Privacy Policy

Effective: 01/01/2024

Last updated: 11/03/2025

Data Controller Information

Avancio Group AB is the data controller responsible for your personal data.

Controller Contact Details:

As a data controller, we determine the purposes and means of processing your personal data and are committed to complying with all applicable data protection laws, including the General Data Protection Regulation (GDPR).

Definitions

Data Subject

"Data Subject" or "you" or "your" refers to you as an identified or identifiable natural person whose personal data we process. Under GDPR, you have specific rights regarding your personal data.

Personal Data

"Personal Data" means any information relating to you that can be used to identify you directly or indirectly, as defined in Article 4(1) of the GDPR.

Processing

"Processing" means any operation performed on personal data, whether by automated means or not, as defined in Article 4(2) of the GDPR.

Introduction & Organizational Info:

We, at Avancio Group AB, are dedicated to serving our customers and contacts to the best of our abilities. Part of our commitment involves the responsible management of personal information collected through our website avancio.com, and any related interactions. Our primary goals in processing this information include:

  • Enhancing the user experience on our platform by understanding customer needs and preferences.
  • Providing timely support and responding to inquiries or service requests.
  • Improving our products and services to meet the evolving demands of our users.
  • Conducting necessary business operations, such as billing and account management.

It is our policy to process personal information with the utmost respect for privacy and security. We adhere to all relevant regulations and guidelines to ensure that the data we handle is protected against unauthorized access, disclosure, alteration, and destruction. Our practices are designed to safeguard the confidentiality and integrity of your personal information, while enabling us to deliver the services you trust us with.

  • We do have a designated Data Protection Officer (DPO). Should you have any questions or require further information about how we manage personal information, please feel free to contact us at privacy@avancio.com.

Your privacy is our priority. We are committed to processing your personal information transparently and with your safety in mind. This commitment extends to our collaboration with third-party services that may process personal information on our behalf, such as in the case of sending invoices. Rest assured, all activities are conducted in strict compliance with applicable privacy laws.

Scope and Application:

Our privacy policy is designed to protect the personal information of all our stakeholders, including website visitors, registered users, and customers. Whether you are just browsing our website avancio.com, using our services as a registered user, or engaging with us as a valued customer, we ensure that your personal data is processed with the highest standards of privacy and security. This policy outlines our practices and your rights related to personal information.

Data Collection and Processing:

Our commitment to transparency and data protection extends to how we collect and use your personal information. We gather personal data through various interactions, including but not limited to, when you utilize our services or products such as AI and Autonomous Systems, Robotics and Industrial IoT, Cloud and Edge Infrastructure, Custom Software Development, Cybersecurity, Advanced Connectivity, or directly provide information to us.

Data Minimization

In accordance with GDPR Article 5(1)(c), we are committed to collecting and processing only the personal data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed. This means:

  1. We only collect the specific data points needed to fulfill the stated purposes.
  2. We regularly review our data collection practices to identify and eliminate unnecessary data collection.
  3. We implement technical measures to ensure that by default, only personal data necessary for each specific purpose is processed.
  4. We provide options for you to limit the data you share with us where appropriate.

If you believe we are collecting more data than necessary, you have the right to question this and to object to the processing of your personal data.

Data Storage and Protection:

Data Storage:

  • Personal information is stored in secure servers located within the European Union, specifically in Ireland, Finland, Sweden, Netherlands, and Spain. For services that require international data transfer, we ensure that such transfers comply with all applicable laws and maintain data protection standards equivalent to those in our primary location.
  • Data Hosting Partners: We partner with reputable data hosting providers committed to using state-of-the-art security measures. These partners are selected based on their adherence to stringent data protection standards.

Data Retention Period

In accordance with GDPR data minimization and storage limitation principles (Article 5(1)(e)), we retain your personal data for no longer than necessary for the purposes for which it was collected. Specifically:

  • We will retain your personal data for a maximum period of 5 years from our last interaction or the termination of our contractual relationship, whichever comes first.
  • When personal data is no longer necessary for the purposes for which it was collected, we will securely delete or anonymize it.
  • Certain data may be retained for longer periods where required by law, for legal claims, or for legitimate business purposes as permitted under GDPR.

