Allianz X GmbH Privacy Notice to Representatives of (potential) Advisors

We care about your personal data.

Allianz X GmbH (“Allianz X” or „we“ or „us“ or „our“) is the digital investment unit of the Allianz Group. Your privacy is important to us. In connection with your or your affiliated entities’ (potential) engagement by Allianz X with respect to a (potential) business transaction/investment or business relationship, we may process personal data of you (“Business Purpose”). The terms “you” and “your” shall refer to you as a natural person, e.g., as representative, signatory or (key) employee of the above mentioned entities. This privacy notice explains how and what type of personal data may be collected, processed, and used during and following your involvement with us, why it is collected, with whom it is shared, and your rights in this regard. Please read and consider this notice carefully.

  1. Who is the data controller?

A data controller is the individual or legal person who controls and is responsible to keep and use personal data in paper or electronic files. Allianz X is the data controller as defined by relevant data protection laws and regulations.

  1. What personal data will be collected?

In connection with the Business Purpose, we as the data controller may receive personal data, including:

  • Surname, first name, title;
  • Role/capacity;
  • Business email address,
  • Business phone number;
  • Business address;
  • (Prior) Professional activities as well as further customary information received by us during a tender or in connection with the engagement process.
  1. How will we use your personal data?

Allianz X will use your personal data for the following purposes in the context of the Business Purpose:

  • Evaluation of prospective advisors;
  • Communication with advisors;
  • Negotiating and finalizing contracts;
  • Management of advisor relationships;
  • For fraud prevention and detection;
  • To comply with any legal obligations (e.g., tax, accounting and anti-money laundering law).
  1. What is the data source?

We will process personal data which we receive about you from you, the business or entity you are affiliated with, as well as other third parties involved in the Business Purpose, either via emails, business cards, pitch decks, orally or from public sources (online research).

  1. What is the legal basis of processing?

We will inform you where we require your consent to process your personal data. Otherwise, where no consent is required, we will process your personal data for the (i) performance of the contract you are subject to or in order to take steps prior to entering into a contract or (ii) we will process your personal data to meet our legitimate interests (including performance of the contract with the entity you are affiliated with, establishing or maintaining advisor relationships, evaluation; communication, fraud prevention and detection) or (iii) where it is needed to comply with a legal obligation (e.g., tax, accounting and anti-money laundering law). Where we rely on legitimate interests, we consider that the processing of personal data is necessary for the purposes and that these outweigh any opposing interests and/or fundamental rights and freedoms you may have.

Allianz X respects applicable laws and regulations in its use of personal data.

  1. Who will have access to personal data collected by us?

We will ensure that your personal data is processed in a manner that is compatible with the purposes specified above. For the specified purposes, your personal data may be disclosed to the following parties who operate as third party data controllers:

  • Other Allianz Group companies;
  • Business partners;
  • Third party service providers;
  • Other advisors.

For the stated purposes, we may also share your personal data with the following parties who operate as data processors under our instruction:

  • Other Allianz Group companies;
  • Service providers.

Finally, we may share your personal data in the following instances:

  • With law enforcement agencies, government and regulatory bodies to meet applicable legal or regulatory obligations.
  1. Where will collected personal data be processed?

Your personal data may be processed both inside and outside of the European Economic Area (EEA) by the parties specified above, subject always to contractual restrictions regarding confidentiality and security in line with applicable data protection laws and regulations. We will not disclose your personal data to parties who are not authorized to process them.

Whenever we transfer your personal data for processing outside of the EEA by another Allianz Group company, we will do so on the basis of the binding corporate rules (BCRs) of Allianz which establish adequate protection for personal data and are legally binding on Allianz Group companies. The public version of the BCRs and the list of Allianz Group companies that comply with them can be accessed here.

Where the BCRs do not apply, we will instead take steps to ensure that the transfer of your personal data outside of the EEA receives an adequate level of protection as it does in the EEA. You can find out what safeguards we rely upon for such transfers (for example, Standard Contractual Clauses) by contacting us as detailed below.

  1. What are your rights in respect of your personal data?

Please note that you are under no general obligation to provide your personal data to us, except where applicable law requires you to do so. However, processing your personal data will be necessary for the performance of the existing or prospective business relationship between you or the entity you are affiliated with and us. Where permitted by applicable law or regulation, you have the right to:

  • Access your personal data held about you and to learn the origin of the data, the purposes and means of the processing, the details of the data controller(s), the data processor(s) and the parties to whom the data may be disclosed;
  • Withdraw your consent at any time where your personal data is processed with your consent;
  • Update and correct your personal data so that it is accurate;
  • Delete your personal data from our records if it is no longer needed for the purposes indicated above;
  • Restrict the processing of your personal data in certain circumstances, e.g., where you have contested the accuracy of your personal data, for the period enabling us to verify its accuracy;
  • Obtain your personal data in an electronic format;
  • File a complaint with us and/or the relevant data protection authority,; and
  • Object to us processing your personal data, or tell us to stop processing.
  1. What security measures have we implemented to protect your information collected through us?

Allianz X has implemented reasonable technical and organizational security measures to protect your personal data collected by Allianz X against unauthorized access, misuse, loss or destruction, including but not limited to multi-factor authentication for log-in to systems, defined access rights, information classification and an incident management process.

  1. How do we treat electronic messages sent to and from Allianz X?

All electronic messages sent to and from Allianz X are protected by reasonable technical and organizational measures and may only be accessed in justified cases in line with applicable laws and regulations (e.g., court order, suspicion of criminal conduct, violation of regulatory obligations) and in such cases made available to specific persons in defined functions (e.g., Legal, Compliance, Risk). Every step of the process, as well as the search criteria used, are logged in an audit trail. All emails are disposed of after the applicable retention period has expired.

  1. How long is personal data retained for?

We will not retain your personal data for longer than is necessary and we will hold it only for the purposes for which it was obtained. Longer retention periods may be applicable if required by applicable laws and regulations.

  1. How can you contact us?

If you have any queries about how we use your personal data, you can contact us by post or email via the details specified below:

Allianz X GmbH
Data Privacy Officer
Leopoldstr. 28 A
80802 Munich

  1. How often is this notice updated?

We regularly review this privacy notice. This privacy notice was last updated on April 21st 2023.