Privacy Policy of adviqo GmbH
Updated 18.09.2023
​
The following data protection declaration applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, apps and external online presences, such as our social media profiles.
The protection of users' and customers' personal data is of the utmost importance to us. Our Privacy Policy complies with the provisions of the EU Data Protection Regulation (EU GDPR) and the UK Data Protection Regulation (UK GDPR) (together the GDPR). If you are in the European Economic Area or the UK, we will generally transfer your personal data in accordance with the relevant standard contractual clauses for the transfer of personal data to third countries (e.g. the US). This privacy policy explains what data we hold and how it is used.
In addition to the GDPR, we comply with all data protection laws that apply to us.
Applicable legal basis under the Swiss Data Protection Act:
If you are in Switzerland, we process your data on the basis of the Federal Data Protection Act (DSG for short, valid from 1 September 2023). This also applies if our processing of your data otherwise affects you in Switzerland and you are affected by the processing. The Swiss DPA (unlike the GDPR, for example) does not generally require that a legal basis be specified for the processing of personal data. According to Art. 6 (1) to (3) FADP, the processing of personal data is permissible in particular if it is lawful, is carried out in good faith, is proportionate and is only carried out for a specific purpose that is identifiable for the data subject and is compatible with such processing. The Swiss DPA also specifies certain grounds for justification where processing is specifically permitted. If we cite these grounds for justification in connection with the processing of personal data on the basis of the FADP (e.g. consent pursuant to Art. 31 para. 1 FADP; if the processing is justified by an overriding private or public interest or by a law pursuant to Art. 31 para. 1 and 2 FADP) or if we process your data in direct connection with the conclusion or performance of a contract pursuant to Art. 31 para. 2 lit. a. DPA), we refer to these grounds for justification.
Reference to the applicability of the GDPR and the Swiss DPA:
This privacy statement is intended to provide information under both the Swiss DPA and the GDPR. For this reason, we ask you to note that due to the broader spatial application and comprehensibility, the terms of the GDPR are used. In particular, instead of the terms "processing" of "personal data" and "overriding interest" used in the Swiss DPA, the terms "processing" of "personal data" and "legitimate interest" used in the GDPR are used in this privacy statement. However, the legal meaning of the terms will continue to be determined in accordance with the Swiss DPA within the scope of applicability of the Swiss DPA.
​
We reserve the right to update and/or amend this privacy policy from time to time. Please visit this website periodically to be informed of such changes.
​
Part I - Information on the responsible person and his representative
Name and contact details of the responsible person:
adviqo GmbH
Max-Dohrn-Str. 8 - 10, D10590 Berlin
Phone +49 (0)30 22445 0
Fax +49 (0)30 224455-9100
E-mail: privacy@adviqo.com
Website: www.adviqo.com
​
Contact details of the data protection officer of the data controller:
​
Data protection
c/o adviqo GmbH
Max-Dohrn-Straße 8 - 10, 10589 Berlin
​
Contact details of the representative in the United Kingdom:
For the application of the UK General Data Protection Regulation (UK GDPR), adviqo GmbH is the data controller. Our representative in the United Kingdom is
adviqo UK Limited
Anglia House, 6 Central Avenue, St Andrews Business Park,
Thorpe St Andrew, Norwich, Norfolk, NR7 0HR, United Kingdom
​
Part II - Information on the processing of personal data
What types of data do we collect, how do we collect it and for what purpose?
​A. Interested parties, online offers
1. obligation to provide the data:
The provision of the data is not required by law or contract. The data subject is not obliged to provide the data. However, if the data is not provided, full use of our website will not be possible.
2. objective and legal basis:
The processing of users' personal data is based on our overriding legitimate interests. The relevant interests are generally: (i) the provision of our services (e.g. the websites and apps) for which it is technically necessary for us to process certain personal data (e.g. the IP address, log files); and (ii) communication with you for which it is necessary for us to process your respective personal data. We may also process your personal data where it is in our legitimate interest to develop and improve our services, analyse traffic to better serve all users, analyse our users' likes and dislikes and help us provide a more stable, consistent and secure user experience.
