Privacy Policy

Within this Privacy Policy we explain how we process your personal data, including – but not limited to – what we use it for as well as how we store and most importantly, how we protect it. Your privacy is important to us, why we also urge you to contact us directly if you have additional questions, or doubts, regarding this Privacy Policy.

Operating company:

Advisoa ApS
Kronprinsensgade 6B, 1st floor
1114 Copenhagen C
Company ID: 41405554

E-mail: info@advisoa.dk
Phone: +45 93 89 40 56

ADVISOA is a software company that develops proprietary software solutions whose licenses are marketed to its customers as a Software as a Service (“SaaS” hereafter), which refers to the way functionalities of a software solution are available remotely, using Internet technologies and accessible through the Internet. ADVISOA has developed Paypilot, a SaaS enabling you to manage your business data, including but not limited to e-commerce data, by offering a solution to centralize the different sales and/or marketing channels, providing data insights, enhanced by transactional payments data, calculate analytics, help monitor Key Performance Indicators, operate automations of flows, such as bookkeeping, handling of transactions, and more (the “Software”, hereinafter).

With regard to the aforesaid, the following is agreed:

To make our Privacy Policy more user friendly we use “we”, “us” and “our” to describe our company. When we talk about our “platform”, we refer to our product “Paypilot”. When we talk about our website, we mean https://advisoa.dk, https://paypilot.dk and all other sites and apps owned and operated by our company. When we refer to “you” we mean you as the visitor or user on our website(s), app(s) and other related services and products, fully owned and operated by our company.

On our website and in our marketing communication through emails, social media and other channels, we might link to other companies, websites and services/products (“other parties”) that aren’t owned nor operated by our company. This Privacy Policy doesn’t cover how these other parties process your data and we encourage you to read each party’s own Privacy Policy upon your visit.

To give you an easy overview of what data we process, and for how long we process it, we’ve divided each processing activity into separate areas below. This should give you a clear overview of why, what and for how long we process your data – as well as how we protect it, to keep your privacy secure.

In order to deliver our product(s) and service(s) to you, we process your data. This includes registering and identifying you as a customer and/or user, giving you access to our platform, setting up your account, activity logging and saving the actions you take when navigating and/or using our website, product and services, sending you notifications, responding to your queries and questions as well as providing you customer service and support – i.e., sending service related messages and/or notifications to you and other services connected through our platform.
 
The data which we process is collected directly through you and/or connected services and/or products. The data we process about you is listed below:
 
- Your contact details, including – but not limited to – your full name, e-mail, title, company associations, telephone and/or mobile number, address and country.
- Information about the companies you’re associated with, either through ownership or employment, your role as well as access rights in relation to your account on our platform.
- Browsing history, interest areas and the use of our product and/or services.
- Requests and actions – i.e., sign-up and usage of our platform, when you accepted our general terms and conditions, when you signed up, login details and verification logs, when you contact us through our product and/or services as well as by email.
- Information about the actions you took when you became a user and set up your account as well as information, documents and transactional data, as well as customer data, from other products and/or services which you connect to your account through our platform.
- Other type of actions you have with us and our service – i.e., tests, questionaries, customer- and product feedback, product, website and service usage etc.

We do not process sales or transaction data directly. Instead, we receive processed information from approved payment providers, gateways, acquiring parties, and open banking suppliers, all of whom are certified within their fields and fully compliant with necessary regulations. This information allows us to track costs, facilitate sales, and support merchants.

We store encrypted customer data using robust encryption methods, ensuring that only the merchant can access it. This includes employing industry-standard encryption both in transit and at rest, and lives up to current GDPR regulations and the likes.

We handle masked card information in compliance with laws and standards to facilitate payment processing and enhance your ecommerce data, i.e. recurring customers.

We collect and analyze aggregated, anonymized sales, transactional, customer insights, among others, to improve our services and provide valuable insights to merchants.

We store and manage entire product catalogues, including descriptions, images, prices, and related information.

We do not process bank transactions directly. Rather, we receive information related to bank transactions, receipts, and invoices from approved payment providers and open banking suppliers. These parties are certified and fully compliant with all applicable laws and regulations, allowing us to track costs, manage finances, and comply with regulations.

We handle support tickets and chat logs with customers for responsive support and positive customer experience.

We act as a data processor on behalf of our merchants (data controllers) in providing the Paypilot platform. Our relationship, responsibilities, and obligations concerning the processing of personal data are governed by a Data Processing Agreement (DPA), which we enter into with each merchant. This includes our commitment to process personal data solely on behalf of the merchants and in accordance with their instructions and applicable laws.

Below is the legal basis for our processing of your data:
 
- Your consent (GDPR Article 6.1.a)
- To pursue legitimate business interests of our own business related to operating our website, product and/or services to you, if your fundamental rights do not override these interests (GDPR Article 6.1.f)
- To comply with our legal obligations (GDPR Article 6.1.c) incl. the Danish Bookkeeping Act
- For the establishment, exercise or defense of legal claims, where necessary (GDPR Article 9.2.f)
- Retention policy

We process your data for as long as they are necessary for the purposes for which consent was giving to process this data. By default, we’ll keep the data for as long as you use our product and/or services with us plus five years following the conclusion of your request and/or account creation.

We use robust encryption methods, access controls, firewalls, and regular audits to protect your personal data. We apply end-to-end encryption for customer data, ensuring an added layer of privacy. Our security measures adhere to industry standards and strong cryptographic algorithms.

You have rights under the GDPR to access, correct, delete, restrict processing, object to processing, and data portability. To exercise these rights, contact us at the information provided above.

Our platform is not intended for individuals under 18, and we do not knowingly collect data from children under 18. If you believe that your child has provided personal information, please contact us, and we will delete it.

We comply with legal mechanisms for transferring data across international borders, ensuring alignment with relevant privacy laws.

We never share your data directly, without your express written consent, i.e. in case of changing payment provider / enabling a new payment service, where the payment provider will need your information for onboarding. We ensure that these parties comply with privacy regulations and use the data solely for the purposes defined. We may also share static and aggregated data with third-parties. It´s worth to outline that such data will not be identifiable directly to you nor your specific data.

We follow procedures for dealing with suspected personal data breaches, including notifying users and relevant authorities as required by law.

We use cookies and similar technologies for various purposes. More information is available in our Cookie Policy.

You can request a copy of your data in a machine-readable format for transfer to another service.

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

We do not engage in automated decision-making or profiling without clear consent and explanation.

We collect only the necessary data for specific processing purposes, adhering to the data minimization principle under GDPR.

Contact us for access to or correction of your personal data.

You can manage or withdraw consent for specific data processing activities through provided contact information below.

We may update this Privacy Policy to reflect changes in practices, technologies, legal requirements, or other factors. Review regularly; last update: March 18th, 2024.

For questions, concerns, or comments, contact our data controller at:

Advisoa ApS
Kronprinsensgade 6B, 1st floor
1114 Copenhagen C
Company ID: 41405554

E-mail: info@advisoa.dk