1. Introduction
1.1 This data protection and privacy policy (the “Policy”) describes how Eurekos Systems ApS (“us”, ”we” or ”our”) as a data controller collects and processes personal data relating to the purchase of services, membership, products or general use of our website.
Contact Information: Eurekos Systems ApS, Torvet 4A, 2., 3400 Hilleroed, Denmark, Phone +45 60 555 888, Email [email protected]
1.2 The Policy is prepared and made available to comply with the general data protection regulation (2016/679 of 27 April 2016) (the ”GDPR”) and the rules included herein on information to be provided to you.
2. Collecting personal data with cookies
2.1 By visiting and using our website(s), cookies are collected and used on the basis of consent. Information in these cookies include browser type, search terms on our website(s), IP address, location at login. We and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices. This includes progress data, settings in menus and filters and more to improve the user experience of our Services.
You can always change your cookie settings by visiting this section here
(hereinafter “Cookiedata”).
2.2 Cookiedata is used for improvement of the website(s) and the user experience, to perform targeted marketing, to deliver our products, services or goods, administration customer claims, administration of customer relationships in general (orders, purchase history, invoicing etc.), prevention of fraud, scams and illegal use of our website or services, customer support, prevention of unauthorized logins.
2.3 Use of cookies for the purpose of collecting personal data is in accordance with the Cookie Order (No. 1148 of 9 December 2011), section 3.
2.4 If you wish to limit or decline the cookies placed on your computer when visiting our website you can do so at any time by changing your browser settings. However, you should be aware that if you decline or reject cookies it will impact the functionality of the website which means that there are features on the website that you will not be able to see. Any browser allows you to delete cookies collectively or individually. How this is done depends on the used browser. Remember to delete the cookies in all browsers, if you use several different browsers.
2.5 We disclose and/or share Cookie Data with external companies as suppliers.
The collected cookie data is sent to our affiliated partners in order to work with our website, SEO, Google Ads and Direct Marketing.
2.6 If you would like to contact our Chief Privacy Officer (CPO) regarding this privacy policy, you may contact us using [email protected]
3. Types of personal data processed
3.1 We process personal data about you when this is necessary and in accordance with the applicable legislation. Depending on the specific circumstances, the processed personal data include the following types of personal data: name, address, telephone number, email, username, purchasing history, invoicing and bookkeeping data and documentation, account status (customer points, payments etc.)
3.2 We do not collect or process sensitive personal data (so-called “special categories of personal data”).
3.3 As a general rule, we only collect personal data about you from you. If specific circumstances allow or require us to collect personal data about you from someone else than you, we will inform you hereof, which may be done by updating this Policy.
3.4 If we need to collect more personal data than what is specified above, we will inform about this. Such information may be provided by our updating of this Policy.
4. Purposes for processing the personal data
4.1 We only process personal data for legitimate purposes in accordance with the GDPR. Depending on the circumstances, the personal data is processed for the following purposes:
a) To deliver products or services to a user, customer or member.
b) To answer enquiries or complaints from users, customers or members.
c) To provide service messages and information to users, customers or members.
d) To store personal data to comply with applicable legislation requirements such as bookkeeping acts.
e) To send direct marketing to users, customers or members.
f) To prevent fraudulent behavior or misuse of the IT System.
g) To send newsletters on e-mail.
h) To perform profiling of users, customers or members to analyse and predict their preferences and/or behavior.
i) To handle a customer or benefit club.
j) To give support and service messages, including answering questions and complaints and send updates about our products and services.
k) To prevent fraudulent behavior or misuse of our products, services and website, including the processing of personal data for the purpose of legal actions.
l) To improve our products, services or website.
m) To send marketing materials to webinar participants.
5. Legal basis for processing personal data
5.1 We only process your personal data when we have a legal basis to do so in accordance with the GDPR. Depending on the specific circumstances, the processing of personal data is done on the following legal basis:
a) If we have asked for a consent for the processing of specific personal data, the legal basis for such personal data is a consent, cf. article 6(1)(a) of the GDPR, as the consent can always be withdrawn by contacting us via the contact details provided at the end of this Policy, and, if the consent is withdrawn, the personal data processed on the basis of consent is deleted, unless it can or must be processed, for example, in order to comply with legal obligations.
b) The processing is necessary for the performance of a contract to which the data subject is party, cf. the GDPR, article 6(1)(b), the first indent.
c) The processing is necessary in order to take steps at the request of the data subject prior to entering into a contract, cf. the GDPR, article 6(1)(b), last indent.
d) The processing is necessary for compliance with applicable legislation, cf. the GDPR, article 6(1)(c).
5.2 In addition to the above, in some instances we analyze individual customers’ or users’ personal preferences and/or behavior with the purpose of using such analyses for marketing, sales or similar commercial activities. Before we perform such processing, we will collect a consent hereto. We perform this processing activity for the following purposes: We track what pages the users are visiting for direct marketing in our marketing automation.
