VALUEX AG PRIVACY POLICY
Data Protection Notice
VALUEX AG (hereinafter “Our”, “We” or “Us”) welcomes you to our internet page (together also referred to as “Online Offers”). We thank you for your interest in our company and our services. This Data Protection Notice is for your use of the services we make available (“Services”) and our website (www.valuex.at). It also applies to your interaction with us through other means such as customer service, discussing or contracting one of our professional services, direct conversations, and events.
1. VALUEX AG respects your privacy
In this Data Protection Notice, we describe what we do with your data when accessing our website, obtain services or products from us, interact with us in any way (e.g. contacting you via social media or e-mail that you disclosed publicly available), communicate with us or otherwise deal with us. When appropriate we will provide a just-in-time notice to cover any additional processing activities not mentioned in this Privacy Notice.
If you disclose data to us or share data with us about other individuals, such as your project team members, co-workers, etc., we assume that you are authorized to do so, and that the relevant data is accurate. When you share data about others with us, you confirm that. Please make sure that these individuals have been informed about this Privacy Notice.
2. Data Controller
Valuex AG is the data controller for the processing of your data.
Address: Landstrasse 123, 9495 Triesen, Liechtenstein
E-mail: enquiries@valuex.at
3. Processed Personal Data, Processing Purposes and Legal Basis
If you are an investor, your personal data will be processed regarding the reasons below.
Processed Personal Data
Processing Purposes
Legal Basis
Name, surname, e-mail, phone number
To contact you to serve our services, to provide these online offers, to reply to your inquiries in the framework of a contact form, to get registration code that is given from us to you.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Name, e-mail address
To reply to your inquiries in the framework of a contact form.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Your social media account
To verify your profile and background.
GDPR 6/1-f legitimate interest of the data controller
Company name, sector, promising to invest per year details
To proof if you would be able to provide mentoring on a voluntary basis.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Your CV*
*: Please do not provide any sensitive data (e.g. health data, foundation membership etc.) on your CV.
To complement your profile – providing your CV is not mandatory.
GDPR 6/1-f legitimate interest of the data controller
Name, surname, e-mail, phone number, your social media account, Company name, sector, your CV
Safeguarding and defending our rights.
GDPR 6/1-f legitimate interest of the data controller
If you are a project owner, your personal data will be processed regarding the reasons below.
Processed Personal Data
Processing Purposes
Legal Basis
Name, surname, e-mail, phone number
To contact you to serve our services, to provide these online offers.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Name, e-mail
To reply to your inquiries in the framework of a contact form.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Website address of your project
In order to evaluate your project.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Website address of your data room
To provide detailed info to interested Professional investors.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Pitch deck, white paper of your project, size of your team, details that are requested from “Apply for Listing” section
To get an overview of your project, and to assess your project and score it within our rating process.
GDPR 6/1-f legitimate interest of the data controller
GDPR 6/1-b processing is necessary for the performance of a contract
Name, surname, e-mail, phone number, company name, Website address of your project, Website address of your data room, Pitch deck, white paper of your project, size of your team, details that are requested from “Apply for Listing” section
Safeguarding and defending our rights
GDPR 6/1-f legitimate interest of the data controller
In addition to above-mentioned data subject types, If you are visitor of our website, your personal data will be processed additionally regarding the reasons below.
Processed Personal Data
Processing Purposes
Legal Basis
Ip address (internet protocol address) of the terminal device used to access the online offer
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
Internet address of the website from which the online offer is accessed (so-called URL of origin or referrer URL);
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
Name of the service provider which was used to access the online offer
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
Name of the files or information accessed
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
Date and time as well as duration of recalling the data
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
Amount of data transferred
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
Operating system and information on the internet browser used, including add-ons installed (e.g., Flash Player)
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
http status code (e.g., “Request successful” or “File requested not found”)
To determine service disruptions and to ensured security, to investigate attack attempts, to collect evidence to defense our rights
GDPR 6/1-f legitimate interest of the data controller
4. Data Transfer
-
Data transfer to other controllers
Principally, your personal data is forwarded to other controllers only if required for the fulfillment of a contractual obligation, or if we ourselves, or a third party, have a legitimate interest in the data transfer, or if you have given your consent. Additionally, data may be transferred to other controllers when we are obliged to do so due to statutory regulations or enforceable administrative or judicial orders.
