GDPR Privacy Notice

Effective Date: January 1, 2025 Last Updated: March 15, 2025 Version: 3.2
This notice complies with the EU General Data Protection Regulation (GDPR) and applicable UK data protection laws. While we have provided comprehensive information, this document serves as a template and should be reviewed by qualified legal counsel to ensure full compliance with your specific operational practices.

01 Introduction

Aevum News ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy. This GDPR Notice explains how we collect, use, store, and share your personal information when you access our news platform, subscribe to newsletters, or interact with our services.

As a media and publishing organization operating across multiple jurisdictions, we process personal data in accordance with the EU General Data Protection Regulation (GDPR), the UK GDPR, and applicable national data protection laws. Our commitment is to process your data transparently, lawfully, and with the highest standards of security.

02 Information We Collect

We only collect personal data that is necessary for the purposes outlined in this notice. The categories of data we collect include:

  • Identity Data: Name, username, or display name.
  • Contact Data: Email address, postal address, or phone number (only when you voluntarily provide it for subscriptions, comments, or inquiries).
  • Usage Data: Pages visited, time spent, click patterns, device type, browser type, IP address, and geographic location.
  • Technical Data: Login data, browser type and version, operating system, and device identifiers for security and compatibility.
  • Preferences Data: News category preferences, newsletter topics, cookie choices, and accessibility settings.
  • Communication Data: Content of messages sent to us via contact forms, support tickets, or email.
Note: We do not collect sensitive personal data (e.g., health, biometric, political opinions, or religious beliefs) unless explicitly required for journalistic purposes and fully compliant with GDPR Article 9 exemptions for journalism.

03 Purposes of Processing

We process your personal data for the following specific purposes:

  • Delivering and personalizing news content and editorial experiences
  • Managing user accounts, subscriptions, and newsletter preferences
  • Authenticating users and securing our platform against fraud or abuse
  • Conducting audience analytics to improve content relevance and site performance
  • Complying with legal obligations (e.g., archiving, copyright enforcement, tax compliance)
  • Responding to user inquiries, feedback, and support requests
  • Sending service-related communications and marketing materials (with explicit consent where required)

05 Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law:

  • Account & Subscription Data: Retained while your account is active, plus 24 months after deletion for fraud prevention and dispute resolution.
  • Newsletter Preferences: Retained until you unsubscribe or request deletion.
  • Usage & Analytics Data: Anonymized and aggregated after 13 months, or retained in raw form only if required for security investigations.
  • Communication Records: Retained for 3 years for customer support and legal compliance purposes.
  • Journalistic Archives: Editorial records may be retained indefinitely per press freedom and historical archiving exemptions, provided personal data is minimized and secured.

06 Sharing & Third-Party Disclosures

We do not sell your personal data. We may share information only with trusted third parties who assist in operating our services, under strict data processing agreements:

  • Cloud & Hosting Providers: For secure infrastructure and content delivery (e.g., AWS, Cloudflare)
  • Analytics Partners: For aggregated, privacy-compliant audience insights (e.g., Matomo, Google Analytics with IP anonymization)
  • Email & Newsletter Services: For delivering subscriber communications (e.g., Mailchimp, SendGrid)
  • Legal & Regulatory Authorities: When required by law, court order, or to protect vital interests

All third-party processors are bound by GDPR-compliant data processing agreements and undergo regular security audits.

07 Your GDPR Rights

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data where no legal basis requires retention.
  • Right to Restrict Processing: Limit how we use your data in certain circumstances.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact our Data Protection Officer (see Section 10). We will respond within 30 days, or notify you of any lawful extensions.

08 Cookies & Tracking Technologies

We use cookies and similar technologies to ensure site functionality, remember preferences, and analyze traffic. Categories include:

  • Strictly Necessary: Required for core functionality (authentication, security). No consent required.
  • Performance & Analytics: Help us understand how visitors interact with the site. Data is anonymized.
  • Functional: Remember preferences like language, region, and newsletter topics.
  • Marketing/Advertising: Used only with explicit consent to deliver relevant content and measure campaign effectiveness.

You may manage or withdraw consent via our Cookie Preference Center, which is accessible from any page via the privacy banner or footer link. Third-party cookies can also be managed through browser settings.

09 International Transfers

As a global news organization, your data may be transferred to and processed in countries outside the European Economic Area (EEA). Where applicable, we ensure adequate protection through:

  • European Commission Adequacy Decisions for recipient countries
  • Standard Contractual Clauses (SCCs) for processors in non-adequate jurisdictions
  • Supplementary technical and organizational safeguards (encryption, access controls, audit logging)

We continuously monitor international data transfer regulations and update our mechanisms to remain fully compliant.

10 Contact & Data Protection Officer

If you have questions about this notice, wish to exercise your rights, or report a data protection concern, please contact us:

Data Protection Officer

dpo@aevumnews.com
+1 (555) 019-2834

Legal & Compliance

legal@aevumnews.com
Global Privacy Team

Postal Address

Aevum News HQ
Privacy & Compliance Dept.
1200 Journalism Ave, Suite 400
New York, NY 10013

You also have the right to lodge a complaint with your local supervisory authority or data protection regulator.

11 Updates to This Notice

We may update this GDPR Notice to reflect changes in our practices, technology, or applicable data protection laws. Material changes will be communicated via email to subscribers and prominently displayed on our website. The "Last Updated" date at the top of this page will indicate when the latest revisions took effect.

For the most current version, please visit aevumnews.com/gdpr-notice.