Privacy Policy
Welcome to Unioo’s Personal Data Protection Policy (Privacy Policy).
1. ABOUT UNIOO’S PRIVACY POLICY
This privacy policy describes how Unioo ApS, Niels Brocks Gade 8, 1., 8900 Randers C, CVR-no. 40390030 (“us”, “we”, and “our”), collects and uses your personal data when (i) you use our website (www.unioo.io), (ii) we send you news via email that you have requested, (iii) we process information about you when you visit our Unioo company pages on social media, (iv) you contact us with questions, and/or (iv) you create a user on our platform on behalf of your association.
Unioo is in many situations a data processor on behalf of our customers, but with regard to information covered by this privacy policy, we are the data controller. This privacy policy contains an overview of our processing activities, including the purpose and legal basis.
If you have questions about this privacy policy or if you wish to exercise your rights as a data subject under Chapter III of the General Data Protection Regulation (“GDPR”) and in accordance with section 5 of this privacy policy, you can contact us at [email protected].
| Purpose | Categories of personal data | Legal basis | Recipients | Retention period |
|---|---|---|---|---|
| Visitors to our website (www.unioo.io) (cookies) | ||||
| We use our own and third-party cookies on our website.
The purpose of using cookies and similar technologies is to ensure that the website functions, to improve user experience and functionality, to compile statistics, and to enable marketing (targeting content to your needs and optimizing advertisements). You can read more about how we use cookies in our cookie policy here. |
When you visit our website, we process the following personal data about you through the use of cookies: browser information, information about your device, IP address, and behavior on the website, including which subpages you visit. | When we use necessary cookies, the basis for processing your personal data is our legitimate interests, and it is our assessment that your interests or fundamental rights and freedoms do not override this, cf. GDPR Article 6, paragraph 1, point f. The legitimate interests we pursue are to provide a website that works optimally for you.
For cookies used for other purposes, the legal basis is your consent, which we will request when you visit the website, cf. GDPR Article 6, paragraph 1, point a, cf. the Cookie Order. |
We use third-party cookies to collect data for optimizing our advertisements in general.
When we use third-party cookies from e.g., social media such as Facebook, LinkedIn, and Instagram or Google Ads, we will be joint data controllers with these providers and will thus in certain cases share information collected via cookies. See more below under “Social Media”. |
Personal data collected via cookies through visits to our website is stored for varying periods depending on the type of cookie and purpose of the cookie.
See our retention period per cookie in our cookie policy here. |
| Recipients of news via email | ||||
| If you have a user profile on our platform, you can sign up for our newsletter, which we will then send to you by email. | The personal data we process for this purpose is name and email address. | The legal basis for our processing of your personal data is your consent, cf. GDPR Article 6, paragraph 1, point a, cf. the Marketing Act § 10. | N/A | We process your information for this purpose until you withdraw your consent to receive relevant news or 1 month after we stop sending newsletters. |
| Social Media | ||||
| If you choose to follow us or communicate with Unioo on social media (Facebook, Instagram, LinkedIn, and YouTube), we process your information. The purpose of processing personal data on our social media is to be able to communicate and interact with you and to market ourselves to you. | When you interact with us on social media (like, react, comment, follow, etc.), we gain insight into the personal information that you have made available on the social media platform, including, for example, your name, gender, marital status, work, interests, city, comments, visits, and “likes” on our page or posts. | When we process your personal data on social media, the basis for processing is our legitimate interest in being able to communicate with and market ourselves to you and to improve our business. It is our assessment that your interests or fundamental rights and freedoms do not override this, cf. GDPR Article 6, paragraph 1, point f. | The providers of the relevant online services, Meta Platforms Ireland Limited (Facebook and Instagram), LinkedIn, and Google Ireland Limited (Youtube), are data controllers for their own processing of your personal data and joint data controllers with us for sharing your personal data for the purpose of displaying our news and offers and excluding recipients from irrelevant messages and target groups.
