject Rights
  10. 10. Third-Party Websites
  11. 11. Social Media Clause
  12. 12. Changes to This Privacy Policy
  13. 13. Supervising Authority
  14. 14. Contact Us

share icon

Share Story

Symbol Image
Footer logo

The evolution of Aesir is Aesir + AesirX Icon (the Norse symbol for Necessity)"Needed in order to achieve a particular result"

Discover our weekly privacy insights on LinkedIn Newsletters.

Solutions

Resources

Support

Partnership Opportunities

Terms of ServicePrivacy PolicyRefund Policy

Copyright @ 2025 AesirX
Coin Gecko Logo
Join our Community