1. Controller of personal data
1.1 For the purpose of compliance with the data protection legislation, the data controller is Henosia ApS, Kronhjorten 73, 9530 Støvring, Denmark.
2. Purpose of the collection of personal data
2.1 Henosia will ensure that personal data is collected and processed only in accordance with one of the following purposes:
- To deliver the services on the Platform.
- To answer the End User’s questions or complaints about the Platform.
- To communicate with the End User about the Platform, including but not limited to notify the End User about changes on the Platform.
- To facilitate Henosia’s understanding of how to improve the Platform, develop new products and services provided on the Platform and to enable and promote the Platform.
- To analyze the use of the Platform, including but not limited to interaction with applications, advertising, products and services made available on the Platform, linked to or offered on the Platform.
- To ensure technical functioning of the Platform.
- To provide, personalize and improve the End User’s experience with the Platform.
- To provide the End User with information on current activities on the Platform, general announcements, upcoming products and changes to the Platform.
- To facilitate the provision of services ordered from Henosia, including cookies to identify End Users and remember their preferences.
3. Legal basis for processing
4. What kind of personal data is collected
4.1 As the data controller, Henosia will collect, store, and/or use personal data about the End User such as name, email address, and IP address.
5. Processing of personal data
5.1 Henosia collects personal data in various ways, including:
- Personal data that the End User provides to Henosia through the Platform by filling in forms on the Platform, including information the End User provides when it registers to use the Platform.
- Personal data provided to Henosia through corresponding with Henosia by phone, email or otherwise.
- Collecting personal data through social media sites, e.g. when the End User connects to the Platform from the End User’s Facebook/Google account, loyalty schemes or contests created by Henosia.
5.2 When the End User ends its subscription to use the Platform, Henosia will anonymise or erase the End User’s personal data from the Platform to ensure the privacy of the End User.
5.3 Notwithstanding section 5.2, Henosia will store the personal data for as long as it is relevant for the purposes set out in section 2 above and as required by law. Notwithstanding the aforementioned, Henosia will at maximum store the End User’s personal data for a period of five (5) years after the End User ends it subscription to the Platform.
6. Processing of traffic data
6.1 Henosia also collects aggregate or non-personal identifiable information to track data such as the total number of visits to the Platform, how the End Users found the Platform, clicks on advertising, products and services offered, linked to or made available on the Platform, the details of the queries and content posted by the End Users. Henosia uses this information to understand how the End User uses the Platform so that Henosia can improve them. Henosia may also share this information with its affiliates, its partners, or other outside companies. No personally identifiable information is collected, stored or disclosed in this process.
7. Transfer of personal data
7.1 Henosia may transfer personal data to affiliate or subsidiary companies, as well as professional advisors. Furthermore, Henosia may transfer personal data to employees, agents, business partners, vendors and suppliers in order to deliver a service to Henosia or on Henosia’s behalf.
7.2 Henosia will transfer personal data in order to comply with legal requirements, hereunder when necessary to investigate fraud.
7.3 The transfer of personal data is conducted in compliance with legal requirements, hereunder that transfers are guarded by data processor agreements, to ensure that data is not processed for other purposes than clearly stated and to ensure adequate security measures.
7.4 The personal data that Henosia collects from the End User may be transferred to and stored at a destination outside the European Economic Area (“EEA”). If personal data is transferred outside of the EEA, Henosia ensures an adequate level of security by transferring to countries approved by the EU Commission as having an adequate level of protection, or by entering into an appropriately-drafted contract between Henosia and the non-EEA entity receiving the data, e.g. the EU Commission’s Standard Contractual Clauses for the transfer of personal data to third country.
8. Third party websites and third party collection of information
9. Securing the End User’s personal data
9.1 Henosia will ensure appropriate security measures to protect data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure, abuse, etc. Henosia applies technical security measures such as 2-step authentication. Furthermore, Henosia applies organizational security measures to protect your personal data.
9.2 While Henosia takes reasonable data protection precautions, no security measures are completely secure, and Henosia does not guarantee the security of the End User’s data at any time. The End User can access and amend some of the information Henosia keeps on the Platform, and Henosia encourages the End User to always update their personal subscriber information.
10. Right to access and rectify the End User’s personal data
10.1 If the End User has any questions regarding Henosia’s processing of its personal data, the End User can contact Henosia using the contact details described below under Section 12.
10.2 Upon the End User’s request, Henosia will provide the End User with a summary of the personal data that relates to the End User and is being processed by Henosia. This summary can include what kind of personal data is being processed, the purpose of the processing, how the personal data was collected and the category of recipients. Henosia will endeavour to provide this summary within four (4) weeks after the request.
10.3 The End User can request to receive personal data regarding the End User in a format which is structured, commonly recognized and readable for a computer, and the End User has the right to pass this personal data to other data controllers. The End User can request that Henosia passes the personal data directly to another data controller, if this is technically possible.
10.4 The End User can request that any false or misleading personal data processed by Henosia is changed, rectified or erased by Henosia.
10.5 The End User can request to have the processing restricted or to object to the processing, and the End User can withdraw the End User’s consent at any time.
10.6 If Henosia does not comply with their legal obligations, the End User can file a complaint with the Danish Data Protection Agency (“Datatilsynet”), who will consider if the complaint is legitimate.
10.7 Notwithstanding the above, the End User has the right to obtain the erasure of its personal data from Henosia in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 of 27 April 2016). If the End User wants to know more about its rights to erasure, the End User can contact Henosia at the address set out in Section 12.
12. Contact details