Zásady ochrany osobních údajů
Welcome to the OnRobot’s privacy notice!
OnRobot respects your privacy and is committed to protecting your personal data. The present privacy policy informs you as to how we process your personal data when you visit our website and tells you about your privacy rights, furthermore, how the law protects you.
1. IMPORTANT INFORMATION AND WHO WE ARE
1.1 PURPOSE OF THIS PRIVACY NOTICE
This privacy policy aims to give you information on how OnRobot collects and processes your personal data through your use of this website, including any data you may provide through this website when you contact us and use the services offered on the website.
1.2 DATA CONTROLLER
The website is operated and maintained by OnRobot A/S and it is therefore qualifies as data controller (hereinafter referred to as “OnRobot”; “we”, “us”, or “our”) in respect of your personal data.
Contact details:
• Seat: Teglvaerksvej 47H, 5220 Odense, Denmark
• Email address: info@onrobot.com
1.3 DATA PROTECTION OFFICER/DATA PRIVACY MANAGER
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy policy, including any requests to exercise your rights indicated in Section 8, please contact the DPO using the details set out below.
• Name: Enrico Krog Iversen
• Email address: dpo@onrobot.com
2. THE DATA WE COLLECT ABOUT YOU
2.1 Personal data means any information relating to an identified or identifiable natural person (data subject).
2.2 We may in particular collect, use, store and transfer the following kinds of personal data about you:
Aggregated Data (such as statistical, demographical or other data which is related to you, but may not be used to directly or indirectly identify you, and which therefore does not fall as personal data)
Identity Data (such as first name, last name, user name, date of birth)
Contact Data (such as billing address, email address, phone number)
Financial Data (such as bank account, payment card details)
Marketing and Communications Data (such as your preferences receiving marketing from us and our third parties and you communication preferences
Transaction Data (such as details about payments to and from you and other details of products and services you have purchased from us)
Technical Data (such as IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website)
Profile Data (such as username and password, purchases or orders made by you, your preferences, feedback, your interests)
Usage Data (such as information about how you use our website, products and services)
2.3 IF YOU FAIL TO PROVIDE PERSONAL DATA
In case we need to collect personal data by law or under the terms of contract we have concluded or will conclude with you and you fail to provide the requested data, we may not be able to perform the contract we have or are trying to enter into with you (e.g. to provide you with goods or services). We will however notify you if this is the case.
3. PURPOSES FOR WHICH WE USE YOUR PERSONAL DATA, LEGAL BASIS FOR PROCESSING AND DATA RETENTION PERIOD
We have set out below, in a table format, a description of all the ways we use your personal data, and which of the legal bases we rely on to do so.
PURPOSE AND ACTIVITY | TYPE OF DATA | LEGAL BASIS | RETENTION PERIOD |
---|---|---|---|
To manage communication with you if you contact us | (i) identity data (ii) contact data (iii) content of such communications |
Art. 6 (1) b) GDPR – performance of a contract | 5 years (general statutory period of limitation) |
To send you a quote on your request | (i) identity data (ii) contact data (iii) content of such communications |
Art. 6 (1) b) GDPR – taking steps prior to entering into a contract with you | 5 years (general statutory period of limitation) |
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | (i) identity data (ii) contact data (iii) technical data |
Art. 6 (1) f) GDPR – legitimate interest of OnRobot (running our business, provision of administration and IT services, network security, preventing fraud) |
as long as it is necessary to fulfil the purposes we collected the data for |
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you |
|
Art. 6 (1) f) GDPR – legitimate interest of OnRobot (to study how costumers use our products/services, to develop them, to grow our business and to inform our marketing strategy) | as long as it is necessary to fulfil the purposes we collected the data for |
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences | (i) technical data (ii) usage data |
Art. 6 (1) f) GDPR – legitimate interest of OnRobot (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our market strategy) |
as long as it is necessary to fulfil the purposes we collected the data for |
To process and deliver your orders, including: (i) manage payments, fees and charges; (ii) collect and recover money owed to us | (i) identity data (ii) contact data (iii) financial data (iv) transaction data |
(i) Art. 6 (1) b) GDPR – performance of a contract (ii) Art. 6 (1) f) GDPR – legitimate interest of OnRobot (to recover debt and outstanding fees) |
5 years (general statutory period of limitation) |
Profiling. Incremental collection of data that may fall as personal data to evaluate certain personal aspects relating to you, in particular to analyse or predict aspects concerning your interests, behaviour, preferences | (i) identity data (ii) contact data (iii) financial data (iv) usage data (v) marketing and communications data (vi) transaction data (vii) technical data |