As part of the necessary balancing of interests, we have weighed up your interest in confidentiality against our interests in providing this website and contacting you. In any case, your interest in confidentiality is secondary. Otherwise, we would not be able to provide you with this website with a secure IT infrastructure or to answer your contact request.
The processing of personal data is also necessary for the implementation of pre-contractual measures, which take place at the request of the user, such as customer service, as well as the processing of the contract, including invoicing.
Cookies are data records that are stored by a web server on the end device (e.g. computer, smartphone, tablet) of the user. These are either sent back to our website ("first-party cookie") or to another website to which the cookie belongs ("third-party cookie") when our website is called up again with the same end device.
The storage of information in your terminal device or the access to information already stored in your terminal device takes place on the basis that either (i) you have given your consent or (ii) it is absolutely necessary for us to be able to provide the telemedia service expressly requested by you as a user (Section 25 (2) No. 2 TTDSG).
Otherwise, the legal basis is generally your consent if no specific legal basis is stated below. You can revoke your consent at any time, e.g. by updating your cookie settings. Please note that for technical reasons, this procedure only applies to the end device used in each case.
For users in the US (excluding the Commonwealth of Virginia and the states of Colorado and Connecticut), we may use your personal data to train artificial intelligence (AI) models. For example, if you chat with consultants or other users about our services, we may use those conversations to develop new products, services and tools using AI. We do not use personal data for these purposes from users located in the EU, UK, Virginia, Colorado, Connecticut or any other jurisdiction where such use is not permitted under applicable law.
​
3rd receiver:
Due to our global business activities, your personal data will also be transferred to affiliated companies that operate our worldwide brand portfolio, as listed under link. "Affiliated companies" are legally independent companies that are affiliated with us under company law (cf. §§ 15 ff AktG) and/or belong to the same group.
By "affiliated companies" we mean legally independent companies that belong to the same group of companies. Details of the affiliated companies within our group can be found here: Link.
We share data with affiliates for the purposes of our group activities, including:
-
so that you can provide us, or we can provide you, with various services, including fraud detection and marketing services;
-
so that we can consolidate the information collected by us and our partners to ensure that each partner has the most complete and up-to-date information about you;
-
so that we can efficiently offer you our services in all areas and tailor them to your preferences;
-
for the purposes of group market research/analysis and group satisfaction assessment;
-
to improve our services and develop new tools, features, products and services; and
-
for group marketing purposes. We and our affiliates will ensure that all consents required by applicable law have been obtained before we send direct marketing communications.
​
A data processing agreement and standard contractual clauses have been concluded for the transfer of data within the Group. In addition, a detailed audit is carried out by our data protection officer for each purpose.
We use service providers in the provision of our services and our presence. For example, data is transferred to IT service providers, archiving service providers, external lawyers, external tax consultants and external auditors. These service providers are contractually or legally obliged by us to exercise the same care in processing personal data as we do ourselves.
We may be required to disclose information to courts, authorities, the government or the police.
​
4. International data transmission:
Data transfer to a third country:
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the United Kingdom, or the processing is carried out in the course of using third party services or disclosing or transferring data to other persons, entities or companies, this will only be done in accordance with the law.
Subject to explicit consent or a contractual or legal obligation to transfer data (cf. Art. 49 GDPR), we only process or permit the processing of data in third countries with a recognised level of data protection (Art. 45 GDPR), in the presence of and compliance with a contractual obligation through so-called standard protection clauses of the EU Commission (Art. 46 GDPR) or in the presence of certifications or binding corporate rules (cf. Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
Transatlantic framework for data protection:
Under the Data Privacy Framework (DPF), the EU level of data protection has also been recognised for certain companies in the USA. The list of certified companies and further information on the DPF can be found on the website of the U.S. Department of Commerce at https://www.dataprivacyframework.gov/. Information in German and other languages can be found on the website of the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/eu-us-data-transfers_de. We also inform you about the companies we use that are certified according to the DPF.