You have the right to request erasure of your personal data in accordance with Article 17 of the GDPR.

International Data Transfers

Where we transfer your personal data outside the European Economic Area (EEA), we implement appropriate safeguards in accordance with Chapter V of the GDPR, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules where applicable
  • Adequacy decisions recognizing certain countries as providing adequate protection
  • Derogations for specific situations as set out in Article 49 of the GDPR

We commit to ensuring that any international transfer of personal data undergoes a data protection impact assessment when required and meets all standards necessary to protect your rights and freedoms with respect to your personal data.

Data Sharing and Disclosure

At Avancio Group AB, we are committed to safeguarding your personal information and ensuring it is treated with the utmost respect. This commitment extends to how we handle the sharing and disclosure of your data. Below we outline our practices in this area:

Sharing Personal Information:

  • Third-Party Service Providers: We may share your information with third-party service providers who perform services on our behalf. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential. These partners are prohibited from using your personal information for any purpose other than to provide these services to Avancio Group AB, and they are required to maintain the confidentiality of your information.

Google Analytics

  • Provider: Google Ireland Limited
  • Purpose(s): Marketing and Advertising, Analytics and Performance Tracking
  • Collected Personal Data Type(s): First and Last Name, Date of birth, National identification numbers (e.g., Social Security Number, Passport ID), Email address and/or Phone number, Address and City, Device ID, IP Address, Operating system and version, Browser Fingerprint, Real-time location (e.g., GPS), IP-based approximate location, Browsing history, Browser Information and Language, Interaction logs (e.g., clicks, time spent on pages), Purchase history
  • Privacy Policy Link: https://business.safety.google/privacy/?hl=en

Google Tag Manager

Data Processing Agreements:

When we share your data with third-party service providers, we do so under the protection of Data Processing Agreements (DPAs) that ensure your information is managed in accordance with GDPR and other relevant data protection laws. These agreements mandate that third parties implement adequate technical and organizational measures to ensure the security of your data.

Transparency and Control:

We believe in transparency and providing you with control over your personal information. You will always be informed about any significant changes to our sharing practices, and where applicable, you will have the option to consent to such changes.

Your trust is important to us, and we strive to ensure that your personal information is disclosed only in accordance with this policy and when there is a justified reason to do so. For any queries or concerns about how we share and disclose personal information, please reach out to us at hello@avancio.com or +46 104 300 399.

User Rights and Choices:

At Avancio Group AB, we recognize and respect your rights regarding your personal information, in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We are committed to ensuring you can exercise your rights effectively. Below is an overview of your rights and how you can exercise them:

Your Rights:

  • Right of Access (Article 15 GDPR): You have the right to request access to the personal information we hold about you and to obtain information about how we process it.
  • Right to Rectification (Article 16 GDPR): If you believe that any personal information we hold about you is incorrect or incomplete, you have the right to request its correction or completion.
  • Right to Erasure ('Right to be Forgotten') (Article 17 GDPR): You have the right to request the deletion of your personal information when it is no longer necessary for the purposes for which it was collected, among other circumstances.
  • Right to Restriction of Processing (Article 18 GDPR): You have the right to request that we restrict the processing of your personal information under certain conditions.
  • Right to Data Portability (Article 20 GDPR): You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit those data to another controller.
  • Right to Object (Article 21 GDPR): You have the right to object to the processing of your personal information, under certain conditions, including processing for direct marketing.
  • Right to Withdraw Consent (Article 7(3) GDPR): Where the processing of your personal information is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint (Article 77 GDPR): You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable data protection laws.

Additional Data Subject Rights under GDPR

In addition to the rights already detailed in our policy, as a data subject located in the European Economic Area, you have specific rights under the GDPR:

  • Right to Restriction of Processing (Article 18): You can request that we restrict the processing of your personal data under certain circumstances, such as if you contest the accuracy of your data or if the processing is unlawful.
  • Right Not to Be Subject to Automated Decision-Making (Article 22): You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you, except in limited circumstances permitted by the GDPR.
  • Right to Data Portability in Machine-Readable Format (Article 20): Upon request, we will provide your personal data in a structured, commonly used, and machine-readable format that can be transmitted to another controller where technically feasible.

