Privacy Policy
Welcome to Unioo’s Personal Data Protection Policy (Privacy Policy).
1. ABOUT UNIOO’S PRIVACY POLICY
This privacy policy describes how Unioo ApS, Niels Brocks Gade 8, 3., 8900 Randers C, CVR-no. 40390030 (“us”, “we” and “our”), collects and uses your personal data when (i) you use our website (www.unioo.io), (ii) we send you newsletters via email that you have requested, (iii) we process information about you when you visit our Unioo business pages on social media, (iv) you contact us with questions, and/or (iv) you create a user account on our platform on behalf of your association.
In many situations, Unioo is a data processor on behalf of our customers, but regarding information covered by this privacy policy, we are the data controller. This privacy policy contains an overview of our processing activities, including their purpose and legal basis.
If you have questions about this privacy policy or if you wish to exercise your rights as a data subject under Chapter III of the General Data Protection Regulation (“GDPR”) and in accordance with section 5 of this privacy policy, you can contact us at [email protected].
| Purpose | Categories of personal data | Legal basis | Recipients | Retention period |
|---|---|---|---|---|
| Visitors to our website (www.unioo.io) (cookies) | ||||
| We use our own and third-party cookies on our website to ensure it functions properly, improve user experience and functionality, compile statistics, and enable targeted marketing (content and ad optimization). Read more in our cookie policy. | When you visit our website, we process the following personal data through cookies: browser information, device details, IP address, and behavior on the site, including the subpages you visit. | For necessary cookies, the legal basis for processing is our legitimate interests, as per GDPR Article 6(1)(f). These interests are in providing an optimally functioning website. For other cookies, the legal basis is your consent under GDPR Article 6(1)(a) and the Cookie Order. | We use third-party cookies to gather data for optimizing our ads. When using cookies from social media platforms like Facebook, LinkedIn, Instagram, or Google Ads, we are joint controllers with these providers and may share data collected via cookies. See “Social media” below. | Personal data collected via cookies is retained for varying periods depending on cookie type and purpose. See our cookie policy for specific durations. |
| Recipients of newsletters via email | ||||
| If you have a user profile on our platform, you can subscribe to our newsletter, which we will then send to you via email. | The personal data processed includes your name and email address. | The legal basis is your consent under GDPR Article 6(1)(a) and the Danish Marketing Act § 10. | N/A | We retain your data until you withdraw your consent or 1 month after we cease newsletter distribution. |
| Social media | ||||
| If you follow or engage with Unioo on social media (Facebook, Instagram, LinkedIn, YouTube), we process your data to communicate and market to you. | We access personal data you make available on the platform, such as name, gender, marital status, job, interests, city, comments, visits, and likes on our posts. | The legal basis is our legitimate interest in communicating and marketing to you and improving our business, as per GDPR Article 6(1)(f). | Meta Platforms Ireland Ltd. (Facebook, Instagram), LinkedIn, and Google Ireland Ltd. (YouTube) are independent data controllers for their own processing and joint controllers with us for certain shared purposes. | We process your data until you withdraw your consent or 1 month after we stop sending newsletters. |
| Inquiries via phone, chat function, or email | ||||
| When you contact us (via phone, chat, or email), we process your personal data to handle your inquiry. | Typically processed data includes your name, phone number, email address, and the content of your inquiry. | The legal basis is our legitimate interests in customer service and relationship management, as per GDPR Article 6(1)(f). | In certain cases, e.g., disputes, data may be shared with advisors or other third parties when legally and necessarily justified. | Inquiries from potential customers are deleted after resolution. For existing customers, data is deleted 12 months post-membership, unless retained for legal documentation. |
| Use of our services, including our software | ||||
| When you register on our software to manage your association, we process your personal data (profile data) to deliver the requested service. | We collect name, email, phone number, and bank account numbers (if needed for invoicing). We also generate a username and password. | The legal basis is contractual necessity (GDPR Article 6(1)(b)). Post-contract, the basis is our legitimate interest in documentation (GDPR Article 6(1)(f)). In some cases, processing is legally required (GDPR Article 6(1)(c)), e.g., for bookkeeping under the Danish Bookkeeping Act. | In some specific cases, such as disputes, personal data may be shared with advisors or third parties where lawful and necessary. | Customer data is deleted 14 days after account deletion unless needed for documentation. Data in financial records is retained for 5 years from the fiscal year’s end, as per the Bookkeeping Act. |
3. SOURCES
Most of the information we process is received directly from you, e.g., when you create a profile with us on behalf of your association, send us a question, or subscribe to our newsletter.
4. USE OF DATA PROCESSORS AND TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES
In connection with the processing of your data as described above, we use data processors who act solely on our instructions and under a data processing agreement. These processors provide, for example, IT systems that we use to process your data.
We prioritize processing all data within the EU. However, in certain limited cases, your personal data may be transferred to countries outside the EU/EEA. Such transfers may occur, for example, if we use an IT provider located in a third country. We ensure that any transfer complies with applicable data protection legislation. This means that a recipient of your personal data located outside the EU/EEA will ensure an adequate level of protection, for example by entering into the European Commission’s standard contractual clauses with us. We implement supplementary protection measures if assessed necessary in the individual case.
You can request a copy of the legal basis for such transfers by contacting us at [email protected].
5. YOUR RIGHTS
We have implemented several measures to protect your personal data and safeguard your rights. As your personal data is processed, you may exercise the rights described below. Some rights only apply under specific circumstances. The Danish Data Protection Agency has issued guidance on data subject rights. More information about your rights can be found here.
- You have the right to request access to, including a copy of, the personal data we process about you, along with additional information.
- You have the right to request the rectification of inaccurate personal data about yourself and to have incomplete personal data completed.
- If you have requested targeted marketing content, the right to rectification naturally also applies to you.
- You have the right to request the deletion of personal data about yourself under certain circumstances.
- You have the right to request restriction of the processing of your personal data.
- You have the right to data portability.
- You have the right to object to processing, particularly regarding direct marketing.
- You have the right to request not to be subject to a decision based solely on automated processing.
- You have the right to withdraw your consent. To unsubscribe from newsletters, use the link in the newsletter or contact us at [email protected].
If you wish to exercise any of the above rights or withdraw previously given consent, you are welcome to contact us at [email protected].
6. INQUIRIES AND COMPLAINTS
If you have any questions regarding this Privacy Policy, wish to exercise one of the above rights, or disagree with how we process your personal data, you can contact us at [email protected].
If you disagree with how we process your personal data, you have the right to lodge a complaint with the Danish Data Protection Agency. You can find their contact information here. However, we sincerely hope that you will contact us first using the details above, so we can try to resolve the issue together.
7. CHANGES TO THE PRIVACY POLICY
This privacy policy will be updated and changed regularly, as well as when necessary due to changes in legislation or practice in the field of data protection. We therefore recommend that you stay informed continuously.
Date of the latest update to this Privacy Policy: 20 February 2025