Transfer of personal data abroad:
In accordance with the Swiss Data Protection Act (DPA), we only disclose personal data abroad if adequate protection of the data subjects is guaranteed (Art. 15 DPA). If the Federal Council does not determine adequate protection, we take alternative security measures. These may include international agreements, specific guarantees, data protection clauses in contracts, standard data protection clauses approved by the Federal Data Protection and Information Commissioner (FDPIC) or internal company data protection provisions recognised in advance by the FDPIC or a competent data protection authority in another country.
According to Art. 16 FADP, exceptions may be permitted for the disclosure of data abroad if certain conditions are met, including the consent of the data subject, the performance of a contract, a public interest, the protection of life or physical integrity, data made public or data from a register provided for by law. These disclosures are always made in accordance with the law.
Due to our global operations, your personal data may also be transferred to, among others, affiliates outside the EEA or the UK. In some cases, employees of certain service providers may also be located outside the EEA or the UK.
We have entered into a data transfer agreement with our affiliates that governs the cross-border transfer of your personal data within the group. This agreement is based on the EU Commission's Standard Contractual Clauses (which you can view and, where applicable, download here - https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=de), supplemented, where applicable, by the approved addendum from the UK Information Commissioner's Office (which you can view and, where applicable, download here - https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf).
​
Where third parties transfer your personal data outside the EEA or the UK, we will take steps to ensure that your personal data is afforded an adequate level of protection, for example by entering into data transfer agreements or ensuring that the third parties are certified under appropriate data protection regimes.
​
5. storage period:
IP addresses are anonymised after 24 hours at the latest. Pseudonymised usage data is deleted after six months. If we do not explicitly inform you about the storage period of permanent cookies, the storage period can be up to two years.
We do not keep your personal data longer than is necessary for the purpose for which the data is processed. However, please note that we must retain personal data if there is a legal obligation to retain it, e.g. in accordance with Section 257 of the German Commercial Code (HGB) and Section 147 of the German Fiscal Code (AO).
We store your data,
-
if you have consented to the processing, at the longest until you withdraw your consent,
-
if we need the data to fulfil a contract, at most for as long as the contractual relationship with you exists or legal retention periods run,
-
if we use the data on the basis of a legitimate interest, at most for as long as your interest in deletion or pseudonymisation does not outweigh this.
B. Advisor
1. obligation to provide the data:
The provision of the data is not required by law or contract. The data subject is not obliged to provide the data. However, if the data is not provided, counselling is not possible.
2. objective and legal basis:
The processing of personal data of advisors is carried out for the initiation, implementation and settlement of the corresponding advisor contract. This enables the identification of the advisor, the establishment of contact and the implementation of pre-contractual measures. The processing also serves the purpose of corporate communication.
The processing of personal data of consultants is carried out for the fulfilment of legal obligations for proper accounting in coordination with external tax consultants and/or auditors as well as retention obligations under commercial and tax law.
The processing of personal data of consultants is also based on our overriding legitimate interest. It is necessary for us to process your personal data for documentation and possible evidence to courts or authorities.
Within the framework of the necessary balancing of interests, we have weighed up your interest in confidentiality against our interest in effective documentation and evidence. In any case, your interest in confidentiality must take a back seat. Otherwise, we would not be in a position to meet any justification requirements vis-à-vis state institutions.
​
3rd receiver:
Due to our global operations, your personal data will also be transferred to affiliates that operate our global portfolio of brands, as listed here: Link.
By "affiliated companies" we mean legally independent companies that belong to the same group of companies. Details of the affiliated companies within our group can be found here: Link.
We share data with affiliates for the purposes of our group activities, including:
-
so that they can offer us, or we can offer them, various services, including fraud detection and marketing services;
-
so that we can consolidate the information collected by us and our partners to ensure that each partner has the most complete and up-to-date information about you;
-
so that we can efficiently offer you our services in all areas and tailor them to your preferences;
-
for the purposes of group market research/analysis and group satisfaction assessment;
-
to improve our services and develop new tools, features, products and services; and
-
for group marketing purposes. We and our affiliates will ensure that all consents required by applicable law have been obtained before we send direct marketing communications.
