How AAMOS meets its obligations under the General Data Protection Regulation.
AAMOS is committed to compliance with the General Data Protection Regulation (EU 2016/679). We act as a data processor for our customers and have implemented technical and organisational measures to meet our Article 28 obligations. Our EU operations are managed by Landvex AB, Sweden.
Landvex AB — Sweden, org.nr 559141-7042
Contact: privacy@landvex.com
| Processing Activity | Legal Basis (GDPR Art.) |
|---|---|
| Account management and authentication | Art. 6(1)(b) — Contractual necessity |
| API usage logs | Art. 6(1)(b) — Contractual necessity |
| Billing and payment | Art. 6(1)(b) — Contractual necessity; Art. 6(1)(c) — Legal obligation |
| Security monitoring | Art. 6(1)(f) — Legitimate interests |
| Processing customer-submitted biometric data | Art. 9(2)(a) — Explicit consent of data subject (controlled by customer) |
| Service communications | Art. 6(1)(b) — Contractual necessity |
AAMOS respects and facilitates the following rights for data subjects whose data we process:
To exercise any right, contact privacy@landvex.com. We respond within 30 days.
Where personal data is transferred from the EU/EEA to the United States, such transfers are governed by Standard Contractual Clauses (SCCs) as approved by the European Commission in Decision 2021/914. A copy of the applicable SCCs is available on request.
Sub-processor transfers are covered by back-to-back SCCs or EU adequacy decisions. See our Data Processing Agreement for the current sub-processor list.
Data subjects may also lodge a complaint with the supervisory authority in their country of residence.
Data protection enquiries: privacy@landvex.com