Last updated: 5 February 2026

1. Controller

Bliq GmbH
Lohmühlenstraße 65
12435 Berlin
Germany
Email: hello@bliq.ai
Data Protection Officer (DPO):
Email: dpo@bliq.ai

2. General Information

We take the protection of personal data seriously. This Privacy Policy explains how Bliq GmbH (“we”, “us”) processes personal data in accordance with the General Data Protection Regulation (GDPR) and applicable German data protection laws.
Personal data means any information relating to an identified or identifiable natural person.

3. Categories of Data We Process

Depending on usage of our website and driverless vehicle services, we may process:

Website data

• IP address

• Date and time of access

• Browser and device information

• Referrer URL

• Log files

Communication data

• Name

• Email address

• Message content

Vehicle and mobility data (if using our driverless vehicle services)

• Trip metadata (start/end location, timestamps, route)

• Vehicle telemetry (speed, braking, system status)

• Sensor data (camera, lidar, radar)

• Interior safety data (e.g. seat occupancy)

Safety and incident data

• Video recordings in and around the vehicle

• Event data related to accidents or system faults

  
  

4. Purposes of Processing

We process personal data for the following purposes:

• Operation and safety of driverless vehicles

• Navigation and ride execution

• System monitoring and improvement

• Legal compliance and accident investigation

• Customer support and communication

• Website operation and security

  
  

5. Legal Bases

Processing is based on:

• Art. 6(1)(b) GDPR – performance of a contract

• Art. 6(1)(c) GDPR – legal obligations

• Art. 6(1)(f) GDPR – legitimate interests (e.g. system security, fraud prevention, service improvement)

• Art. 6(1)(a) GDPR – consent, where applicable

Our legitimate interests include operating safe driverless vehicles and maintaining reliable digital services.

6. Recipients of Data

Personal data may be shared with:

• Technical service providers (hosting, cloud, analytics)

• Mobility partners

• Insurance providers

• Authorities where legally required

All processors act under GDPR-compliant data processing agreements.

7. International Transfers

If data is transferred outside the EU/EEA, we ensure appropriate safeguards such as EU Standard Contractual Clauses.

8. Storage Period

We store personal data only as long as necessary for the stated purposes or legal retention requirements.
Typical retention periods:

• Website logs: up to 30 days

• Communication data: up to 3 years

• Vehicle and safety data: according to operational necessity and statutory requirements

9. Your Rights

You have the right to:

• Access your data (Art. 15 GDPR)

• Rectification (Art. 16 GDPR)

• Erasure (Art. 17 GDPR)

• Restriction of processing (Art. 18 GDPR)

• Data portability (Art. 20 GDPR)

• Object to processing (Art. 21 GDPR)

• Withdraw consent at any time

Requests can be sent to: dpo@bliq.ai
You also have the right to lodge a complaint with a supervisory authority.

10. Automated Decision-Making

Our systems may perform automated processing for driverless vehicle operation and safety. No decisions producing legal effects concerning individuals are made without human oversight.

11. Cookies and Website Technologies

Our website may use technically necessary cookies. Optional cookies (e.g. analytics) are only used with consent.
Details are provided via our cookie banner.

12. Data Security

We apply appropriate technical and organizational measures, including encryption, access controls, and secure infrastructure.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The current version is always available on our website.