We use service providers for the provision of our services. Data is therefore transferred to shipping service providers, IT service providers, accounting service providers, archiving service providers, external lawyers, external tax consultants and external auditors. These service providers are contractually or legally obliged by us to exercise the same care in processing personal data as we ourselves do.
In certain circumstances, we may be required to disclose information to courts, authorities, the government or the police.
​
4. data transfer to third countries:
Due to our global operations, your personal data may be transferred to, among others, affiliates outside the EEA or the UK. The employees of certain service providers may also be located outside the EEA or the UK.
We have entered into a data transfer agreement with our affiliates that governs the cross-border transfer of your personal data within the Group. This agreement is based on the EU Commission's Standard Contractual Clauses (which you can view and, where applicable, download here - https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=de), supplemented, where applicable, by the approved addendum from the UK Information Commissioner's Office (which you can view and, where applicable, download here - https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf).
Where third parties transfer your personal data outside the EEA or the UK, we will take steps to ensure that your personal data receives an adequate level of protection, for example by entering into data transfer agreements or by ensuring that the third parties are certified under appropriate data protection regimes.
​
5. storage period:
We do not keep your personal data longer than is necessary for the purpose for which this personal data is processed. However, please note that we must retain personal data if there is a legal obligation to retain it, e.g. in accordance with Section 257 of the German Commercial Code (HGB) and Section 147 of the German Fiscal Code (AO).
We store your data,
-
if you have consented to the processing, at the longest until you withdraw your consent,
-
if we need the data to fulfil a contract, at most for as long as the contractual relationship with you exists or legal retention periods run,
-
If we use the data on the basis of a legitimate interest, at most for as long as your interest in deletion or pseudonymisation does not outweigh this.
Applicant data for a counsellor position will be automatically deleted after 6 months if no contract is concluded.
​
C. Customers
1. obligation to provide the data:
The provision of the data is not required by law or contract. The data subject is not obliged to provide the data. However, if the data is not provided, it is not possible to use our service or create a customer account.
2. objective and legal basis:
The processing of personal data is carried out for the initiation, implementation and execution of the corresponding contract. This enables the identification of the customer, the establishment of contact and the implementation of pre-contractual measures. The processing of personal data is also necessary for the implementation of pre-contractual measures that take place at the request of the customer, such as customer service.
The processing of personal data of customers is carried out for the fulfilment of legal obligations for proper accounting in coordination with external tax advisors and/or auditors as well as retention obligations under commercial and tax law.
The processing of customers' personal data is also based on our overriding legitimate interest. The relevant interests are generally: (i) the provision of our services (e.g. the Websites and Apps) for which it is technically necessary for us to process certain personal data (e.g. IP address); and (ii) communicating with you for which it is necessary for us to process your respective personal data. We may also process your personal data where it is in our legitimate interest to develop and improve our services, analyse traffic to better serve all customers, analyse our customers' likes and dislikes and help us provide a more stable, consistent and secure customer experience.
As part of the necessary balancing of interests, we have weighed up your interest in confidentiality against our interests in providing this website and contacting you. In each case, your interest in confidentiality takes precedence. Otherwise, we would not be able to provide you with this website or respond to your contact request.
3rd receiver:
Due to our global operations, your personal data will also be transferred to affiliates that operate our global portfolio of brands, as listed here: Link.
​
By "affiliated companies" we mean legally independent companies that belong to the same group of companies. Details of the affiliated companies within our group can be found here: Link.
We share data with affiliates for the purposes of our group activities, including:
-
so that they can offer us, or we can offer them, various services, including fraud detection and marketing services;
-
so that we can consolidate the information collected by us and our partners to ensure that each partner has the most complete and up-to-date information about you;
-
so that we can efficiently offer you our services in all areas and tailor them to your preferences;
-
for the purposes of group market research/analysis and group satisfaction assessment;
-
to improve our services and develop new tools, features, products and services; and
-
for group marketing purposes. We and our affiliates will ensure that all consents required by applicable law have been obtained before we send direct marketing communications.
