Privacy Policy - WorkPoint 365
This privacy policy is established by WorkPoint (hereafter “WorkPoint”, ”we”, ”us” or ”our”) and apply to how WorkPoint processes personal data in relation to our business relationships.
1 ABOUT WORKPOINT
WorkPoint is a Microsoft Gold Partner and our solutions are IP co-sell ready. We deliver an efficient and easy-to-use business framework through Microsoft 365.
In connection with our operation, we process personal data. We do so in order for us to deliver our services to you in the best possible way. We collect and process personal data for the purposes described in this privacy policy. WorkPoint is data controller in relation to the processing of personal data for these purposes.
We strive to ensure that all personal data processed is accurate and updated. In order for us to ensure that the data processed is always correct and updated we kindly ask you to inform us of any changes to your information (e.g., change of your e-mail address or telephone number).
If you have any questions about this privacy policy, our processing of your personal data or if you need to update your data, please contact us here:
WORKPOINT A/S
Esbjerg Brygge 28
6700 Esbjerg
Our privacy policy complies with Danish law accordingly implemented, containing that required by the EU General Data Protection Regulation (GDPR).
We are obliged to inform you about your rights and our duties to you concerning the processing and controlling of your personal data.
2 WHICH PERSONAL DATA DO WE PROCESS ABOUT YOU?
The information we collect will be used for various purposes in connection with the business relationship and the operation of our business. Generally, we process data for customer management and administration and for the purpose of fulfilling our rights and obligations. We only collect and process general information in connection with the business relationship with us.
We will typically collect the following types of information (the list is not exhaustive):
We process information that you or your company provide in connection with a business relationship with us, including contact information (first name, middle name (s), surname, address, telephone number, username, and e-mail address) and any information provided by you or your company when you contact us about your business relationship.
Included is also information that is exchanged with us e.g., e-mail correspondence, telephone notes, etc.
Our main design principle is to avoid storing and accessing customer data if possible. However, to provide great business value and usability this is not always possible. In these scenarios, it is extremely important to handle data in a secure manner. As our add-in is given consent on site collection level, all data in a WorkPoint solution will be theoretically accessible by our backend. In the following subsections 4 different elements of our backend is described.
3 USE OF COOKIES
WorkPoint does reserve the right to use cookies in WorkPoint 365, Apps, and on our website. Cookies, by themselves, are not able to extract any personal information from you. The cookie automatically identifies your computer – but not you. When you use WorkPoint 365, WorkPoint Apps, or visit our Website. Cookies allow us to personalize and provide you with information that fits your needs and desires.
4 TO WHICH PURPOSES WE PROCESS YOUR PERSONAL DATA
WorkPoint processes your personal information for the purposes set out below.
We will only process your personal data to the extent necessary in connection with the business relationship, or as required by applicable law.
When you contact us whether by website, live chat, telephone or by email, we collect the data you give us so we can reply to you and provide you with the information you need. We may record your message and our reply in order to improve the efficiency of our business and customer support. If your message requires us to contact some other person, we may give that person some of the information contained in your message.
Customer Administration – Creating and managing the business relationship with us as part of the running of our business, including maintaining our CRM register, ERP system, billing, debt collection, marketing, statistics, etc. We can also process customer contact information in connection with customer management.
Marketing – If you consent to receiving marketing material from us. We will use your data for the purpose of sending out marketing material to you via e-mail, SMS, or other electronic media, we will obtain your consent thereto when this is required by the rules of the Danish Marketing Act.
Operation and maintenance of our websites – Providing our online services on our home pages, including supporting the ongoing evaluation and improvement of our websites.
Compliance with applicable laws and regulations – Compliance with laws and regulations, which we are subject to in connection with the operation of the business or to fulfil various reporting or disclosure obligations that are incumbent upon us under applicable laws and regulations.
The information we process about you, we collect from you or your company. We do not use your personal information to make decisions based solely on automatic processing, including profiling.
5 LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Our basis for processing is our legitimate interests (article 6(1), point (f) of the General Data Protection Regulation) and/or your consent (article 6(1), point (a) of the General Data Protection Regulation and section 10 of the Danish Marketing Practices Act)
Our basis for the processing may also be our fulfilment of a legal obligation imposed on us (article 6(1), point (c) of the General Data Protection Regulation).
