Privacy Policy

Last Updated: January 12 2026

Effective Date: January 12 2026

Company: MB Griaustinis Media, Kaunas, Lithuania

Website: aylesbury.io

1. Introduction

MB Griaustinis Media ("Company," "we," "us," or "our") operates the aylesbury.io data governance platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We take your privacy seriously. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Information

When you create an account or use the Service, we collect:
  • Full name or company name
  • Email address
  • Phone number (optional)
  • Company/organization information
  • Billing address and payment information
  • Username and password
  • Profile information you choose to provide

Customer Data (Your Data)

You upload or provide data through the Service ("Customer Data"). This may include:
  • Data files, datasets, or data sources you choose to analyze
  • Metadata, schema information, and data lineage
  • Classification tags and governance information you create
  • Audit logs and activity within the Service
Important: You are responsible for ensuring you have proper authority and consents to process any personal data through the Service. We treat all Customer Data as confidential and process it only as you direct.

Communication Data

When you contact our support team or communicate with us:
  • Email messages and attachments
  • Chat messages through support portal
  • Support tickets and their content
  • Feedback and feature requests

2.2 Information Collected Automatically

Usage Information

We automatically collect information about your interactions with the Service:
  • Pages or features you access and time spent on them
  • Clicks, views, and actions within the Service
  • Searches and queries you perform
  • API calls and integrations you use
  • Data upload/export activities

Device and Browser Information

  • Device type (desktop, tablet, mobile)
  • Operating system and version
  • Browser type and version
  • IP address
  • Device identifiers

Cookies and Similar Technologies

We use cookies to:
  • Keep you logged in to your account
  • Remember your preferences and settings
  • Track and analyze Service usage
  • Prevent fraud and ensure security
You can control cookies through your browser settings. However, disabling cookies may limit Service functionality.

Analytics

We use analytics tools (such as basic server logs and optional analytics) to understand how users interact with the Service. This helps us improve performance and features.

2.3 Information from Third Parties

  • Payment processors (payment status, transaction history)
  • Data from integrations you authorize (if you connect external systems)

3. How We Use Your Information

3.1 Account and Service Provision

We use your information to:

  • Create and maintain your account
  • Provide, maintain, and improve the Service
  • Process payments and billing
  • Send transactional emails (account confirmations, password resets, billing notifications)
  • Respond to customer support requests
  • Comply with your data governance and compliance requests

3.2 Service Improvement

We use aggregated and anonymized data to:
  • Analyze trends and usage patterns
  • Identify bugs and performance issues
  • Develop new features
  • Improve user experience and interface
  • Conduct research and analytics

3.3 Security and Compliance

We use your information to:
  • Detect, prevent, and address fraud and security issues
  • Enforce our Terms of Service and other agreements
  • Protect against malicious or illegal activities
  • Comply with legal obligations and regulatory requirements
  • Protect the rights, privacy, and safety of our users and the public

3.4 Communication

We may send you:

  • Service updates and announcements
  • Security alerts and compliance notifications
  • Educational content about data governance
  • Product tips and best practices
You can opt out of non-essential communications by clicking "unsubscribe" in our emails or adjusting your notification preferences.

3.5 What We DON'T Do

We never:
  • Sell your personal information to third parties
  • Sell your Customer Data to anyone
  • Use your data for marketing purposes (except to tell you about Service updates)
  • Combine your data with other customers' data
  • Train AI models on your personal information or Customer Data
  • Share your data with third parties except as required by law or as described below

4. How We Share Your Information

4.1 With Your Consent

We only share information with third parties when you explicitly consent (e.g., connecting integrations, sharing reports).

4.2 Service Providers

We share limited information with service providers who help us operate the Service, including:
  • Payment processors: Stripe, Wise, or similar - processes payments
  • Email providers: For sending transactional emails
  • Analytics providers: For understanding Service usage
  • Customer support tools: Help manage support tickets
All service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.3 Legal Requirements

We may disclose your information if required by law, including:
  • Court orders or legal process
  • Government requests or investigations
  • Regulatory compliance obligations
  • Protection of legal rights, privacy, or safety
When legally permitted, we will notify you of such requests before disclosure.