​
We use service providers for the initiation, execution and processing of our contracts and the provision of our services. Data is therefore transferred to postal, forwarding and shipping companies, IT service providers, accounting service providers, archiving service providers, external lawyers, external tax consultants or external auditors. These service providers are contractually or legally obliged by us to exercise the same care in processing personal data as we ourselves do.
In certain circumstances, we may be required to disclose information to courts, authorities, the government or the police.
4. data transfer to third countries:
Data is transferred to third countries outside the European Union or the United Kingdom (e.g. the USA). This is done on the basis of standard contractual clauses provided for by law and, where applicable, additional technical and organisational safeguards designed to ensure adequate protection of your data, which you can view on request.
We have entered into a data transfer agreement with our affiliates and service providers that governs the cross-border transfer of your personal data within the Group. This agreement is based on the EU Commission's Standard Contractual Clauses (which you can view and, where applicable, download here - https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=de), supplemented, where applicable, by the approved addendum from the UK Information Commissioner's Office (which you can view and, where applicable, download here - https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf).
Where third parties transfer your personal data outside the EEA, we will take steps to ensure that your personal data receives an adequate level of protection, for example by entering into data transfer agreements or ensuring that the third parties are certified under appropriate data protection regimes.
5. storage period:
We do not keep your personal data longer than is necessary for the purpose for which this personal data is processed. However, please note that we must retain personal data if there is a legal obligation to retain it, e.g. in accordance with Section 257 of the German Commercial Code (HGB) and Section 147 of the German Fiscal Code (AO).
We store your data,
-
if you have consented to the processing, at most until you withdraw your consent,
-
if we need the data to fulfil a contract, at most for as long as the contractual relationship with you exists or legal retention periods run,
-
if we use the data on the basis of a legitimate interest, at most for as long as your interest in deletion or pseudonymisation does not outweigh this.
​
D. Existence of automated decision making
Based on AI and algorithms, the following decisions are made:
-
Admissibility of certain payment methods such as Sepa/Postpayment.
-
Allocation of certain promotions
-
Display of certain advisors who (should) make more turnover with clients
-
Starting the free call for new customers
​
Part III - Information on the rights of data subjects
Rights of the data subject to information as well as to rectification or erasure or to restriction of processing or a right to object to processing as well as the right to data portability:
If your personal data is processed, you are a data subject within the meaning of the GDPR. As a data subject, you have the right - partly under certain conditions - to:
-
request information about the processing of your data,
-
have your data corrected and/or completed,
-
Have your data deleted or blocked,
-
restrict the processing of your data,
-
object to the processing of your data,
-
Receive your data in a transferable format and transmit it to a third party,
-
revoke your consent to the processing of your data for the future; and
-
complain to the competent supervisory authority about unlawful data processing. The competent supervisory authority is the Berlin Commissioner for Data Protection and Freedom of Information.
Part IV - Use of cookies
With your consent, where necessary, our website uses cookies and other identifiers. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
For more information about the cookies used by our services and your rights in relation to them, please see our Cookie Policy linked in the footer of each service. We use Usercentrics as a cookie management tool. You will also find an overview of cookies and identifiers in this tool, which you can use to update your cookie settings.
Legal basis
The legal basis for the use of technically necessary cookies/identifiers is our legitimate interest (Art. 6 para. 1 lit. f) DSGVO). The storage of information in your terminal device or the access to information already stored in your terminal device is mandatory so that we can provide the telemedia service expressly requested by you as a user (§ 25 para. 2 no. 2 TTDSG).
Furthermore, the legal basis is usually your consent (Art. 6 para. 1 lit. a) DSGVO, § 25 para. 1 TTDSG). You can revoke your consent at any time, e.g. by deleting the cookies set via the browser settings of your end device. Please note that, for technical reasons, this procedure only applies to the end device used in each case. This may lead to functional restrictions of our online offer.
