Privacy & Data Protection

Aurelis Technology is committed to protecting the privacy of our clients and their users. We do not store personally identifiable information (PII). The only personal data we collect is email address, first name, and last name — strictly for user authentication and account management.

Our Privacy Principles

  • Transparency — we clearly communicate what data we collect, why, and how it is used
  • Purpose limitation — data is only processed for the specific purposes outlined in our agreements
  • Data minimization — we collect only the data strictly necessary to deliver our services
  • Storage limitation — data is retained only as long as required by the service agreement
  • Integrity and confidentiality — technical and organizational measures protect data against unauthorized access

GDPR Compliance

Aurelis Technology processes personal data in accordance with the EU General Data Protection Regulation (GDPR). The only personal data we process is email address, first name, and last name for user account management. We do not collect or store any other PII. Our lawful basis for processing is the performance of a contract (Article 6(1)(b)) — we process this limited account data solely to provide access to the Aurelis Pricing Suite as agreed with each client.

Data Subject Rights

Individuals whose personal data we process have the following rights under GDPR:

  • Right of access — request a copy of the personal data we hold
  • Right to rectification — correct inaccurate or incomplete personal data
  • Right to erasure — request deletion of personal data when no longer necessary
  • Right to data portability — receive personal data in a structured, machine-readable format
  • Right to restriction of processing — limit how we use personal data in certain circumstances
  • Right to object — object to processing based on legitimate interests

To exercise any of these rights, please contact your organization's administrator or reach out to our privacy team at support@aurelistechnology.com. We respond to all requests within 30 days.

Cookies & Tracking

The Aurelis Pricing Suite uses only essential cookies required for authentication and session management. We do not use advertising cookies, analytics trackers, or any third-party tracking technologies.

Cross-Border Data Transfers

All client data is stored and processed exclusively within the client-chosen AWS region. Aurelis Technology does not transfer client data across borders. This architecture eliminates the need for Standard Contractual Clauses (SCCs) or other cross-border transfer mechanisms for client data.

Data Processing Agreement

Aurelis Technology provides a standard Data Processing Agreement (DPA) to all clients. Our DPA covers data processing scope, security obligations, subprocessor management, breach notification, and data subject rights assistance.

To request a copy of our DPA, contact service@aurelistechnology.com.

Privacy Contact

For privacy-related inquiries, data subject requests, or questions about our data protection practices, please contact our privacy team.

support@aurelistechnology.com