Contact: privacy@avjv.org
This Privacy Policy explains how we collect, use, and protect personal data when you use our software ("Program"). We are fully committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) (EU) 2016/679. Our website does not request, process, or store any personal data through forms, cookies, analytics, or tracking tools. The only personal information we handle is your email address, collected solely for license management and subscription purposes.
1. Data Controller & Contact
For the purposes of the GDPR, we are the data controller. If you have any questions or wish to exercise your rights, please contact us at:
privacy@avjv.org
2. What Personal Data We Collect
We operate with a strict “data minimization” approach. Our software and associated services do not collect or store any unnecessary data. Specifically:
- Email address — collected when you purchase a license, register the Program, or contact support.
- No names are required (unless you voluntarily share them in correspondence).
- No IP addresses are stored persistently (temporary logs for security are rotated every 24h).
- No payment information — all payments are processed securely by our third-party processor, Paddle.
- No cookies, tracking pixels, or analytics — our website does not embed any tracking mechanisms.
3. How We Collect Your Email
Your email address is collected only in the following scenarios:
- ✅ When you complete a purchase via Paddle (our authorized reseller and payment processor).
- ✅ When you contact us directly for support, license recovery, or billing inquiries.
- ✅ When you register your license key inside the Program (optional activation flow).
We never buy, rent, or harvest email addresses from third parties.
4. Purpose and Legal Basis (GDPR Art. 6)
We process your email address exclusively for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Generate and deliver your license key | Performance of a contract (Art. 6(1)(b)) |
| Verify subscription status & validate license | Performance of a contract (Art. 6(1)(b)) |
| Send essential service communications (e.g., license expiry, security updates) | Legitimate interest (Art. 6(1)(f)) — to ensure uninterrupted service |
| Respond to support or deletion requests | Performance of a contract / Legitimate interest |
We do not use your email for marketing newsletters, promotional emails, or third-party sharing unless you provide explicit opt-in consent. If you later consent to receive updates, you can withdraw consent at any time.
5. Third-Party Data Processors — Paddle (Payment Processing)
We do not sell, rent, or share your personal data with any third parties except as necessary to deliver our service. All license payments are handled by Paddle.com Market Limited (“Paddle”).
🔹 Paddle shares your email address with us after a successful transaction so we can generate your license key and associate it with your account.
🔹 Paddle acts as an independent data controller for payment data. For details about how Paddle processes personal data, please refer to their privacy policy: https://www.paddle.com/legal/privacy.
No other third parties (cloud storage, analytics, CRM) have access to your email address unless required by law or necessary for fraud prevention (and only under strict data protection agreements).
6. Data Storage and Security
Your email address and license information are stored on secure servers located within the European Economic Area (EEA) or in jurisdictions with equivalent data protection standards (EU adequacy decisions or Standard Contractual Clauses). We implement:
- Encryption at rest (AES-256) and in transit (TLS 1.3).
- Role-based access control — only authorized personnel can access license data.
- Regular security audits and vulnerability scanning.
Although we do not store any payment data, we treat your email with the same high level of confidentiality.
7. Data Retention
We retain your email address for as long as your license is active and for a limited period thereafter to comply with legal obligations (e.g., tax, accounting, warranty or fraud prevention).
- Active license period: email retained to verify license and provide updates.
- After license expiration / cancellation: we retain email for up to 36 months unless you request earlier deletion, unless longer retention is required by tax laws (e.g., records for EU VAT).
- If you request erasure under GDPR, we will delete your email from our active systems and backups within 30 days, unless we are legally obligated to retain it (in which case we will inform you).
8. Your Rights Under GDPR (EEA + UK)
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following enforceable rights:
- Right to Access — obtain confirmation whether we process your email and request a copy.
- Right to Rectification — correct any incomplete or inaccurate data (e.g., update email).
- Right to Erasure (“Right to be Forgotten”) — request deletion of your email address and license records. To exercise this right, simply email privacy@avjv.org with the subject “GDPR Deletion Request”. We will process your request within 30 days.
- Right to Restrict Processing — temporarily limit how we use your data.
- Right to Object — object to processing based on legitimate interests (e.g., service emails).
- Right to Withdraw Consent — if any processing is based on consent, you may withdraw it at any time.
- Right to Lodge a Complaint — file a complaint with your local Data Protection Authority (e.g., ICO in UK, CNIL in France, or the Irish DPC).
To exercise any right, please email privacy@avjv.org. We may need to verify your identity (e.g., confirm license ownership) before processing your request.
9. International Data Transfers
We store personal data on servers located within the EEA. When we engage with Paddle (UK-based, with global presence), transfers comply with GDPR requirements using Standard Contractual Clauses (SCCs) and the UK Addendum to ensure adequate protection. Any future subprocessors will be carefully vetted to maintain EU data protection standards.
10. No Website Tracking & No Cookies
Our website (domain where this Privacy Policy is hosted) is purely informational. It does not set cookies, use JavaScript trackers, Google Analytics, or any fingerprinting technology. We do not collect IP addresses, browsing behavior, or device information. You can browse anonymously.
11. Children’s Privacy
The Program is not directed to individuals under the age of 16. We do not knowingly collect personal data from minors. If we become aware that a child under 16 has provided an email address, we will delete that information immediately. Parents or guardians who believe we might have collected information from a minor should contact us.
12. Changes to This Privacy Policy
We may update this Privacy Policy occasionally to reflect operational, legal, or regulatory changes. Any revisions will be posted on this page with a new “Effective Date”. If the changes are material, we will notify you using the email address associated with your license (if active). We encourage you to review this page periodically.
13. How to Request Deletion of Your Data (GDPR Focus)
Send an email to privacy@avjv.org from the registered email address with the subject line: “ERASE MY PERSONAL DATA — GDPR”. Include your license key if available. We will confirm receipt within 72 hours and complete erasure within 30 days, unless we are required by EU or national law to retain certain records (e.g., VAT invoices). If retention applies, we will inform you about the specific legal obligation and the retention period.
14. Contact & Data Protection Officer (DPO)
For general privacy inquiries, rights requests, or if you wish to speak with our representative regarding GDPR compliance, please contact us via email: privacy@avjv.org. We aim to respond within 14 business days.
If you are unsatisfied with our response, you have the right to lodge a complaint with your supervisory authority.