Privacy Policy
efacto
Gersonsvej 7
DK-2900 Hellerup
VAT number: 24223183
This is version 8, last updated June 6, 2024, at 2:47 pm.
-
Introduction
- This privacy policy (“Policy”) describes how efacto (“us”, “we”, “our”) in the role of data controller collects and processes your personal data in connection with the purchase of services, membership, products, or general use of our website.
- The Policy has been created and made available to comply with the General Data Protection Regulation (2016/679 of April 27 2016) (“GDPR”) and the rules therein regarding the obligation to inform.
- The Policy aims to help you understand what personal data we collect, why we collect it, and how we protect, store, and delete it.
- Collection of Information through the Use of Cookies
- When visiting and using our website(s), cookies are collected and used based on consent. Information in these cookies includes (“Cookie data”):
- IP address
- Location at login
- Browser Type
- Search terms on our website(s)
- Search terms on other website
- Cookie data is used for improving our website and user experience, delivering services, for preventing fraud and to carry out targeted marketing.
- The use of cookies to collect information and data is also in accordance with the Cookie Notice (BEK no. 1148 of 09/12/2011), § 3.
- If you wish to reject or limit the cookies that are placed on your computer when visiting our website, you can always do this by changing the settings in your browser. However, you should be aware that rejecting or limiting cookies will affect some of the functionality of the website and will result in features on the website that you cannot access or see. All browsers allow you to delete cookies in bulk or individually. How this is done depends on the browser used. If you use multiple browsers, remember to delete cookies in all browsers.
- Below you can see an overview of the duration of the cookies we use: For up to one year
-
Types of Personal Data Processed
- We process personal data about you when it is relevant and in accordance with applicable law. Depending on the specific circumstances, the processed personal data may include some of the following types of personal information:
- Name
- Address
- Phone number
- Email
- Bank information (card details or account information)
- IP address
- Customer number
- Username
- Invoice and accounting documents
- Invoice status (balance, customer points, etc.)
- Social security number (CPR number)
- Purchase history
- When relevant, personal data is collected from external sources. The information can appear on stored invoices.
- If we need to collect and process additional personal data beyond what is specified above, we will inform you at the time of collection. Such information can also be provided by updating this Policy.
-
For what purpose do we process personal data?
- We only process your personal data if we have a legitimate purpose and therefore in accordance with the rules of the GDPR. Depending on the circumstances, personal data may be processed for the following purposes:
- To be able to deliver or offer our services to users, customers, or members.
- To provide service announcements and information to users, customers, or members.
- To store personal data to the extent required by applicable law, such as the retention of accounting and bookkeeping documents.
- To respond to inquiries and/or complaints from users, customers, or members.
- Ti improve our solutions, services or website.
- For marketing purposes
- For processing and sending marketing content based on preferences.
- For creation of interest profiles to promote relevant services, provide customised marketing for you, improve your user experience with our services/websites.
- For identifying you as a user and showing you the ads that are most likely to be relevant to you.
- Providing the services you have requested, such as sending you a newsletter, a white paper, webinar information or contacting you on request.
-
Legal Basis for Processing Personal Data
- We only process your personal data when we have a lawful basis for processing in accordance with the GDPR. The processing of personal data, depending on the specific circumstances, is based on the following legal grounds:
- The basis for processing the specific personal data is your consent, cf. to GDPR, article 6(1)(a). You can withdraw your consent at any time by contacting us using the contact information provided at the bottom of this Policy. If you withdraw your consent, the personal data processed on the basis of consent will be deleted unless they can or must be processed, for example, to comply with a legal obligation.
- The processing is necessary for compliance with applicable law, cf. to GDPR, article 6(1)(c).
- The processing is necessary for the pursuit of a legitimate interest, where the data subject’s interests or fundamental rights and freedoms, which require protection of personal data, do not override such interests, cf. to GDPR, article 6(1)(f).
-
Disclosure and Transfer of Personal Data
- We only disclose personal data to others when the law permits or requires it, including when it is relevant and upon your and/or the data controller’s specific request.
-
Deletion and Storage of Personal Data
- We ensure that personal data are deleted when they are no longer relevant to our processing purposes as described above. We always retain personal data for the period required by applicable law, including for the purpose of documenting compliance with, among other things, the provisions of the accounting act. If you have any questions regarding the storage and processing of personal data, you are welcome to contact us at the email address you can find in the last section of this Policy.
-
Your rights
- As a data subject, you have a number of rights:
- You have the right to request access to the personal data we process about you, the purposes of the processing, and whether we disclose your personal data to others.
- You have the right to have incorrect personal data about you rectified.
- In certain cases, you have the right to have some of your personal data deleted.
- In certain cases, you have the right to have the processing of your personal data restricted, so that we can only store your personal data for a specified period.
- In certain cases, you have the right to object to our processing of your personal data on the basis of reasons and circumstances relating to your particular situation.
- You have the right not to be subject to an automatic decision without human intervention, unless the decision is necessary for your employment with us, or the making of the decision is authorised by law or your explicit consent.
- If we have obtained your consent for part of our processing of your personal data, you have the right to withdraw your consent at any time. Withdrawing your consent does not affect the lawfulness of the processing based on the consent prior to the withdrawal.
- In certain cases, you have the right to so-called data portability of the personal data you have submitted to us.
- You always have the right to complain to the Data Protection Authority.
- There may be conditions or limitations to these rights. It is therefore not certain, for example, that you have the right to data portability in the specific case – this depends on the specific circumstances of the processing activities.
- You can find more information about your rights as a data subject on the website of the Data Protection Authority.
- Please use the contact information below if you wish to exercise your rights.
- We strive to meet your wishes regarding our processing of personal data, but you can always submit a complaint to the Data Protection Authority.
-
Changes to This Policy
- We reserve the right to update and make changes in this Policy. If we change the Policy, we will change the date and version at the top of the document. In the case of significant changes, we will notify you in the form of a visible notice on our website, by email, or by using other communication.
-
Contact Information
- You are welcome to contact us at the email address below, if you:
- Disagree with our processing or believe that our processing of your personal data violates the law.
- Have questions or otherwise have comments on this Policy, or
- Wish to exercise one or more of your rights as a data subject.
Please contact Tonny Jørgensen at tj@efacto.com.