We have no control over the social media’s independent processing of your personal data, and we therefore refer you to their individual privacy policies for more information about the social media’s processing and sharing of your personal data. |
We process your information for this purpose until you withdraw your consent to receive relevant news or 1 month after we stop sending newsletters. |
| Inquiries via telephone, chat function, or email with questions | ||||
| When you contact us (via telephone, chat, or email), we process the personal data you provide us with the purpose of handling your inquiry. | The personal data we typically process are your name, telephone number, email address, and the content of your inquiry. | The legal basis for processing your personal data is our legitimate interests in providing customer service and handling our customer relationships, and it is our assessment that your interests or fundamental rights and freedoms do not override this, cf. GDPR Article 6, paragraph 1, point f. | In certain specific cases, e.g., in connection with disputes, including if disclosure is necessary for our legal claims to be established, asserted, or defended, we may disclose your personal data to advisors or other relevant third parties, if deemed lawful and necessary. | Inquiries from potential customers are deleted when the case has been completed.
Inquiries from existing customers are deleted 12 months after the termination of membership. A longer retention period may be necessary for documentation purposes, e.g., due to a dispute, including for legal claims to be established, asserted, or defended. |
| Use of our services, including our software | ||||
| When you create a user profile in our software to administer your association, we process your personal data (profile data) in order to provide the administration service you request. | The personal data we collect are your name, email, telephone number, and account numbers (if required for billing). We also generate a username and password. | The legal basis for processing your personal data is that it is necessary to process your personal data to fulfill the agreement we have entered into with you, cf. GDPR Article 6, paragraph 1, point b.
The legal basis for processing your personal data after the contractual relationship has ended is our legitimate interests, and it is our assessment that your interests or fundamental rights and freedoms do not override this, cf. GDPR Article 6, paragraph 1, point f. The legitimate interests we pursue are the consideration of documentation in connection with previous contractual relationships. In certain cases, the processing of your personal data is necessary to comply with a legal obligation to which we are subject, e.g., in connection with the storage of accounting records in accordance with the Bookkeeping Act. In such cases, the legal basis is GDPR Article 6, paragraph 1, point c. |
In certain specific cases, e.g., in connection with disputes, including if disclosure is necessary for our legal claims to be established, asserted, or defended, we may disclose your personal data to advisors or other relevant third parties, if deemed lawful and necessary. | Customer information is deleted 14 days after you have deleted your profile with us, unless it is necessary to retain personal data for documentation purposes, e.g., due to a dispute, including for legal claims to be established, asserted, or defended.
To the extent your personal data is included in our accounting records, e.g., in connection with invoicing, your personal data is retained for 5 years from the end of the financial year to which the accounting records relate, in order to comply with our legal obligations under the Bookkeeping Act. |
| Payment of membership fees and purchase of event tickets, etc. | ||||
| If you, as a member of an association or a ticket purchaser, register as a user on our platform, we process your personal data (member profile data or user profile data) in order to complete the payments you make as a member or ticket purchaser to the association through our platform. | The personal data we collect include your name, email address, and phone number, as well as the name of the association you are a member of. We also generate a username and password. Your payment details are not stored by us but by the payment provider. | The legal basis for processing your personal data is that such processing is necessary to fulfill the agreement we have entered into with you when you have accepted our terms of use, and we are authorized by the association to receive your payment on their behalf, in accordance with GDPR Article 6(1)(b). | Your payment information is received and processed by the payment provider to ensure that the payment is completed. | Member information and user information for ticket purchasers are deleted 14 days after you have deleted your profile with us, unless it is necessary to retain the personal data for documentation purposes, for example in connection with a dispute, including to establish, exercise, or defend legal claims.