To exercise any of these rights, please contact us at privacy@avancio.com . We will respond to your request within one month, as required by the GDPR. This period may be extended by up to two additional months when necessary, taking into account the complexity and number of requests.

Exercising Your Rights:

To exercise any of these rights, please contact us at hello@avancio.com or +46 104 300 399. We will respond to your request in accordance with applicable data protection laws and within the timeframes stipulated by those laws. Please note, in some cases, we may need to verify your identity as part of the process to ensure the security of your personal information.

We are committed to facilitating the exercise of your rights and to ensuring you have full control over your personal information. If you have any questions or concerns about how your personal information is handled, please do not hesitate to get in touch with us.

Cookies and Tracking Technologies:

At Avancio Group AB, we value your privacy and are committed to being transparent about our use of cookies and other tracking technologies on our website avancio.com. These technologies play a crucial role in ensuring the smooth operation of our digital platforms, enhancing your user experience, and providing insights that help us improve.

Understanding Cookies and Tracking Technologies:

Cookies are small data files placed on your device that enable us to remember your preferences and collect information about your website usage. Tracking technologies, such as web beacons and pixel tags, help us understand how you interact with our site and which pages you visit.

How We Use These Technologies:

  • Essential Cookies: Necessary for the website's functionality, such as authentication and security. They do not require consent.
  • Performance and Analytics Cookies: These collect information about how visitors use our website, which pages are visited most frequently, and if error messages are received from web pages. These cookies help us improve our website.
  • Functional Cookies: Enable the website to provide enhanced functionality and personalization, like remembering your preferences.
  • Advertising and Targeting Cookies: Used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and help measure the effectiveness of the advertising campaign.

Your Choices and Consent:

Upon your first visit, our website will present you with a cookie consent banner, where you can:

  • Accept All Cookies: Consent to the use of all cookies and tracking technologies.
  • Reject Non-Essential Cookies: Only essential cookies will be used to provide you with necessary website functions.
  • Customize Your Preferences: Choose which categories of cookies you wish to allow.

Changes to Our Cookie Use:

We may update our use of cookies and tracking technologies to improve our services or comply with legal requirements. We will notify you of any significant changes and seek your consent where necessary.

For more detailed information about the cookies we use, their purposes, and how you can manage your preferences, please visit our detailed Cookie Policy https://avancio.com/cookies .

Should you have any questions or concerns about our use of cookies and tracking technologies, please do not hesitate to contact us at hello@avancio.com or +46 104 300 399. Your privacy and the integrity of your personal data are of utmost importance to us.

Direct Marketing and Communications:

At Avancio Group AB, we may use your personal information to send you direct marketing communications about our products, services, promotions, and other relevant information that we believe may be of interest to you. We are committed to ensuring that our direct marketing practices are transparent, lawful, and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the ePrivacy Directive.

Obtaining Consent for Direct Marketing:

  • Opt-In Consent: We will obtain your explicit opt-in consent before sending you direct marketing communications, where required by law. This means that you will have the opportunity to actively consent to receiving marketing messages from us before we send them to you.
  • Unsubscribe Option: Every direct marketing communication we send will include clear instructions on how to unsubscribe or opt-out from receiving future marketing communications. You can exercise your right to opt-out at any time, and we will promptly honor your request to stop sending you marketing messages.

Types of Direct Marketing Communications:

We may use your personal information to send you direct marketing communications via various channels, including:

  • Email

Legitimate Interest and Marketing Activities

When we use your personal data for marketing purposes or analytics, we do so based on either your explicit consent (Article 6(1)(a) GDPR) or our legitimate interest (Article 6(1)(f) GDPR), always ensuring we balance our interests with your fundamental rights and freedoms.

