Privacy Policy

1. Who we are

Aikakone is a free, AI-powered watch registry platform based in the Netherlands. We help watch enthusiasts catalog, track, and verify their collections. You can find us at aikakone.io.

2. What data we collect

We collect the following types of personal data:

• Account information: Email address, full name, and account preferences you provide during sign-up.
• Watch data: Brand, model, serial number, purchase date, condition notes, photos, and timeline events you add to your registry.
• Usage data: How you interact with our platform, tracked via PostHog analytics (page visits, feature usage, session duration). This data is anonymized where possible.
• Device data: Browser type, operating system, and device identifiers collected automatically when you visit the platform.

3. How we use your data

We use your data to:

• Provide and maintain the Aikakone service
• Improve our product and user experience
• Send you service updates and account notifications
• Respond to your inquiries and support requests
• Generate anonymized, aggregated analytics
• Comply with legal obligations

4. Legal basis for processing (GDPR)

Under GDPR, we process your data based on:

• Consent: For analytics cookies and optional processing (which you can withdraw anytime).
• Contract performance: To provide the service you've requested when you create an account.
• Legitimate interest: To improve our product, prevent fraud, and operate our business responsibly.

5. Data sharing

We do not sell your personal data. We share data with trusted third parties only as necessary to operate our service:

• Supabase: Cloud database hosting and authentication
• Vercel: Web application hosting
• Resend: Email delivery for account notifications
• PostHog: Product analytics (anonymized)
• Stripe: Payment processing (if you upgrade to a paid plan)

All processors have appropriate data protection agreements in place.

6. AI and automated processing

Aikakone uses AI to provide several features. Here's what that means for your data:

• Serial dating: We process your watch's serial number to estimate its production year. This is an AI-generated estimate, not a certified appraisal. Results should be verified independently for high-value decisions.
• Stolen watch screening: We cross-reference serial numbers against known databases of stolen watches. A match does not constitute proof of theft, and absence of a match does not guarantee legitimacy.
• Market valuation: We analyze market data to provide estimated values. These are informational only and should not be relied upon as professional appraisals.
• Content generation: Some platform content (articles, insights) is generated or assisted by AI and is clearly labeled as such.

No fully automated decisions with legal or significant effects are made about you. You can request human review of any AI-generated output by contacting us.

7. Your rights

Under GDPR, you have the following rights:

• Right of access: Request a copy of your personal data
• Right to rectification: Correct inaccurate data
• Right to erasure: Request deletion of your data (subject to legal requirements)
• Right to data portability: Export your data in a portable format
• Right to restrict processing: Limit how we use your data in certain circumstances
• Right to object: Object to processing based on legitimate interest
• Right to withdraw consent: Opt out of analytics and optional processing at any time
• Right to lodge a complaint: Contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe your rights have been violated

To exercise any of these rights, contact us at hello@aikakone.io. We respond to all requests within 30 days.

8. Data retention

We retain your personal data for as long as your account is active. If you request deletion or close your account, we will delete your data within 30 days, except where we have a legal obligation to retain it. You can request immediate deletion of your account and data at any time by contacting us.

9. Cookies

We use a limited number of cookies:

• Essential cookies: Required for authentication and basic platform functionality. These cannot be disabled.
• Analytics cookies: Used by PostHog to understand how people use the platform. These are optional and you can opt out at any time.

We do not use advertising cookies or share cookie data with advertisers.

10. International data transfers

Some of our service providers process data outside the European Economic Area. When this happens, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or adequacy decisions where applicable.

11. Children's data

Aikakone is not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

12. Security

We take data security seriously. Your personal data is protected using industry-standard encryption (TLS/SSL) in transit and at rest. We conduct regular security audits and maintain strict access controls. In the unlikely event of a data breach that affects your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.

13. Changes to this policy

We may update this privacy policy from time to time. For material changes, we will notify you via email at least 30 days before the changes take effect. Your continued use of Aikakone after such notification constitutes your acceptance of the updated policy.

14. Contact us

If you have questions about this privacy policy or how we handle your data:

You can also review our Terms of Service.