Skip to content
Avanquest Software

Privacy Center

Welcome to Avanquest’s Privacy and Data Protection Center. 

We care about our customer’s privacy and wish to make it easier for them to learn about their rights and easily exercise them. All in one place.

Privacy Policy

Learn about our global privacy policy

Security Policy

Learn about our security principles

Privacy Rights

For data subjects wishing to exercise their rights

Corporate Rules

Learn about our code of conduct when handling personal data

Contact

Contact our DPO for any privacy related concern

DPA

Accessible to B2B relationships

FAQ

Avanquest’s privacy policy applies to anyone who interacts with our services, including customers, users, and visitors to Avanquest’s websites, web applications, and mobile applications. This includes individuals who purchase Avanquest’s products or services, sign up for Avanquest’s newsletters or other communications, or otherwise engage with Avanquest’s platforms. Avanquest’s privacy policy also applies to any personal information collected by Avanquest from these individuals, regardless of where they are located worldwide. It is important to review Avanquest’s privacy policy in detail to understand how your personal information may be collected, used, and shared by Avanquest.

Avanquest is compliant with the GDPR (General Data Protection Regulation). As a company that provides services within the EEA, we understand the importance of protecting personal data and are committed to complying with the GDPR’s requirements. We have implemented various technical and organizational measures, such as encryption and access controls, to safeguard personal data and regularly review our policies and procedures to ensure compliance with the GDPR. Our Data Protection Officer oversees data protection matters and ensures that our practices align with GDPR regulations. Additionally, we provide GDPR-compliant mechanisms for individuals to exercise their rights.  You can read more about our GDPR compliance in our Privacy Policy.

Avanquest complies with the CPRA (California Privacy Rights Act). We are committed to ensuring that we meet all legal requirements related to data privacy and security, including those set out in the CPRA. As a technology company, we understand the importance of protecting our customer’s personal information and have taken all necessary steps to comply with the CPRA’s regulations. Our privacy policies and practices are regularly reviewed and updated to ensure we comply with all applicable laws and regulations, including the CPRA. You can read more about our CPRA compliance in our Privacy Policy.

You can exercise your privacy rights through your account with Avanquest or by submitting a form via email (dpo@avanquest.com) or directly from you account. When submitting a request, please include sufficient information about the request, the related service, and the data subject to allow us to verify you and process your request within the applicable regulation’s timeframe. Note that we may ask for additional information during the request process.If you unsubscribe from our service, we may still send transactional emails related to purchases or product downloads. Additionally, the time frame for us to respond to your request may depend on your resident region. For example, if you are an EEA resident, we are obliged to reply within 30 days, and if you are a California resident, we may reply within up to 45 days.

Avanquest has implemented a range of technical and organizational measures to safeguard personal information. These measures include regular security updates and patches, access controls, permission settings, encryption during transmission and storage, regular backup and recovery procedures, and employee training. These measures are designed to maintain the highest possible level of security for personal information and to continuously improve data protection practices. Our aim is to ensure that personal information is kept safe and secure from unauthorized access or interception.

At Avanquest, we believe in giving our customers full ownership and control over their collected data. You have complete control over any required retention periods as dictated by law. We will keep your data for as long as you don’t request us to delete it or until we discover it was unlawfully collected (such as if we learn you are a minor), and only if no legal exemptions apply.

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that was introduced by the European Union (EU) in May 2018. It applies to all EU member states and regulates the processing of personal data by organizations within the EU, as well as organizations outside the EU that offer goods or services to individuals within the EU. The GDPR aims to protect the privacy rights of individuals by setting out specific requirements for how personal data must be processed, stored, and protected by organizations. It also gives individuals certain rights over their personal data, such as the right to access, rectify, and delete their data, and the right to object to its processing under certain circumstances.

The GDPR grants data subjects the following rights:
a. The right to know: you have the right to know about the Personal Information that is collected and processed about you, including the categories of third parties with which we may share your information.
b. The right to access:the Personal Information held about you.
c. he right to rectification: you have the right to ask us to correct the information we hold about you.
d. he right of erasure: you may ask us to delete certain Personal Information about you, or to stop using it.
e. Portability right: you may contact us to request an export of your Personal Information in a reusable format, or to directly transfer such data to another vendor offering related services.
f. The right to withdraw consent previously given: you may decide to withdraw your consent and we will then stop using your information for that purpose.

