Privacy Policy

1. Introduction

Pryvexa AG ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our finance automation platform and related services.

2. Data Controller Information

The data controller for your personal data is:

3. Data We Collect

We collect various types of personal data to provide and improve our services. The data collection includes information you provide directly to us and information we collect automatically when you use our platform:

3.1 Information You Provide

• Contact information (name, email address, phone number)
• Company information (business name, address, industry)
• Account credentials and authentication data
• Financial data related to your business operations
• Communication records and support enquiries

3.2 Automatically Collected Information

• Device and browser information
• IP address and location data
• Usage patterns and platform interactions
• Log files and technical diagnostics

4. How We Use Your Information

We use of your data is based on legitimate business interests and contractual necessity to provide our finance automation services. Specifically, we use your information to:

• Provide and maintain our finance automation platform
• Process transactions and manage your account
• Provide customer support and respond to enquiries
• Improve our services and develop new features
• Ensure platform security and prevent fraud
• Comply with legal obligations and regulatory requirements
• Send important service updates and notifications

5. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Contract Performance: To provide our services as agreed in our terms
• Legitimate Interests: To improve our services and ensure security
• Legal Compliance: To meet regulatory and tax obligations
• Consent: For marketing communications and optional features

6. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

7. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

• With service providers who assist in platform operations
• With banking and payment processing partners
• When required by law or legal proceedings
• To protect our rights and prevent fraud
• In connection with business transfers or mergers

8. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations. Financial data may be retained for up to 7 years as required by European accounting and tax regulations. Account information is typically retained for 3 years after account closure unless longer retention is required by law.

9. Your Rights

Under GDPR, your rights include the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data. You also have the right to withdraw consent where processing is based on consent.

To exercise your rights, please contact us at privacy@pryvexa.world or +49 301527633.

10. International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

11. Security Measures

We implement robust technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption, access controls, regular security assessments, and staff training.

12. Children's Privacy

Our services are designed for business use and are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes through our platform or by email.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

15. Supervisory Authority

You have the right to lodge a complaint with the relevant data protection supervisory authority if you believe we have not handled your personal data in accordance with applicable law. In Germany, this is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).