Art. 6 (1) f) GDPR – legitimate interest of OnRobot (to define types of customers for our products and services, to keep our website updated and relevant, to provide customized service and information, to develop our business and to inform our marketing strategy) NOTE: OnRobot is not engaged in profiling that would pose a high risk or have a high impact on you. In other words, we do not carry out systematic and extensive evaluation of your personal aspects which is based on automated processing, and on which decisions are based that produce legal effects concerning or similarly significantly affect you. |
as long as it is necessary to fulfil the purposes we collected the data for |
To contact you and send you via electronic means (such as e-mail, text messages, MMs, private messages etc.) newsletters, information about the goods or services of OnRobot and other parties, to make suggestions and recommendations to you about goods or services that may be of interest to you. | (i) identity data (ii) contact data (iii) profile data |
Art. 6 (1) a) GDPR - consent | until the withdrawal of consent; or in case of inactivity, 1 year after the last activity performed with regard to OnRobot. |
To contact you for market research and customer satisfaction purposes and also to measure the effectiveness of marketing campaigns. | (i) identity data (ii) contact data (iii) profile data |
Art. 6 (1) f) GDPR – legitimate interest of OnRobot (to protect our intellectual and industrial property rights and economic interests) | as long as it is necessary to fulfil the purposes we collected the data for |
4. COOKIES
4.1 A cookie is a small piece of information that will be stored on your hard disk until you delete it. Like most websites and applications, we use our own cookies and those of third parties, together with similar technologies, to make our websites and applications work, to offer you customized and personalized service, and to learn more about our users and their likely interests.
4.2 You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
4.3 OnRobot and third-party vendors including Google and Facebook use first-party and thirdparty cookies and related user behaviour tracking technologies to measure desktop software, mobile application and website usage; record different user activities in its software and on its web sites; and display advertisements based on the user’s previously recorded activities. OnRobot does not disclose any personally identifiable information to these third-party vendors. However, third-party vendors automatically receive IP addresses when activity tracking occurs. OnRobot may connect user activity data gathered by third-party vendors with information collected by its websites and applications and such data may therefore become Profile or Usage Data.
4.4 You can also prevent your data from being used by third-party vendors by installing browser extensions, such as: http://www.aboutads.info/PMC; https://tools.google.com/dlpage/gaoptout/. Or setting your preferences at web sites like: http://www.youronlinechoices.com/uk/your-ad-choices; http://www.networkadvertising.org/choices/;https://www.google.com/settings/u/0/ads/an onymous
4.5 For more information about the cookies OnRobot currently uses on its websites, please see our https://onrobot.com/en/cookie-policy.
5. DOES ONROBOT SHARE/DISCLOSES MY PERSONAL DATA?
(A) DISCLOSURE TO DATA PROCESSORS
5.1 OnRobot works with companies that help us run our business. These companies provide services such as delivering customer support and sending emails on our behalf (these are called data processors). In some cases, these companies have access to some of your personal information in order to provide services to you on our behalf. They are not permitted to use your information for their own purposes.
5.2 Currently, OnRobot is using the following data processors:
NAME | ACTIVITY |
---|---|
Service Selector |
web developer |
ActiveCampaign |
email marketing, marketing automation, increasing customer experience |
Mailchimp |
automated email marketing |
Semrush |
marketing tool |
Hotjar |
behaviour analytics, user feedback service |
Sumo |
software update monitor |
Hootsuite |
dashboard services |
Zapier |
automation tool |
Microsoft Dynamics |
cloud services |
Dreambrokers | video software |
(B) DISCLOSURE TO OTHER DATA CONTROLLERS
5.3 In other cases, we provide your data to other entities for them use such data under their own name and for their own benefit (e.g. Google, LinkedIn, Facebook, Twitter, YouTube, Instagram). Sometimes we may need to do this to comply with a legal obligation (such as when we need to provide certain Transaction, Technical or Identify Data to the police or other authorities), and in other cases, we rely on other legal grounds, such as our legitimate interests or your consent.
5.4 Alternatively, if we have a good-faith belief that the disclosure is necessary to prevent or respond to fraud, defend our websites or applications against attacks, or protect the property and safety of OnRobot, our customers, users, the public, or specific companies retained to assist us to combat piracy.
5.5 We may share or publish Aggregate Data that doesn’t specifically identify you, such as statistical information about visitors to our websites or statistical information about how customers use our applications.