Legitimate Interests

When we rely on legitimate interests as a legal basis for processing your personal data (Article 6(1)(f) GDPR), we balance our interests against your fundamental rights and freedoms. Our legitimate interests include:

  1. Business Improvement: Analyzing how our services are used to improve them, fix bugs, and develop new features.
  2. Security: Implementing and improving security measures to protect our systems and your data from unauthorized access, fraud, and abuse.
  3. Communication: Responding to your inquiries and providing customer support.
  4. Marketing: Promoting our products and services to existing customers where we have a relevant business relationship, always with the option to opt out.
  5. Legal Compliance and Protection: Ensuring compliance with legal obligations and protecting our legal rights.

For each processing activity based on legitimate interest, we conduct a balancing test to ensure that our interests do not override your fundamental rights and freedoms. You have the right to object to processing based on legitimate interests at any time.

Personalized Marketing and Profiling:

  • Where we use your data for direct marketing or profiling purposes, we will obtain your explicit consent where required by law.
  • You have the right to object to processing for direct marketing purposes at any time (Article 21(2) GDPR).
  • For personalized advertising through partners like Google, you maintain control through:

Cookies and Tracking Technologies for Marketing:

  • We use cookies for marketing only with your explicit, informed consent.
  • You can withdraw this consent at any time through our cookie management tool.
  • For complete information about our cookie usage, please refer to our Cookie Policy.

As a data subject, you have the right to data portability (Article 20 GDPR), the right not to be subject to automated decision-making including profiling in certain circumstances (Article 22 GDPR), and the right to lodge a complaint with a supervisory authority.

Managing Your Preferences:

You have control over the direct marketing communications you receive from us. You can manage your communication preferences by using the unsubscribe link provided in our marketing emails or text messages.

Data Breach Notification Procedures:

At Avancio Group AB, we understand the importance of protecting your personal information and take proactive measures to safeguard it. In the event of a data breach that poses a risk to your privacy rights and freedoms, we have established clear procedures for promptly identifying, assessing, and mitigating the impact of the breach. Our data breach notification procedures are designed to comply with applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR).

Detection and Assessment:

  • Internal Monitoring: We employ robust security measures and monitoring systems to detect and respond to potential data breaches promptly.
  • Assessment of Breach Impact: Upon discovery of a data breach, we will conduct a thorough assessment to determine the nature and scope of the breach, including the types of personal information involved and the potential impact on affected individuals.

Notification Obligations:

  • Regulatory Authorities: If required by law, we will notify the relevant data protection authorities of the data breach within 72 hours of becoming aware of it, as required by Article 33 of the GDPR, following the procedures specified by applicable regulations.
  • Affected Individuals: If a data breach poses a significant risk to your privacy rights and freedoms, we will notify you without undue delay, providing clear and concise information about the breach, the types of personal information affected, and the steps you can take to protect yourself.

Communication Channels:

  • Email Notification: We may notify affected individuals via email, using the contact information provided to us, if feasible and appropriate.
  • Website Notification: We may also post a notification on our website or through other communication channels accessible to affected individuals.

Support and Assistance:

In the event of a data breach, we are committed to providing affected individuals with the support and assistance they need, including guidance on steps they can take to mitigate the potential risks associated with the breach.

Point of Contact: If you have any questions or concerns about a data breach or believe you may have been affected, please contact us immediately at hello@avancio.com or +46 104 300 399.

Children's Privacy

In compliance with Article 8 of the GDPR, our services are not directed to children under 16 years of age (or the applicable age limit in each EU member state). We do not knowingly collect personal data from children below this age without verifiable parental consent.

If we become aware that we have inadvertently collected personal data from a child under the applicable age limit without appropriate consent, we will take immediate steps to delete this information. If you believe we might have any data from or about a child under the applicable age limit, please contact us at privacy@avancio.com .

Governing Law and Supervisory Authority

This Privacy Policy is governed by the laws of Sweden and the European Union, particularly the General Data Protection Regulation (GDPR).

You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten) or another relevant EU data protection supervisory authority if you believe your data protection rights have been violated.

We are committed to resolving any disputes amicably. If you have concerns about our data processing activities, please contact us first at privacy@avancio.com before lodging a formal complaint.

This Privacy Policy is effective immediately for Users after the effective date.