​
Service provider / processor
1. cookie consent with usercentrics
This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your terminal device and to document it in a data protection compliant manner.
Usercentrics is used to obtain consent for the use of cookies. The legal basis for this is Art. 6 para. 1 S. 1 lit. c DSGVO, § 25 Abs. 1 S. 2 TTDSG.
Service provider: Usercentrics GmbH, Rosental 4, 80331 Munich, Germany
Website: https://usercentrics.com/de/
Privacy policy: https://usercentrics.com/de/datenschutzerklaerung/
Disclosure and processing of personal data: http data (IP address, information about your browser, information about your terminal device, time of your visit to the website, operating system used), storage of cookie consent.
Legal basis for processing: legitimate interest pursuant to Art. 6 para. 1 S. 1 lit. f) DSGVO
​
2. google tag manager
This service allows website tags to be managed via an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn can collect data. However, the Google Tag Manager does not access this data. Google only learns the IP address of the user.
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Website: https://marketingplatform.google.com
Privacy policy: https://policies.google.com/privacy
Types of processing and data processed: https://privacy.google.com/businesses/adsservices
Data processing terms for Google advertising products and standard contractual clauses for data transfers to third countries: https://business.safety.google/adsprocessorterms
3. google fonts
We use the "Google Fonts" component on our website. Google Fonts logs records of CSS and font requests. The aggregated user numbers are used to determine how popular certain font families are. Data from Google's web crawler is also used to determine which websites use Google Fonts. This data is published and available in the Google Fonts BigQuery database.
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Website: https://fonts.google.com/
Privacy policy: https://policies.google.com/privacy.
4. YouTube
For the integration of videos, we use the provider YouTube, among others. When you call up the internet pages of our website that are provided with a plugin - for example our media library - a connection is established to the YouTube servers and the plugin is displayed. In the process, the YouTube server is informed which of our Internet pages you have visited. If you are logged in as a YouTube member, YouTube assigns this information to your personal user account. If you use the plugin, e.g. by clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your YouTube user account and other user accounts of the companies YouTube LLC and Google Ireland Ltd. before using our website and deleting the corresponding cookies of the companies.
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Website: https://www.youtube.com
Privacy policy: https://policies.google.com/privacy
Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de
Settings for the display of advertisements: https://adssettings.google.com/authenticated
​
Part V - California, USA (CCPA)
This section only applies to you if you are a resident of the State of California and only applies to personal information for which we have a "business" (as defined in the CCPA) and does not apply to personal information we collect from you as part of our services to you if you are an employee, owner, director, officer or contractor of a business, partnership, sole proprietorship, non-profit organisation or government agency. It applies to personal information we collect from California residents on or through our Services and in other ways (e.g., offline or in person).
1. overview of the personal data we collect about you
For California residents, the California Consumer Protection Act (CCPA) requires disclosure of the categories of personal information we collect and how we use it, the categories of sources from which we obtain personal information, and the third parties with whom we share that information. We aim to keep the information simple for our users. The categories are listed below, as required by the CCPA. For examples and more information about how we collect and use information, please see our Privacy Policy.
Depending on how you interact with us, we may collect the following categories of data as set out in the table below.
Any personal data we collect about you (as set out below) will come from the categories of sources listed below:
-
From you, including through your use of our services
-
Automatically recorded by you
-
Our Group companies
-
Third parties (e.g. if you give social networks permission to share your data with us or if you have made this data publicly available online).
​
2. categories of business purposes for which we use your data
All categories of personal data that we collect about you (as described above) will be used for the following purposes:
-
Error detection, error reporting and activities to maintain the quality or safety of our services.
-
Review of consumer interactions on our website
-
Other uses that we will inform you about
3. rights and choices in California
If you are a California resident, subject to certain limitations, you have the right to request the following from us:
Disclosure of the personal data we have collected about you, deletion of all data we have collected about you or stored about you. In addition, you may object to the sale of your personal data. As a California resident, you also have the right to appoint an authorised representative to exercise these rights on your behalf.