6. Disclosure and transfer of personal data
6.1 We only pass on personal data to others when the law allows it or requires it.
6.2 We transfer personal data to the following recipients from the EU/EEA:
a) Data processors.
b) Suppliers.
6.3 From time to time we use external companies as suppliers to assist us in delivering our services. The external suppliers will not receive or process personal data unless the applicable law allows for such transfer and processing. Where the external parties are data processors, the processing is always performed on the basis of a data processor agreement in accordance with the requirements under GDPR. Where the external parties are data controllers, the processing of personal data will be performed based on said external parties’ own data privacy policy and legal basis which the external parties are obligated to inform about unless the applicable legislation allows otherwise.
6.4 Upon transfer of personal data to countries or international organizations outside the EU/ EEA, an adequate protection for the transfer of personal data is ensured by the EU Commission Standard Contractual Clauses. By accepting the terms of this privacy policy, the Customer authorizes Eurekos to enter EU Commission Standard Contractual Clauses with sub-processors located outside the EU/EAA.
6.5 If you have any questions about our use of data processors, cooperation with other data controllers, including subsidiary companies, or transferring of data to third countries, please contact us for more information or documentation of our legal basis for said transfers.
7. Erasure and retention of personal data
7.1 We ensure that the personal data is deleted when it is no longer relevant for the processing purposes as described above. We also retain personal data to the extent that it is an obligation from applicable law, as is the case with for example accounting and bookkeeping materials and records. If you have any questions about our retention of personal data, please contact the email mentioned at the bottom of this Policy.
8. Data subject rights
8.1 Data subjects have a number of rights that we can assist with. If a data subject wants to make use of his or her rights, he or she can contact us. The rights include the following:
8.1.1 The right of access: Data subjects have a right to ask for copies of the information that we process about them, including relevant additional information.
8.1.2 The right to rectification: Data subjects have a right to ask for rectification of inaccurate personal data concerning him or her.
8.1.3 The right to erasure: In certain circumstances data subjects have a right to obtain the erasure of personal data concerning him or her before the time when erasure would normally occur.
8.1.4 The right to restrict processing: Data subjects have, in certain situations, a right to have the processing of his or her personal data restricted. If a data subject has the right to have the processing of his or her personal data restricted, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest in the European Union or of a European member state.
8.1.5 The right to object: Data subjects have, in certain situations, a right to object to the legal processing of his or her personal data. Objection can also be to the processing of personal data for the purpose of direct marketing.
8.1.6 The right to data portability: Data subjects have, in certain situations, a right to receive his or her personal data in a structured, commonly used and machine- readable format and have the right to transmit those data to another data controller without hindrance from the data controller to which the personal data has been provided. 8.2 More information about data subject rights can be found in the guidelines of the national data protection authorities.
If a data subject wishes to make use of his or her rights as described above, the data subject is asked to use the contact details provided at the end of this Policy.
We strive to do everything to meet wishes regarding our processing of personal data and the rights of data subjects. If you or others despite our endeavours wish to file a complaint, this can be done by contacting the national data protection authorities.
9. Changes to this Policy
9.1 We reserve the right to update and amend this Policy. If we do, we correct the date and the version at the bottom of this Policy. In case of significant changes, we will provide notification in the form of a visible notice, for example on our website or by direct message.
10. Contact
10.1 If you have questions or comments to this Policy or if you would like to invoke one or more data subject rights, please contact us at [email protected]
11. Provision of Personal Data and Consequences of Non-Disclosure
11.1 In certain instances, the provision of your personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract with us. When we request personal data, it will be clearly indicated whether the provision of such data is mandatory or voluntary.
11.2 If you do not provide the required personal data, it may have the following consequences:
Statutory Requirements: If the provision of personal data is required by law (such as for tax or accounting purposes), failure to provide such data may result in legal obligations not being fulfilled, which could lead to penalties or inability to provide services.
Contractual Requirements: If the provision of personal data is necessary for entering into a contract or fulfilling a contractual obligation, failure to provide such data may prevent us from entering into or continuing the contractual relationship with you.
Service Provision: If the personal data is necessary to deliver the products or services you have requested (e.g., processing an order or providing customer support), we may be unable to deliver those services in the absence of the necessary information.
11.3 We will always inform you when the provision of your personal data is mandatory and the specific consequences of non-disclosure on a case-by-case basis.
This is version 11, last updated 04.11.2024 22:15.
Yours sincerely,
Eurekos Systems ApS
You can always change your cookie settings by visiting this section here
Eurekos Systems ApS
Torvet 4A, 2.
3400 Hilleroed
Denmark
Vat.No. DK 4o 84 54 88