-
Service Providers
We involve external service providers with tasks such as marketing services, programming, data hosting, and hotline services. We have chosen those service providers carefully and monitor them on a regular basis, especially regarding their diligent handling of and protection of the data that they store. All service providers are obliged to maintain confidentiality and to comply with the statutory provisions.
-
Transfer to Recipients outside the EEA
We might transfer personal data to recipients located outside the European Economic Area (EEA) into so-called third countries. In such cases, prior to the transfer we ensure that either the data recipient provides an appropriate level of data protection or that you have consented to the transfer.
5. Duration of storage, retention periods
Principally, we store your data for as long as it is necessary to render our online offers and connected services or for as long as we have a legitimate interest in storing the data. In all other cases we delete your personal data apart from data we are obliged to store for the fulfillment of legal obligations (e.g. due to retention periods under the tax and commercial codes we are obliged to have documents such as contracts and invoices available for a certain period of time).
6. Cookies
In the context of our online service, cookies and tracking mechanisms may be used. Cookies are small text files that may be stored on your device when visiting our online service. Tracking is possible using different technologies. We process information using pixel technology and/or during log file analysis.
-
Categories
We distinguish between cookies that are mandatorily required for the technical functions of the online service and such cookies and tracking mechanisms that are not mandatorily required for the technical function of the online service. It is generally possible to use the online service without any cookies that serve non-technical purposes.
Technically required cookies
By technically required cookies we mean cookies without those the technical provision of the online service cannot be ensured. These include, e.g. cookies that store data to ensure smooth reproduction of video or audio footage.
Such cookies will be deleted when you leave the website.
General
By using marketing cookies and tracking mechanisms we and our partners are able to show you personalized offerings, resulting from an analysis of your interests and user behavior.
Below we explain which mechanisms and tools we use on this online offer:
-
Statistics: By using statistical tools, we measure e.g. the number of your page views.
Please note that using the tools might include transfer of your data to recipients outside of the European Economic Area (e.g. the USA). For more details in this respect please refer to the following description of the individual marketing tools:
-
Name: Google Analytics
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Function: Analysis of user behavior (page retrievals, number of visitors and visits, downloads), creation of pseudonymous user profiles based on cross-device information of logged-in Google users (cross-device tracking), enrichment of pseudonymous user data with target group-specific information provided by Google, retargeting, UX testing, conversion tracking, and retargeting in conjunction with Google Ads
-
Name: LinkedIn Insight Tag
Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
Function: LinkedIn processes your personal data based on your consent via the pixel “LinkedIn Insight Tag” for the creation of campaign reports, tracking of conversions, click events as well as targeted advertising outside our websites (retargeting) based on URL, referrer URL, shortened or hashed IP address (for cross-device retargeting), devices and browser properties (user agent) and time stamp. We do not receive any personal data from you from LinkedIn, only anonymized campaign reports on website audience and ad performance. LinkedIn storage period: pseudonymization after 7 days, final deletion after 180 days. For more information, please visit: https://www.linkedin.com/legal/privacy-policy.
7. Plugins
Our online offers include the use of plugins provided by various social and other networks. These plugins are additional features made available by the network providers. As a default setting, these plugins are inactive.
If you do not wish the providers of the respective networks to receive data about your use of this online offer and possibly to store or further use this data, you should not activate the respective plugins.