This section describes how you exercise these rights and how we deal with requests made to us, in particular to verify your identity. If you would like more information about your rights under applicable law or if you would like to exercise any of these rights, please contact datenschutz@adviqo.com.
​
4. access to and deletion of your personal data
1. right of access to your personal data
As a California resident, you have the right to request that we disclose the categories of your personal information that we collect, use or sell. You also have the right to request certain partial disclosures of the personal information we collect about you. However, we are entitled to withhold information the disclosure of which poses too great a risk to you or your personal data (e.g. in the case of financial data or passwords).
2. right to request the deletion of your personal data
You have the right to request that we delete all personal data that we have collected about you/from you.
However, we may withhold certain personal information under applicable law, including personal information necessary to fulfil the following purposes: Providing our services; Protecting our business and system from fraudulent activity; Identifying and correcting errors that affect existing functions; Exercising freedom of expression or other rights necessary for us or others; Complying with law enforcement requests as part of a lawful process; For scientific or historical research; For our own internal purposes that are reasonably related to your relationship with us; or To comply with legal requirements. We need certain types of data to enable us to provide our services to you. If you want us to delete this data, you may no longer have access to our services.
Users residing in California may exercise their privacy rights granted by the State of California by sending their request by email to datenschutz@adviqo.com.
​
5. identification
In addition, for security reasons, we may request additional information from you that is necessary to verify your identity when you apply to exercise your privacy rights in California.
If we have reason to believe that the security of your account has been compromised, depending on the nature of the request and the sensitivity of the information requested, we may request further information from you to check against our records and verify your identity.
If you wish to exercise any of the rights listed here and you do not have an account with us, please contact us by email at datenschutz@adviqo.com. We will then request further data, if possible, in order to carry out the identity check.
6. sale of personal data
The CCPA requires companies that "sell" personal information (as that term is defined in the CCPA) to provide California residents with the right to opt out of such sales. adviqo does not "sell" your personal information as we understand and interpret the term.
7. right to non-discrimination
Users residing in California have the right not to be discriminated against when exercising their rights as described in this section. We do not discriminate against users who exercise their rights under the CCPA.
​
Part VI - Brazil (LGPD)
For users who are resident in Brazil, the following additional provisions apply:
Legal provisions on data processing that comply with the GDPR can be found in Art. 7 LGPD.
1. additional rights
In addition to the rights already set out, you have the right to request confirmation of the existence of the processing. Access to your data will be provided, at your choice, either in simplified and printed form or in electronic form or by means of a clear and complete statement indicating the origin of the data, the non-existence of the data set, the criteria used and the purpose of the processing, in compliance with commercial and industrial confidentiality and within fifteen days from the date of your request. To request confirmation or access to your data, please send a request to the following e-mail address: datenschutz@adviqo.com, or use the contact details provided above and indicate the form in which you would like to receive the information requested.
You also have the right to request the anonymisation of data that is not necessary or excessive, or of data that has been processed in breach of the provisions of the LGPD, unless we are required by law to retain your personal data (see Art. 16 LGPD). To do so, please submit a request to the following email address: datenschutz@adviqo.com
In the case of fully automated processing of personal data, you have the right to request a review by a natural person if the automated decision affects your interests. We will therefore provide clear and sufficient criteria and procedures for the automated decision, subject to commercial and industrial confidentiality.
2. data security
We use technical and administrative measures to protect your personal data against unauthorised access and accidental or unlawful destruction, loss, alteration, transfer or disclosure and to prevent the occurrence of damage resulting from the processing of personal data. Please note that despite our best efforts, no security measure is perfect or unassailable. However, should a security incident occur, we will inform you in accordance with applicable law.
​
Part VII - DECLARATION ON DATA PROTECTION IN THE SOCIAL MEDIA
adviqo GmbH maintains various online presences in social networks to which the following data protection declaration applies. This privacy policy summarises and describes all social media used by adviqo GmbH.
Please note that your data may be processed outside the European Union. This may result in risks for you, for example because it may be more difficult to enforce your rights.
