Contact Us

Privacy Policy

Data Protection & Privacy Policy

At AOL Services, we take your privacy seriously.

Whether you are a client, a business partner, a job applicant, or simply visiting our website, you can trust that your personal data is handled with care, transparency, and in full compliance with data protection regulations.

We recognize that personal data is a valuable asset — one that must be protected not only to meet legal obligations but also to maintain trust and integrity in every interaction.

Our Commitment to Data Protection

We handle all personal and business data responsibly and in accordance with internationally recognized standards for security and quality.
Our certifications reflect our dedication to excellence, reliability, and compliance:

  • ISO 9001:2015 – Quality Management
    Ensures consistent service quality, operational efficiency, and client satisfaction.
  • ISO 27001 – Information Security Management
    Guarantees that all data handling activities are protected by a robust information security framework.
  • DSGVO-Konformitätszertifikat (GDPR Compliance)
    Demonstrates full alignment with the General Data Protection Regulation (EU 2016/679).

These standards ensure that every process — from project management to client communication — is governed by strict quality and information security controls.

  1. Who We Are

AOL Services Sh.p.k.
Rr. Abdi Toptani, Torre Drin, 1001 Tirana, Albania
📧 info@aolservices.al

AOL Services is a professional business process outsourcing (BPO) company providing tailored B2B and B2C solutions.
We help businesses grow efficiently while maintaining strict compliance with data protection, confidentiality, and international quality standards.

As part of our operations, we process personal and corporate data necessary for delivering services, managing relationships, and ensuring legal and contractual compliance.

  1. What Data We Collect

We only collect data necessary for providing and improving our services. Depending on your interaction with us, we may collect:

  • Contact details: name, company name, position, email address, phone number
  • Business correspondence: project specifications, inquiries, and feedback shared through our forms or via email
  • Website usage data: technical information such as IP address, browser type, operating system, referring URLs, and access time
  • Recruitment data (if applicable): CVs, cover letters, and related employment information

We do not collect more data than necessary and we do not sell, trade, or misuse your information. All personal and business data is collected and processed strictly for legitimate purposes.

  1. How We Use Your Data

Your personal and business data is used solely to support and maintain smooth, secure, and efficient service delivery.
Specifically, we process data for the following purposes:

  • To respond to inquiries, provide information about our services, or follow up on requests.
  • To fulfill contracts and manage ongoing business relationships.
  • To improve communication, customer experience, and website functionality.
  • To ensure data security and detect or prevent unauthorized access or misuse.
  • To comply with legal obligations under GDPR and Albanian data protection law.

If you are a business client, project-related information may be stored and processed under strict confidentiality and non-disclosure agreements (NDAs).

All processing activities are based on one or more of the following legal grounds:

  • Your consent (Art. 6(1)(a) GDPR);
  • Performance of a contract (Art. 6(1)(b) GDPR);
  • Legal obligation (Art. 6(1)(c) GDPR); or
  • Legitimate interest (Art. 6(1)(f) GDPR).
  1. Data Security

Data protection is built into every layer of our organization.
Under our ISO 27001 and ISO 9001 frameworks, we apply both technical and organizational measures to protect all data we process, including:

  • Encrypted data storage and secure communications (HTTPS, VPN, SSL/TLS)
  • Strict access control policies — only authorized personnel can access data relevant to their duties
  • Regular internal and external audits to test system integrity
  • Mandatory employee data protection training
  • Continuous improvement through risk assessments and incident response reviews

These measures ensure that data remains confidential, available, and unaltered throughout its lifecycle.

  1. Data Sharing and Third Parties

We work with trusted technology partners, hosting providers, and service contractors who meet or exceed GDPR and ISO 27001 standards.
Any data shared with third parties is governed by Data Processing Agreements (DPAs) ensuring lawful and secure handling.

We do not share your personal data with unrelated third parties unless:

  • It is required for contractual purposes;
  • It is necessary to comply with legal or regulatory obligations; or
  • You have given explicit consent.

Whenever cross-border data transfers are required, AOL Services ensures adequate safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission, or
  • Prior authorization by data protection authorities, when applicable.
  1. Data Retention

We retain personal and business data only for as long as necessary to fulfill contractual, operational, or legal requirements.
After the retention period expires, data is securely deleted, anonymized, or archived according to our internal retention policies.

Examples:

  • Client and project data: retained for the duration of the contract and up to 5 years thereafter for accounting or audit purposes.
  • Contact and inquiry data: deleted once communication is complete and no longer needed.
  • Recruitment data: retained up to 12 months following application closure, unless consent for longer storage is provided.
  1. Your Rights

In accordance with GDPR and Albanian law, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Request erasure of your data (“right to be forgotten”).
  • Restrict processing in specific circumstances.
  • Object to processing based on legitimate interest.
  • Withdraw consent at any time.
  • Data portability – request transfer of your data in a structured, machine-readable format.

To exercise your rights, please contact us at info@aolservices.al.
We will process your request within a reasonable timeframe and in accordance with legal obligations.

If you believe your data has been misused, you have the right to lodge a complaint with the Commissioner for the Right to Information and Protection of Personal Data (Komisioneri për të Drejtën e Informimit dhe Mbrojtjen e të Dhënave Personale) in Albania, or your local EU data protection authority.

  1. International Data Transfers

While AOL Services primarily processes data within the European Economic Area (EEA), certain activities or hosting arrangements may involve limited international data transfers.
Such transfers are always conducted in accordance with GDPR Chapter V, using one of the following mechanisms:

  • Adequacy decisions of the European Commission;
  • Standard contractual clauses (SCCs); or
  • Explicit consent from the individual concerned.

No data is transferred without appropriate legal safeguards.

  1. Continuous Improvement and Auditing

Our data protection practices are reviewed regularly through:

  • Internal compliance audits
  • External certification audits (ISO and GDPR compliance reviews)
  • Risk and impact assessments for new processes or technologies

We also maintain a structured Incident Response Plan, ensuring that any breach or suspected breach is identified, mitigated, and reported according to GDPR Articles 33–34.

  1. Updates to This Policy

This Privacy Policy may be updated periodically to reflect new regulatory requirements, operational changes, or security improvements.
The latest version will always be available at www.aolservices.al/privacy-policy and will indicate the date of the most recent revision.

Last updated: November 2025

Contact

If you have questions, concerns, or complaints regarding data protection or privacy practices at AOL Services, please contact:

Data Protection Contact
AOL Services Sh.p.k.
Rr. Abdi Toptani, Torre Drin, 1001 Tirana, Albania
📧 info@aolservices.al