6. DATA TRANSFERS
6.1 Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
(i) we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
(ii) where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
(iii) where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield. 6.2 Please do contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
7. IS MY PERSONAL DATA SECURE, AND WHERE WILL IT BE STORED?
7.1 We understand that the security of your personal information is important. We provide reasonable administrative, technical, and physical security controls to protect your personal information. All information you provide to us is stored on secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot warrant or guarantee the security of your data transmitted to us; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
7.2 Also, we have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
7.3 Finally, we have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8. YOUR RIGHTS REGARDING YOUR PERSONAL DATA
8.1 YOUR RIGHT TO ACCESS
You have the right to access your personal data, including requesting information on whether OnRobot processes your data, which data are processed, and you may also request a copy of the data you provided to OnRobot.
8.2 YOUR RIGHT TO RECTIFICATION
You have the right to the correction of your personal data. This enables you to ask that any incomplete or inaccurate data we hold about you be corrected.
You also have the right to provide OnRobot with additional information, and documents and a supplementary statement. OnRobot may verify any and all data provided to it. OnRobot shall communicate the rectification of your personal data to recipients of such personal data (if any). However, OnRobot shall not communicate the rectification of personal data to recipients if the communication to such recipients is either impossible or involves a disproportionate effort.
8.3 YOUR RIGHT TO ERASURE
Subject to certain conditions and in certain cases, you have the right to the erasure of your personal data. This means that you may request that we delete your personal data that we may have processed unlawfully or where the use of your data is no longer needed for a purpose. Please keep in mind that OnRobot may not be able to meet your request for specific legal reasons that will be notified to you, if applicable.
OnRobot shall communicate the erasure of your personal data to recipients of such personal data (if any). However, OnRobot shall not communicate the erasure of personal data to recipients if the communication to such recipients is either impossible or involves a disproportionate effort.
8.4 YOUR RIGHT TO THE RESTRICTION OF PROCESSING
You may also request the restriction of the processing of your personal data. For instance, you may request that we suspend the processing of your personal where our use of the data is unlawful but you do not want us to delete it.
OnRobot shall restrict the processing of your personal data for a period to verify the accuracy of such data if you request to obtain the restriction of the processing of your personal data, and you contests the accuracy of such data.
OnRobot shall restrict the processing of your personal data if you request to obtain the restriction of the processing of such data, the processing of which is unlawful, and you opposes the erasure of such data.
OnRobot shall restrict the processing of your personal data if OnRobot does not need such data for the purposes of its processing, but you require your data for the establishment, exercise or defence of legal claims.
OnRobot shall restrict the processing of your personal data if you object to the processing of your personal data that are necessary for the purposes of the legitimate interests that OnRobot pursues, and you wait to verify that
OnRobot’s processing of your personal data has a legitimate ground that does not override your objection.
OnRobot shall communicate the restriction of processing of your personal data to recipients of such personal data (if any). However, OnRobot shall not communicate such restriction to recipients if the communication to such recipients is either impossible or involves a disproportionate effort.
8.5 YOUR RIGHT TO DATA PORTABILITY
Where the processing of your data is either based on your consent (e.g. in respect of electronic direct marketing), or is necessary for the performance of a contract, you may request the provision of your personal data that you have provided to us in a standard format, and you may also request that such data be transferred to another entity.
8.6 YOUR RIGHT TO OBJECT
Importantly, when we process your data on the basis of our legitimate interests you may object to such processing and request that any of those activities be stopped. In such cases we shall no longer process your personal data, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
8.7 YOUR RIGHT TO WITHDRAW CONSENT
Also, you have the right to withdraw your consent at any time where we rely on your consent for processing your data. Remember that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal and that in some cases we may need time to process request. With regard to electronic direct marketing, you may withdraw your consent by sending us a letter to our postal address, or a message to our email address indicated above, or by clicking on the unsubscribe link to be found in each email.
OnRobot shall communicate your objection/withdrawal of consent to recipients of such personal data (if any). However, OnRobot shall not communicate such restriction to recipients if the communication to such recipients is either impossible or involves a disproportionate effort.
8.8 YOUR RIGHT TO LODGE A COMPLAINT
Without prejudice to any other administrative or judicial remedy that you may have (such as the right to claim compensation for damages suffered as a result of OnRobot’s breach of the GDPR), you have the right to lodge a complaint with the Danish supervisory authority (Datatilsynet), or another data protection supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
Please find the contact details of the supervisory authorities under the following link: https://edpb.europa.eu/about-edpb/board/members_en
In any case, we would highly appreciate the chance to deal with your concerns before you approach the regulatory authority above, so please contact us in the first instance if any problems.
If you wish to exercise any of your rights mentioned above, please contact us at the addresses set out in clause 1.3.
8.9 No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
8.10 Verification of you identity
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
9. CHANGES TO THIS PRIVACY POLICY
This Privacy Policy is current as of 24 January, 2020. Earlier versions may be obtained by contacting us. We will inform you in case of any changes to this Privacy Policy in due course.