In addition, there may be situations where we process your personal data for the legitimate interests of third parties (article 6(1), point (f) of the General Data Protection Regulation).
6 SHARING OF PERSONAL DATA
We may disclose your personal information to other suppliers and/or service providers in connection with the normal operation of our company, for example to data processors in connection with the external administration of our IT systems or similar, to our external advisors in connection with revision, legal assistance, etc.
We try to limit the disclosure of personal data in personally identifiable form and thus the disclosure of information that can be attributed to you personally.
We do not disclose your personal information unless necessary to conduct our business or meet your needs.
WorkPoint strives to not transfer any personal data to non-EU/EEA countries. However, some of our sub-processors providing necessary services for marketing are located outside of the EU/EEA. We have ensured that they have incorporated the Standard Contractual Clauses or Binding Corporate Rules to their data processing agreements in order to comply with GDPR.
7 STORAGE OF PERSONAL DATA AND SECURITY
In general, your personal data is stored only as long as necessary to meet the purposes for which it has been collected.
We store and process your personal data throughout the period in which you are a customer with us.
Storage
WorkPoint uses the personal data collected for the following purposes:
- Customer support
- Administrative purposes, including login to self-service portals, invoicing, and service messages
- Targeted communications, e.g., through newsletters, invitations to technical seminars, digital advertising on social media (primarily, but not limited to Facebook and LinkedIn)
- Market surveys
- Personal contact
- Marketing, in general
Deletion & Retention
We store personal data for as long as it is relevant in order for us to deal with your request or where filing is required by law. After this, your personal data will be deleted.
Security
We keep your information confidential and secure. We have implemented the necessary technical and organizational security measures to ensure that your information is not accidentally or illegally destroyed, lost or altered, and against the unauthorized disclosure of or access to your personal data.
8 OTHER WEBSITES, PLATFORMS AND APPLICATIONS
WorkPoint App service may be provided through and/or operated by third party platforms or contain links to sites operated by third parties whose policies regarding the handling of information may differ from ours. For example, access WorkPoint App service through platforms such as Teams Apps. These websites and platforms have separate and independent privacy or data policies, privacy statements, notices, and terms of use, which we recommend you read carefully. In addition, you may encounter third party applications that interact with WorkPoint App service.
9 YOUR RIGHTS
As a data subject, you have a number of rights under the General Data Protection Regulation. Please contact us if you want to exercise your rights.
You may withdraw any consent unconditionally and at any time. This can be done by sending an e-mail to us (see the e-mail address above). Your withdrawal can mean that we cannot honour specific requests from you in the future. Withdrawal of your consent will not affect the lawfulness of processing on the basis of your consent before it is withdrawn. Furthermore, it will not affect any processing performed on another legal basis.
In addition, you may – unreservedly and at any time – raise objections to our processing when it is based on our legitimate interest.
Your rights also include the following:
Right to access: You have the right to gain access to the personal data we process about you.
Right to rectification: You have the right to have incorrect personal data about yourself corrected and incomplete personal data completed.
Right to erasure (right to be forgotten): Under certain circumstances, you have the right to have your personal data erased prior to the time when we normally delete it.
Right to restriction of processing: Under certain circumstances, you have the right to have the processing of your personal data restricted. If you are entitled to restricted processing, we will from that time on only process the data – with the exception of storage – with your consent or for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of important public interest.
Right to objection: You have the right to object to our processing of your personal data under certain circumstances – and always if the processing is for direct marketing purposes.
Right to data portability: Under certain circumstances, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit this personal data from one data controller to another.
Right to lodge a complaint: You can lodge a complaint with the Danish Data Protection Agency at any time regarding our processing of personal data. For more information, see datatilsynet.dk where you can also find further information about your rights as a data subject.
10 UPDATES
We are continuously evaluating and updating this privacy policy. It is therefore a good idea to keep yourself regularly updated for any changes that may affect the processing of your personal data.
Last revised, October 4th, 2023