To the extent that your personal data are included in our accounting records, for example in connection with invoicing, your personal data are retained for 5 years from the end of the financial year to which the records relate, in order to comply with our legal obligations under the Danish Bookkeeping Act. |
3. SOURCES
Most of the information we process we receive from you, e.g., when you create a profile with us on behalf of your association, send us a question, or sign up for our newsletter. We may also receive information from other sources, such as your financial institution, if you request it.
4. USE OF DATA PROCESSORS AND TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES
In connection with the processing of your data as mentioned above, we use data processors who act solely on our instructions and in accordance with a data processing agreement. The data processors provide, for example, IT systems that we use to process your data.
We prioritize that all data is processed within the EU. However, in certain limited cases, your personal data may be transferred to countries outside the EU/EEA. The transfer may, for example, be relevant if we use an IT provider located in a third country. We ensure that the transfer takes place in accordance with applicable data protection legislation. This means that a recipient of your personal data who is not domiciled in the EU/EEA will ensure an adequate level of protection, e.g., by entering into an agreement with us on the use of the European Commission’s standard contractual clauses. We ensure the implementation of additional safeguards if deemed necessary in the individual case.
You can request to receive a copy of the legal basis for the transfer by contacting us at [email protected].
5. YOUR RIGHTS
We have implemented a number of measures to protect your personal data and ensure your rights. Because your personal data is being processed, you can make use of the rights described below. However, some of the rights only apply under certain circumstances. The Danish Data Protection Agency has prepared a guide regarding the rights of data subjects. Further information about your rights can be found here.
- You have the right to request access to, including a copy of, the personal data we process about you and in this context also the right to receive a number of additional pieces of information.
- You have the right to request that inaccurate personal data about you be corrected and also the right to request that incomplete personal data be completed.
- If you have requested targeted marketing content, the right to rectification naturally also applies to you, but you should be aware that it is not as such possible for us to change the behavioral data that has already been collected and used to target our content on the website and in our newsletters. However, we can at any time mark the behavioral data that you – for whatever reason – might think is not accurate, after which you will no longer be included in the segment in question, and the future targeting of content will not be based on this.
- You have the right to request that personal data about you be deleted under certain circumstances, for example, if the processing is based on your explicit consent and you withdraw the consent. The right to erasure applies equally to personal data collected and processed for the purpose of targeting content.
- You have the right to request restriction of the processing of your personal data, for example, in connection with contesting the accuracy of the personal data.
- When our processing is performed automatically and is based on your consent or the fulfillment of an agreement with you, you have the right to request to receive the personal data that you have provided to us yourself, in a structured, commonly used, and machine-readable format and the right to request to have these personal data transmitted to another data controller, if this is technically possible (data portability).
- You have the right to object to the processing that your personal data undergoes with us, particularly in relation to direct marketing.
- You have the right to request not to be subject to a decision based solely on automated processing, including profiling, which has legal effect or similarly significantly affects you.
- If you have given consent to the processing of your personal data, for example for targeted marketing, you have the right to withdraw your consent at any time. To unsubscribe from our newsletters, you can use the link included in each newsletter. You can always contact us at [email protected] to withdraw consent. If you withdraw your consent, however, this will not affect the processing of your personal data that took place prior to the withdrawal.
If you wish to exercise any of the above rights, or if you wish to withdraw a previously given consent, you are welcome to contact us at [email protected].
6. INQUIRIES AND COMPLAINTS
If you have questions regarding this Privacy Policy, wish to exercise one of the above rights, or disagree with the way we process your personal data, you can contact us at [email protected].
If you disagree with the way we process your personal data, you have the right to lodge a complaint with the Danish Data Protection Agency. You can find the Danish Data Protection Agency’s contact information here. However, we sincerely hope that you will first contact us using the above contact information so that we can try to reach an agreement.
7. CHANGES TO THE PRIVACY POLICY
This privacy policy will be updated and amended regularly, as well as when necessary due to changes in laws and practices in the area of data protection. We therefore recommend that you stay informed regularly.
Date of last change to this Privacy Policy: February 20, 2025