For a detailed presentation of the respective forms of processing and the options to object (opt-out), we refer to the data protection declarations and information of the operators of the respective networks.
If you assert data subject rights against us regarding processing on a social network, we will refer you directly to the social network, as we ultimately do not have the technical possibilities and technical authorisations to comply with your request.
​
Name and address of the responsible persons:
Jointly responsible for the operation of the respective online presence within the meaning of the EU General Data Protection Regulation (DSGVO) is the respective operator of the network (see identity in the respective area of the social network) and the
adviqo GmbH
Max-Dohrn-Str. 8-10, 10589 Berlin
Phone +49 (0)30 224455-0
Fax +49 (0)30 224455-9100
Website: www.adviqo.com
Contact information of the data protection officer: privacy@adviqo.com
Processing
We also process the data from your use of our online presences in the social networks that you voluntarily provide there (e.g. in a comment or in a message to us) as well as information from the analysis and statistics tool of the respective social network. Personal data that you provide to us as part of an enquiry or message will only be processed by us for the purpose of handling your enquiry/message. adviqo deletes messages from completed processes from the inbox after one year at the latest. Whether and for how long the social networks create backups of these messages is not known to us and can only be answered by the social networks themselves. In accordance with the terms of use of the social networks, to which each user has agreed as part of the creation of a profile on the respective social network, we can identify the subscribers of the online presence on the respective social network and view their profiles and other information shared by them. Should you no longer wish the described data processing by us in the future, we ask you to "unfollow" our online presence on the respective social network or to no longer interact with us or our posts.
​
Facebook and Instagram
We are jointly responsible with Facebook Ireland Ltd for collecting (but not further processing) data from visitors to our Facebook page (also referred to as a "fan page"). This data includes information about the types of content you view or interact with, or the actions you take (see under "Things You and Others Do and Provide" in the Facebook Privacy Policy: https://www.facebook.com/policy), as well as information about the devices you use (e.g. IP addresses, operating system, browser type, language settings, cookie data; see under "Device Information" in the Facebook Privacy Policy: https://www.facebook.com/policy). As explained in the Facebook Privacy Policy under "How do we use this information?", Facebook also collects and uses information to provide analytics services, called "Page Insights", to Page operators to give them insights into how people interact with their Pages and the content associated with them. We have entered into a special agreement with Facebook ("Page Insights Information", https://www.facebook.com/legal/terms/page_controller_addendum), which regulates in particular which security measures Facebook must comply with and in which Facebook has agreed to fulfil the data subject rights (i.e. you can, for example, send requests for information or deletion directly to Facebook). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with Facebook. Further information can be found in the "Information on Page Insights" (https://www.facebook.com/legal/terms/information_about_page_insights_data).
​
-
Types of data processed: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photos, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
-
Data subjects: Users (e.g. website visitors, users of online services).
-
Purposes of processing: contact requests and communication, tracking (e.g. interest/behaviour profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors).
-
Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
-
Services and service providers used:
​
a) Instagram:
Social network
Service provider: Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA
Parent company: Meta Platforms, Inc. 1601 Willow Road Menlo Park, CA 94025 United States
Website: https://www.instagram.com
Privacy policy: https://instagram.com/about/legal/privacy.
b) Facebook:
Social network
Service provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Parent company: Meta Platforms, Inc. 1601 Willow Road Menlo Park, CA 94025 United States
Website: https://www.facebook.com
Privacy policy: https://www.facebook.com/about/privacy
Possibility of objection (opt-out):
Ad settings: https://www.facebook.com/adpreferences/ad_settings (Facebook login is required).
c) YouTube:
Social network and video platform
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy policy: https://policies.google.com/privacy
Possibility of objection (opt-out): https://adssettings.google.com/authenticated
d) Pinterest
Social network
Service provider: Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA
Website: https://www.pinterest.com
Privacy Policy: https://about.pinterest.com/de/privacy-policy, https://business.pinterest.com/de/pinterest-advertising-services-agreement/ (ANNEX A: Pinterest Data Sharing Annex).