Personal data under GDPR is any information that relates to an identified or identifiable natural person, also known as a data subject. This can include a person’s name, address, email address, phone number, date of birth, identification number, location data, IP address, or any other data that can be used to identify the person. It can also include sensitive personal data such as racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic data, biometric data, health data, or sexual orientation. The GDPR applies to the processing of personal data that is carried out by organizations within the EU, as well as organizations outside the EU that offer goods or services to individuals within the EU.

Yes, under the GDPR, you have the right to request that your personal data be deleted, also known as the “right to be forgotten”. This right applies in certain circumstances, such as when the personal data is no longer necessary for the purpose for which it was collected, when the data subject withdraws their consent, or when the data subject objects to the processing of their data.
However, this right is not absolute and is subject to certain exemptions. For example, a company may be required to keep certain data for legal or regulatory reasons, or for the establishment, exercise, or defense of legal claims. If your request for erasure is refused, the company should provide you with an explanation for the refusal.
If you wish to exercise your right to be forgotten, you can make a request to the data controller, who is responsible for processing your personal data. The data controller is required to respond to your request within one month and should provide you with an explanation if they refuse your request. If you are not satisfied with the response you receive, you have the right to lodge a complaint with the relevant supervisory authority.
The right to be forgotten, also known as the right to erasure, is a data subject right under the GDPR that allows individuals to request the deletion or removal of their personal data from an organization’s databases or systems.
This right applies in certain circumstances, such as when the personal data is no longer necessary for the purpose for which it was collected, when the data subject withdraws their consent, or when the data subject objects to the processing of their data.
However, this right is not absolute and is subject to certain exemptions. For example, a company may be required to keep certain data for legal or regulatory reasons, or for the establishment, exercise, or defense of legal claims.
Yes, under the GDPR, you have the right to request a copy of your personal data from a company that is processing it. This right is known as the right of access or the right to obtain a copy of your personal data.
The data controller must respond to your request within one month and provide you with a copy of your personal data in a commonly used electronic format, such as a PDF or CSV file. If the request is complex or the data controller is processing a large amount of data, they may request an extension of up to two additional months to respond to your request.
Yes, under the GDPR, you have the right to object to the processing of your personal data in certain circumstances. This right is known as the right to object.
You can exercise this right if you believe that the processing of your personal data is being done without a legitimate basis or is being done for purposes that are not compatible with the original purpose for which the data was collected. You can also exercise this right if you believe that the processing of your personal data is being done for direct marketing purposes.
If your objection is related to direct marketing, the data controller must stop processing your personal data for that purpose immediately. If your objection is related to other processing activities, the data controller must assess whether they have a legitimate basis for continuing to process your personal data.

The California Privacy Rights Act (CPRA) is a new data privacy law that amends and expands the California Consumer Privacy Act (CCPA). It provides California residents with additional privacy rights and imposes stricter data protection obligations on businesses. CPRA expands the definition of “sensitive personal information” to include new categories of data such as geolocation, biometric information, and health information, provides new rights for consumers, equires businesses to enter into contracts with their service providers that include specific privacy protections and creates a new category of “sharing” personal information that triggers additional consumer rights.

The California Privacy Rights Act (CPRA) grants California consumers the following privacy rights:
a. Right to know: Consumers have the right to know what personal information is being collected about them, and for what purposes.
b. Right to delete: Consumers have the right to request that a business delete their personal information.
c. Right to correct: Consumers have the right to request that a business correct any inaccurate personal information they hold.
d. Right to opt-out of the sale of personal information: Consumers have the right to opt-out of the sale of their personal information.
e. Right to limit the use and disclosure of sensitive personal information: Consumers have the right to limit the use and disclosure of their sensitive personal information, such as their social security number, government-issued ID numbers, financial account information, and health information.
f. Right to data portability: Consumers have the right to request that a business provide them with a copy of their personal information in a format that is portable and allows for easy transfer to another business.
g. Right to be informed about automated decision-making: Consumers have the right to be informed about any automated decision-making processes that are used to make decisions about them, and to be given the opportunity to challenge those decisions.
h. Right to be notified about data breaches: Businesses must notify consumers if their personal information is involved in a data breach.