Data Privacy Notice


Last Updated: June 3, 2026


1. Controller


ua.ventures elevated GmbH
Otto-Suhr-Allee 25
10585 Berlin
Germany
Managing Directors: Michael Hübner, Stefan Schandera, Sebastian Schwenke
Commercial Register (Amtsgericht Charlottenburg): HRB 276694 B
Contact: contact.us@ua.ventures


2. Purpose of this Privacy Notice


This Privacy Notice explains how ua.ventures elevated GmbH ("ua.ventures", "we", "our", or "us") collects, processes, uses, stores, and protects personal data in connection with:


  •  our website and online services;
  •  contact requests and business communications;
  •  investment, startup, partner, and stakeholder interactions;
  •  event registrations and participation;
  •  applications for curated programs, events, delegations, demo days, investor sessions, and related activities;
  •  business development and operational activities.


We process personal data in accordance with the General Data Protection Regulation (GDPR), applicable German data protection laws, and other applicable legal requirements.


3. Categories of Personal Data


Depending on the nature of the interaction, we may process:


  •  identification data (e.g., name, title, position);
  •  contact information (e.g., email address, telephone number);
  •  company and organizational information;
  •  contractual and business relationship data;
  •  communication data and correspondence;
  •  event registration and participation data;
  •  application and selection-related information;
  •  compliance-related declarations and information voluntarily submitted by participants;
  •  website usage and technical data;
  •  log files and security-related information.


4. Purposes of Processing


We process personal data for the following purposes:


  •  responding to inquiries and communications;
  •  managing business relationships and partnerships;
  •  organizing events, meetings, workshops, conferences, delegations, and investment activities;
  •  evaluating applications and registrations;
  •  participant selection and participant management;
  •  administration and logistics of events;
  •  communication before, during, and after events;
  •  security, compliance, and risk management;
  •  legal, regulatory, and contractual compliance;
  •  operation, maintenance, and security of our website and IT infrastructure;
  •  protection of our legitimate business interests.


5. Event Registrations and Participant Management


When individuals or organizations register for events organized, hosted, supported, or coordinated by ua.ventures, personal and company-related information may be processed for the purposes of participant evaluation, selection, event administration, communication, logistics, networking activities, and related event operations.


Event registrations, applications, and ticketing processes may be administered through third-party event management platforms, including Luma Technologies Inc. ("Luma"). Where such platforms are used, personal data submitted through those platforms may also be processed by the respective provider in accordance with its own privacy notice and applicable data protection laws.


For certain events, participants may additionally be requested to submit confirmations, declarations, or compliance-related information through forms operated by ua.ventures. Such information may include participant details, company information, security and compliance declarations, participation confirmations, and other information relevant to the organization and administration of the event.


We process such information for:


  •  participant evaluation and selection;
  •  event administration and logistics;
  •  communication with applicants and participants;
  •  compliance and security reviews where relevant;
  •  preparation of meetings, presentations, networking activities, and investor interactions;
  •  documentation and follow-up activities related to the event.

For certain events, participants may be asked to provide compliance-related declarations concerning ownership structures, business relationships, sanctions compliance, security matters, or similar topics relevant to the event format and participant selection process.


6. Legal Bases for Processing


Where required by the GDPR, we rely on one or more of the following legal bases:


Consent


Article 6(1)(a) GDPR


Where you have given consent to a specific processing activity.


Contractual Necessity


Article 6(1)(b) GDPR


Where processing is necessary to enter into, perform, or administer a contractual or pre-contractual relationship.


Legal Obligation


Article 6(1)(c) GDPR


Where processing is required to comply with legal obligations.


Legitimate Interests


Article 6(1)(f) GDPR


Where processing is necessary for our legitimate interests, provided such interests are not overridden by the rights and freedoms of the data subject.


Our legitimate interests may include:


  •  operating and developing our activities;
  •  organizing events and business initiatives;
  •  maintaining business relationships;
  •  protecting our systems and operations;
  •  preventing misuse and fraud;
  •  ensuring compliance and security.


7. Sharing of Personal Data


We may share personal data with:


  •  service providers supporting our operations;
  •  website hosting and IT providers;
  •  legal, tax, accounting, and professional advisors;
  •  event co-organizers;
  •  event partners and sponsors;
  •  investors, jurors, moderators, mentors, speakers, or experts involved in a specific event;
  •  public authorities where legally required.


Any disclosure will be limited to what is reasonably necessary for the respective purpose.


Where required by law, appropriate contractual and organizational safeguards are implemented.


8. International Data Transfers


Where personal data is transferred outside the European Union (EU) or European Economic Area (EEA), we implement appropriate safeguards in accordance with applicable data protection laws.


Such safeguards may include:


  •  adequacy decisions issued by the European Commission;
  •  Standard Contractual Clauses (SCCs);
  •  participation in recognized international data transfer frameworks;
  •  other legally recognized safeguards.


9. Website Hosting and Technical Operations


Our website and certain online forms are hosted and operated through IONOS SE using infrastructure located within the European Union (EU).


When accessing our website or submitting information through forms operated by ua.ventures, technical information may be processed automatically, including:


  •  IP addresses;
  •  browser and device information;
  •  date and time of access;
  •  requested resources;
  •  system logs;
  •  technical usage information.

Such processing is necessary to provide, secure, maintain, and improve our online services and related event administration processes.


10. Cookies and Similar Technologies


Our website may use cookies and similar technologies.
Where required by law, consent will be obtained before non-essential cookies are used.
Users may withdraw consent at any time through available cookie settings or browser controls.
Further information may be provided through our cookie banner or consent management platform.


11. Retention of Personal Data


We retain personal data only for as long as necessary to:


  •  fulfill the purposes described in this Privacy Notice;
  •  comply with legal obligations;
  •  resolve disputes;
  •  enforce legal rights;
  •  maintain appropriate business records.

Where required by applicable law, personal data may be retained for longer periods, including retention periods under commercial, corporate, tax, accounting, or other legal requirements.


Unless a longer retention period is required by law or necessary to establish, exercise, or defend legal claims, personal data related to event registrations and participation will generally be retained only for as long as reasonably necessary for the purposes described in this Privacy Notice.


12. Data Subject Rights


Subject to applicable law, individuals may have the right to:


  •  obtain information about the processing of their personal data;
  •  access their personal data;
  •  request correction of inaccurate data;
  •  request deletion of personal data;
  •  request restriction of processing;
  •  object to certain processing activities;
  •  withdraw consent where processing is based on consent;
  •  receive personal data in a portable format;
  •  lodge a complaint with a competent supervisory authority.


Requests may be submitted to:
contact.us@ua.ventures

Individuals also have the right to lodge a complaint with a competent data protection supervisory authority.
The competent supervisory authority for ua.ventures elevated GmbH is:


Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61
10555 Berlin
Germany
Website: https://www.datenschutz-berlin.de


13. Security Measures


We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, loss, or destruction.


These measures are designed taking into account:


  •  the state of the art;
  •  implementation costs;
  •  the nature and scope of processing;
  •  the risks to the rights and freedoms of individuals.


14. External Websites and Social Media


Our website may contain links to external websites and social media platforms.
We are not responsible for the privacy practices of third-party websites or services.
Please consult the respective privacy notices of those providers.


15. Changes to this Privacy Notice


We may update this Privacy Notice from time to time.
The most current version will always be published on our website and will indicate the date of the latest update.