Collection of data by providers
When a plugin is activated, your internet browser establishes a direct connection to the respective provider’s servers. Even if you do not have a user account with the provider or are not currently logged in to such an account, this connection notifies the respective provider that your internet browser has called up the corresponding page of our online offer. If you already have a user account with a provider of a network and are already logged in when you visit our websites, the operator of the respective network may be able to assign the visit to your personal user account as soon as you activate plugins. This may enable the provider to analyze your usage behavior and store it in a profile. In addition, your IP address and other data about your browser settings will be transmitted by your internet browser directly to a server of the respective provider and may be stored there.
Further processing of data by providers
Plugins are additional features made available by network providers. We therefore have no influence on the further processing of the data that the respective network providers’ plugins collect and store.
To find out more about the purpose and scope of each provider’s activities to collect, further process, and delete data, as well as about your respective rights and data protection options, please consult the respective provider’s privacy policy.
We use plugins from the providers listed below:
-
X (Formerly known as Twitter)
This online offer uses X and the Services which is operated by X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A.
-
LinkedIn
This online offer uses LinkedIn which is operated by LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA.
-
Telegram
This online offer uses Telegram, which is operated by Telegram FZ LLC, Business Central Towers, Tower A, Office 1003/1004, P.O. Box 501919, Dubai, United Arab Emirates
8. External links
Our online offers may contain links to internet pages of third parties (e.g. project web pages), in particular providers who are not related to us. Upon clicking on the link, we have no influence on the collecting, processing, and use of personal data possibly transmitted by clicking on the link to the third party (such as the IP address or the URL of the site on which the link is located) as the conduct of third parties is naturally beyond our control. We do not assume responsibility for the processing of personal data by third parties.
9. Security
Our employees and the companies providing services on our behalf are obliged to confidentiality and to compliance with the applicable data protection laws. We take all necessary technical and organizational measures to ensure an appropriate level of security and to protect your data that are administrated by us especially from the risks of unintended or unlawful destruction, manipulation, loss, change, or unauthorized disclosure or unauthorized access. Our security measures are, pursuant to technological progress, constantly being improved.
10. User rights
To enforce your rights, please use the details provided in the “Controller” section (see no. 2). In doing so, please ensure that an unambiguous identification of your person is possible.
-
Right to information and access
You have the right to obtain confirmation from us about whether your personal data is being processed, and, if this is the case, access to your personal data.
-
Right to correction and deletion
You have the right to obtain the rectification of inaccurate personal data. As far as statutory requirements are fulfilled, you have the right to obtain the completion or deletion of your data.
This does not apply to data which is necessary for billing or accounting purposes, or which is subject to a statutory retention period. If access to such data is not required, however, its processing is restricted (see the following).
-
Restriction of processing
As far as statutory requirements are fulfilled you have the right to demand restriction of the processing of your data.
-
Data portability
As far as statutory requirements are fulfilled you may request to receive data that you have provided to us in a structured, commonly used and machine-readable format or – if technically feasible – that we transfer that data to a third party.
-
Right of objection
10.5.1 · Objection to direct marketing
Additionally, you may object to the processing of your personal data for direct marketing purposes at any time. Please consider that due to organizational reasons, there might be an overlap between your objection and the usage of your data within the scope of a campaign which is already running.
10.5.2 · Objection to data processing based on the legal basis of “legitimate interest.”
In addition, you have the right to object to the processing of your personal data at any time, insofar as this is based on “legitimate interest”. We will then terminate the processing of your data, unless we demonstrate compelling legitimate grounds according to legal requirements which override your rights.
-
Withdrawal of consent
In case you consented to the processing of your data, you have the right to revoke this consent at any time with effect for the future. The lawfulness of data processing prior to your withdrawal remains unchanged.
-
Right to lodge complaint with supervisory authority
You have the right to lodge a complaint with a supervisory authority. You can appeal to the supervisory authority which is responsible for your place of residence or your state of residency or to the supervisory authority responsible for us.
11. Change of the data protection notice
We reserve the right to change our security and data protection measures. In such cases, we will amend our data protection notice accordingly. Please, therefore, note the current version of our data protection notice, as this is subject to changes.
Version: 1.0.
26/08/2024