PRIVACY POLICY

 

Click here to download the PDF-version: WorkPoint Privacy Policy

 

This privacy policy is established by Workpoint (hereafter “Workpoint”, ”we”, ”us” or ”our”) and apply for Workpoint’s processing of personal data about our customers.

1 ABOUT WORKPOINT
WorkPoint is a recognized and award-winning Microsoft Gold Partner. The software company delivers an efficient and easy-to-use business framework through Office 365 that meets the needs of document, case and project management in the modern workplace.

In connection with our operation, we process personal data. We do so in order for us to deliver our services to you in the best possible way. We collect and process personal data for the purposes described in this privacy policy. Workpoint is data controller in relation to the processing of personal data for these purposes.

We strive to ensure that all personal data processed is accurate and updated. In order for us to ensure that the data processed is always correct and updated we kindly ask you to inform us of any changes to your information (e.g. change of your e-mail address or telephone number).

If you have any questions about this privacy policy, our processing of your personal data or if you need to update your data please contact us here:

Workpoint A/S
Esbjerg Brygge 28
6700 Esbjerg

2 WHICH PERSONAL DATA DO WE PROCESS ABOUT YOU?
The information we collect about you will be used for various purposes in connection with your customer relationship and the operation of our business. Generally, we process data for customer management and administration and for the purpose of fulfilling our rights and obligations. We only collect and process general information in connection with your customer relationship with us.

We will typically collect the following types of information (the list is not exhaustive):

We process Information that you or your company provide to us in connection with a customer relationship with us, including contact information (first name, middle name (s), surname, address, telephone number, username and e-mail address) and any information provided by you or your company to us for when you contact us about your customer relationship.

Our main design principle is to avoid storing and accessing customer data if possible. However, to provide great business value and usability this it not always possible. In these scenarios, it is extremely important to handle data in a secure manner. As our add-in is given consent on site collection level, all data in a WorkPoint solution will be theoretically accessible by our backend. In the following subsections 4 different elements of our backend is described.

3 TO WHICH PURPOSES WE PROCESS YOUR PERSONAL DATA
Workpoint processes your personal information for the purposes set out below.

We will only process your personal data to the extent necessary in connection with your customer relationship, or as required by applicable law.

Customer Administration – Creating and managing your customer relationship with us as part of the running of our business, including maintaining our CRM register, ERP system, billing, debt collection, marketing, statistics, etc. We can also process customer contact information in connection with customer management.

Marketing – If you consent for the receiving of marketing material from us. We will use your data for the purpose of sending out marketing material to you via e-mail, sms or other electronic media, we will obtain your consent thereto when this is required by the rules of the Danish Marketing Act.

Operation and maintenance of our websites – Providing our online services on our home pages, including to support the ongoing evaluation and improvement of our websites.

Compliance with applicable laws and regulations – Compliance with laws and regulations, which we are subject to in connection with the operation of the business or to fulfil various reporting or disclosure obligations that are incumbent upon us under applicable laws and regulations.

The information we process about you, we collect from you or your company and. We do not use your personal information to make decisions based solely on automatic processing, including profiling.

4 LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Our basis for processing is our legitimate interests (article 6(1), point (f) of the General Data Protection Regulation) and/or your consent (article 6(1), point (a) of the General Data Protection Regulation and section 10 of the Danish Marketing Practices Act)

Our basis for the processing may also be our fulfilment of a legal obligation imposed on us (article 6(1), point (c) of the General Data Protection Regulation).

In addition, there may be situations where we process your personal data for the legitimate interests of third parties (article 6(1), point (f) of the General Data Protection Regulation).

5 SHARING OF PERSONAL DATA
We may disclose your personal information to other suppliers and/or service providers in connection with the normal operation of our company, for example to data processors in connection with the external administration of our IT systems or similar, to our external advisors in connection with revision, legal assistance, etc.

We try to limit the disclosure of personal data in personally identifiable form and thus the disclosure of information that can be attributed to you personally.

We do not disclose your personal information unless necessary to conduct our business or meet your needs.

We do not transfer your personal data to non-EU/EEA countries.

6 STORAGE OF PERSONAL DATA AND SECURITY
In general, your personal data is stored only as long as necessary to meet the purposes for which it has been collected.

We store and process your personal data throughout the period in which you are a customer with us.

When the customer relationship with us ceases, we store the information we have collected for up to three years after termination. If special circumstances apply, we can store the information for a longer period. This may be the case, for example, in disputes.

We keep your information confidential and secure. We have implemented the necessary technical and organizational security measures to ensure that your information is not accidentally or illegally destroyed, lost or altered, and against the unauthorized disclosure of or access to your personal data.

When your data is no longer necessary, we will ensure that it is deleted in a safe manner.

7 YOUR RIGHTS
As a data subject, you have a number of rights under the General Data Protection Regulation. Please contact us if you want to exercise your rights.

You may withdraw any consent unconditionally and at any time. This can be done by sending an e-mail to us (see the e-mail address above). Withdrawal of your consent will not have any negative impact. However, it may mean that we cannot honour specific requests from you in the future. Withdrawal of your consent will not affect the lawfulness of processing on the basis of your consent before it is withdrawn. Furthermore, it will not affect any processing performed on another legal basis.

In addition, you may – unreservedly and at any time – raise objections to our processing when it is based on our legitimate interest.

Your rights also include the following:

Right to access: You have the right to gain access to the personal data we process about you.

Right to rectification: You have the right to have incorrect personal data about yourself corrected and incomplete personal data completed.

Right to erasure (right to be forgotten): Under certain circumstances, you have the right to have your personal data erased prior to the time when we normally delete it.

Right to restriction of processing: Under certain circumstances, you have the right to have the processing of your personal data restricted. If you are entitled to restricted processing, we will from that time on only process the data – with the exception of storage – with your consent or for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of important public interest.

Right to objection: You have the right to object to our processing of your personal data under certain circumstances – and always if the processing is for direct marketing purposes.

Right to data portability: Under certain circumstances, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit this personal data from one data controller to another.

Right to lodge a complaint: You can lodge a complaint with the Danish Data Protection Agency at any time regarding our processing of personal data. For more information, see datatilsynet.dk where you can also find further information about your rights as a data subject.

8 UPDATES
We are continuously evaluating and updating this privacy policy. It is therefore a good idea to keep yourself regularly updated for any changes that may affect the processing of your personal data.

You can find the latest version of the privacy policy here: http://www.workpoint365.com

Last revised, 7. November 2019