4.4 Business Transfers

If we are involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before such transfer.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify you individually for research, marketing, or analytics purposes.

5. Your Rights and Choices

5.1 GDPR Rights (EU Residents)

If you are located in the EU, you have the right to:

  • Right of Access: Request a copy of your personal information
  • Right to Rectification: Correct inaccurate information
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to certain processing activities
  • Right to Withdraw Consent: Withdraw consent to data processing at any time
To exercise these rights, contact us at privacy@aylesbury.io. We will respond within 30 days.

5.2 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

  • Know: What personal information is collected, used, and shared
  • Delete: Request deletion of personal information collected
  • Opt-Out: Opt out of the sale or sharing of personal information
  • Correct: Request correction of inaccurate information
  • Limit Use: Limit use and disclosure of sensitive personal information
To submit a request, email privacy@aylesbury.io or use the contact form on our website.

5.3 Other Jurisdictions

If you are in Canada (PIPEDA), Brazil (LGPD), UK, or other jurisdictions, you may have similar rights. Contact us to learn more.

5.4 Communication Preferences

You can control what communications you receive:
  • Click "unsubscribe" in any non-essential email
  • Adjust notification settings in your account preferences
  • Email us at privacy@aylesbury.io to opt out

5.5 Cookie Management

You can control cookies through:
  • Your browser settings
  • Browser plugins that block tracking
  • Do Not Track signals (if your browser supports them)

6. Data Security

6.1 Security Measures

We implement reasonable security measures to protect your information:
  • HTTPS/TLS encryption for data in transit
  • AES-256 encryption for data at rest
  • Role-based access controls
  • Regular security updates and patches
  • Intrusion detection and monitoring
  • Regular backups and disaster recovery
  • Secure data deletion procedures

6.2 Limitations

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials.

6.3 Data Breach Notification

If we discover a security breach affecting your personal information, we will:
  • Notify you without undue delay (typically within 24 hours)
  • Provide details of what information was affected
  • Explain what steps we're taking
  • Report to relevant authorities as required by law

7. Data Retention

7.1 How Long We Keep Information

Account Information

We retain account information while you are an active customer, and for 3 years after termination for legal and accounting purposes.

Customer Data

We retain your Customer Data as long as your account is active. Upon termination:
  • You have 30 days to export your data
  • We delete your data within 60 days
  • Backup copies are deleted within 90 days
  • We may retain data if legally required (we'll notify you)

Support and Communication Records

We retain support tickets and communication records for 2 years to help with troubleshooting and improve our service.

Analytics and Usage Data

Aggregated analytics are retained indefinitely. Individual usage logs are retained for 6 months.

Legal Obligations

We retain information longer if required by law (tax, financial, fraud investigation, etc.).

8. International Data Transfers

8.1 Data Location

Your data is stored on servers in the European Union (AWS data centers in Ireland). If you are outside the EU, your data may be transferred internationally.

8.2 GDPR Data Transfers

For EU residents, we use Standard Contractual Clauses (SCCs) to ensure legally compliant international data transfers. We do not rely on the Privacy Shield framework, which is not valid post-Schrems II.

8.3 Your Consent

By using the Service, you consent to the transfer of your information to the countries where our Service operates, which may include countries with different data protection levels than your home country.

9. Children's Privacy

The Service is not intended for children under 18 years old. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information and terminate the child's account.

If you believe a child has provided us with personal information, please contact us immediately at privacy@aylesbury.io.

10. Third-Party Links

Our Service may contain links to third-party websites and services. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. Please review their privacy policies before providing your information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website with an updated "Last Updated" date
  • Sending you an email notification
  • Requiring your affirmative acceptance if required by law
Your continued use of the Service after updates means you accept the revised Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

12.1 EU Data Protection Officer

If you are in the EU and wish to contact our Data Protection Officer (DPO), email: dpo@aylesbury.io

12.2 Supervisory Authority

If you believe we have violated your privacy rights, you have the right to lodge a complaint with your local data protection authority (in Lithuania: State Data Protection Inspectorate).

Version: 1.0 – Startup Edition

Last Updated: January 2026

Jurisdiction: Lithuania / GDPR / CCPA Compliant

We use cookies

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. Learn more