GDPR Compliance

Our Commitment to Data Protection

At Rivic Technologies, we are committed to protecting your personal data and respecting your privacy. This GDPR Compliance Policy explains how we collect, process, and safeguard your personal information in accordance with the General Data Protection Regulation (GDPR) of the European Union.

Headquartered in Berlin with R&D centers in Germany and India, we adhere to the highest standards of data protection across all our operations, regardless of geographic location.

Data Controller Information

Rivic Technologies GmbH is the data controller for personal information collected through our website, products, and services.

Personal Data We Collect

We may collect the following types of personal data:

• Identity Data: Name, username, or similar identifiers
• Contact Data: Email address, telephone numbers, postal address
• Technical Data: IP address, login data, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
• Usage Data: Information about how you use our website, products, and services
• Marketing Data: Your preferences in receiving marketing from us

We do not collect any Special Categories of Personal Data (details about your race, ethnicity, religious beliefs, political opinions, health data, etc.) unless explicitly required and with your specific consent.

How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• To provide and maintain our services
• To notify you about changes to our services
• To provide customer support
• To gather analysis or valuable information so that we can improve our services
• To monitor the usage of our services
• To detect, prevent and address technical issues
• To fulfill any other purpose for which you provide it

Legal Basis for Processing

We process your personal data on the following legal bases:

• Consent: You have given clear consent for us to process your personal data for a specific purpose
• Contract: Processing is necessary for the performance of a contract with you
• Legal Obligation: Processing is necessary for compliance with a legal obligation
• Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party

Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Rights Under GDPR

Under the GDPR, you have the following rights:

To exercise any of these rights, please contact us at privacy@rivic.xyz. We will respond to your request within 30 days. There is no fee for exercising any of these rights, but we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These measures include:

• Encryption of sensitive data
• Regular security assessments and penetration testing
• Access controls and authentication procedures
• Staff training on data protection
• Secure data storage and processing environments
• Regular backups and disaster recovery procedures

We limit access to your personal data to employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

International Transfers

As a company with operations in Germany, India, and serving clients globally, we may transfer your personal data outside the European Economic Area (EEA). Whenever we transfer your personal data outside the EEA, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:

• Transferring data to countries that have been deemed to provide an adequate level of protection by the European Commission
• Using specific contracts approved by the European Commission (Standard Contractual Clauses)
• Implementing appropriate technical and organizational measures to ensure the security of your data

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to distinguish you from other users. This helps us provide you with a good experience when you browse our website and allows us to improve our site.

We use the following types of cookies:

• Strictly Necessary Cookies: Required for the operation of our website
• Analytical/Performance Cookies: Allow us to recognize and count visitors and see how they move around our website
• Functionality Cookies: Used to recognize you when you return to our website
• Targeting Cookies: Record your visit to our website, the pages you have visited, and the links you have followed

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Changes to This Policy

We may update this GDPR Compliance Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.

We encourage you to review this policy periodically to stay informed about how we are protecting your personal data.

Contact Us

If you have any questions about this GDPR Compliance Policy or our data practices, please contact us: