Privacy Policy
This Privacy Policy describes how Brandfix (“we” or “us”) processes your personal data in accordance with the EU’s General Data Protection Regulation (”GDPR”). This Privacy Policy applies to data which you pass on to us and/or which we collect about you as a user of our website. The Privacy Policy explains how we process your data and for how long we store data about you, etc.
1. Contact details of the data controller
Brandfix A/S is the data controller for the processing of your personal data. These are our contact details:
Gunnar Clausens Vej 40B
8260 Viby J, Denmark
VAT: DK36977663
E-mail: contact@brandfix.dk
Tel.: (+45) 31 62 72 00
2. Description of the processing of personal data
Purpose:
We reserve the right to collect information about your IP address. An IP address is a unique number allocated to the network units, such as computers and mobile phones, which communicate with each other via the internet. We use your IP address and those of others for the purpose of targeting communication/marketing and for statistical purposes.
We collect and process information on your behaviour on our website, so as to analyse the use of our website, optimise user experience and target our communication with you. We collect information on the basis of cookies in accordance with our cookie policy. As a rule, information collected about your behaviour on our website using cookies will not be linked to you as a person. However, if via our website you have asked for or accepted to receive marketing material, we will link your personal data with your behaviour on our website so as to target our communication and marketing, which includes the contents of our website as well as advertising on other websites.
Categories of data:
We collect general data, such as name, occupation, profession/field of work, place of employment, contact details, professional fields of interest, in some cases IP addresses, as well as your behaviour on our website.
Sources:
We collect information from you via cookies which you accept on our website, and from publicly available sources, such as LinkedIn and your company’s website, etc.
Processing basis:
We process your personal data in line with the following processing basis:
- When necessary for the purposes of our legitimate interest (article 6 (1)(f)). We have a legitimate interest in processing your personal data for marketing purposes, which includes telephone calls or possible meetings with you to tell you about our services. Consequently, our legitimate interest consists of knowing your professional interests and preferences, so as to be better able to customise our communication and offers to your company, thereby offering products and services which meet the needs and wishes of your company.
- If you have given consent to the use of third-party cookies, thereby making it possible to derive personal data about you, cf. our cookie policy, your personal data will be transferred to third parties on this basis.
- When necessary to fulfil an agreement with you or for us to be able to process inquiries and similar before you decide to enter into an agreement with us (article 6 (1) (b)).
Recipients:
We transfer or make available your personal data to the following recipients:
data processors who assist us with targeting our marketing/advertising, and for statistical purposes, and
- third parties: Our website contains cookies from third parties; to a varying extent, these may include the following:
- Google LLC
- Active Campaign
- Hotjar
- if you have given consent to the use of third-party cookies which make it possible to derive personal data about you, cf. our cookie policy, the collection/transfer of data to such third parties is carried out in accordance with our cookie policy. For example, we use Google’s services for statistical purpose and marketing purposes, and we use Facebook for marketing purposes. Read more about the basis for Google’s processing of personal data in Google’ privacy policy and personal data policy and about your possibilities for administering your privacy settings on Google’s website www.google.com. Read more about the basis for Facebook’s processing of personal data in Facebook’s information about protection of personal data and about security, and about your possibilities for administering your privacy settings on Facebook’s website www.facebook.com.
Transfer to countries outside the EU/the EEA:
If you have given consent to the use of third-party cookies which make it possible to derive personal data about you, cf. our cookie policy, the transfer of your data to a third party may be carried out on this basis. In such case, Google and Facebook, as well as other services – depending on your privacy settings with these services – may use cookies set by these services via our website to collect and store your data (e.g. IP address and cookie data) on foreign servers outside the EU/the EEA.
Storage:
We store data about you as long as we need to be able to:
- cater for the purposes mentioned above
- document:
- our right to process your personal data, and
- our compliance with the rules on processing of personal data and other legislation, such as marketing legislation, in regard to the barring by limitation of criminal liability and compensation liability and any other legal requirements, if relevant. If not relevant, the data will be erased at an earlier time.
Voluntary provision of data:
When we collect personal data from you, it is optional whether you want to provide this information. If you do not provide personal data, we will not be able to cater for the above-mentioned purposes; including targeting our communication on the basis of your interests and focus areas, or being able to send you targeted and relevant marketing and information, for example in the form of newsletters and invitations to events.
3. Cookies
Regarding the use of cookies, we refer you to our cookie policy. If cookies involve registration of personally identifiable data, this will be clear from our cookie policy and/or this Privacy Policy.
4. Your rights
In accordance with the GDPR, you have a number of rights in regard to our processing of information about you.
If you wish to invoke your rights, please contact us. You will find our contact details under item 1.
We will comply with your request as soon as possible in accordance with applicable legislation. If, for whatever reason, we are not able to meet your request, we will contact you.
Right to see data (access right)
You have the right to have access to the data about you which we process, including the purposes of processing, as well as other information.
Right to rectification (correction)
You have the right to have incorrect information about you corrected.
Right to erasure
In special cases, you have the right to have data about you erased before the time when such data would normally be erased.
Right to restriction of processing
In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have such processing restricted, our future processing of your personal data – apart from storage – requires your consent, or such processing may be allowed in order to determine, invoke or defend legal claims, or protecting a person or significant societal interests.
Right to object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You may do so in accordance with article 6 (1)(f) (legitimate interest), which includes profiling based on these provisions. This Privacy Policy specifies the extent to which we process your personal data for such purposes. Subsequently, we may not process such personal data, unless we can demonstrate significant, legitimate reasons for such processing, which reasons take priority over your interests, rights and freedom rights, or unless such processing is necessary in order to determine, invoke or defend legal claims.
You may also object to the processing of your personal data for the purpose of direct marketing and profiling in connection with marketing. In such case, we may no longer process your personal data for such purpose.
Withdrawal of consent
If processing of your personal data is based on your consent, you have the right at all times to withdraw such consent. If you withdraw your consent, this does not affect the legality of the processing carried out before you withdrew your consent. If you have given consent to receiving newsletters and invitations to events, etc., by e-mail, you may at any time withdraw your consent by using the deregistration link in the e-mails you receive.
Data portability
In certain cases, you have the right to receive your personal data (only information concerning yourself which you yourself have given us) in a structured, generally used, machine-readable format, and to have such personal data transferred to another data controller (data portability).
General aspects
There may be conditions or restrictions associated with the use of the above-mentioned rights. Consequently, in a specific case, you may not have the right to data portability, for example – this will depend on the special circumstances of the processing activity concerned.
6. Security
We process all data, including your personal data, confidentially and with a high degree of security. This means that your personal data is protected against destruction, loss or modification and unauthorised publication, as well as against any unauthorised person having access to or knowledge of such data.
7. Complaint to the Danish Data Protection Agency
You have the right to file a complaint with the Danish Data Protection Agency if you are displeased with the way we process your personal data. You can find the contact details of the Danish Data Protection Agency here: www.datatilsynet.dk
8. Updating of this Policy
We are obliged to comply with the basic principles on protection of personal data and data protection. Any significant changes to this Privacy Policy will be published on our website together with an updated version of the Privacy Policy.