1 ABOUT WORKPOINT
WorkPoint is a Microsoft Gold Partner and our solutions are IP co-sell ready. We deliver an efficient and easy-to-use business framework through Office 365.
We strive to ensure that all personal data processed is accurate and updated. In order for us to ensure that the data processed is always correct and updated we kindly ask you to inform us of any changes to your information (e.g., change of your e-mail address or telephone number).
Esbjerg Brygge 28
2 WHICH PERSONAL DATA DO WE PROCESS ABOUT YOU?
The information we collect will be used for various purposes in connection with the business relationship and the operation of our business. Generally, we process data for customer management and administration and for the purpose of fulfilling our rights and obligations. We only collect and process general information in connection with the business relationship with us.
We will typically collect the following types of information (the list is not exhaustive):
We process information that you or your company provide in connection with a business relationship with us, including contact information (first name, middle name (s), surname, address, telephone number, username, and e-mail address) and any information provided by you or your company when you contact us about your business relationship.
Included is also information that is exchanged with us e.g., e-mail correspondence, telephone notes, etc.
Our main design principle is to avoid storing and accessing customer data if possible. However, to provide great business value and usability this is not always possible. In these scenarios, it is extremely important to handle data in a secure manner. As our add-in is given consent on site collection level, all data in a WorkPoint solution will be theoretically accessible by our backend. In the following subsections 4 different elements of our backend is described.
4 TO WHICH PURPOSES WE PROCESS YOUR PERSONAL DATA
WorkPoint processes your personal information for the purposes set out below.
We will only process your personal data to the extent necessary in connection with the business relationship, or as required by applicable law.
When you contact us whether by telephone or by email, we collect the data you give us so we can reply to you and provide you with the information you need. We may record your message and our reply in order to improve the efficiency of our business and customer support. If your message requires us to contact some other person, we may give that person some of the information contained in your message.
Customer Administration – Creating and managing the business relationship with us as part of the running of our business, including maintaining our CRM register, ERP system, billing, debt collection, marketing, statistics, etc. We can also process customer contact information in connection with customer management.
Marketing – If you consent to receiving marketing material from us. We will use your data for the purpose of sending out marketing material to you via e-mail, SMS, or other electronic media, we will obtain your consent thereto when this is required by the rules of the Danish Marketing Act.
Operation and maintenance of our websites – Providing our online services on our home pages, including supporting the ongoing evaluation and improvement of our websites.
Compliance with applicable laws and regulations – Compliance with laws and regulations, which we are subject to in connection with the operation of the business or to fulfill various reporting or disclosure obligations that are incumbent upon us under applicable laws and regulations.
The information we process about you, we collect from you or your company. We do not use your personal information to make decisions based solely on automatic processing, including profiling.
5 LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Our basis for processing is our legitimate interests (article 6(1), point (f) of the General Data Protection Regulation) and/or your consent (article 6(1), point (a) of the General Data Protection Regulation and section 10 of the Danish Marketing Practices Act)
Our basis for the processing may also be our fulfilment of a legal obligation imposed on us (article 6(1), point (c) of the General Data Protection Regulation).
In addition, there may be situations where we process your personal data for the legitimate interests of third parties (article 6(1), point (f) of the General Data Protection Regulation).
6 SHARING OF PERSONAL DATA
We may disclose your personal information to other suppliers and/or service providers in connection with the normal operation of our company, for example to data processors in connection with the external administration of our IT systems or similar, to our external advisors in connection with revision, legal assistance, etc.
We try to limit the disclosure of personal data in personally identifiable form and thus the disclosure of information that can be attributed to you personally.
We do not disclose your personal information unless necessary to conduct our business or meet your needs.
WorkPoint strives to not transfer any personal data to non-EU/EEA countries. However, some of our sub-processors providing necessary services for marketing are located outside of the EU/EEA. We have ensured that they have incorporated the Standard Contractual Clauses to their data processing agreements in order to comply with GDPR.
7 STORAGE OF PERSONAL DATA AND SECURITY
In general, your personal data is stored only as long as necessary to meet the purposes for which it has been collected.
We store and process your personal data throughout the period in which you are a customer with us.
WorkPoint uses the personal data collected for the following purposes:
- Customer support
- Administrative purposes, including login to self-service portals, invoicing, and service messages
- Targeted communications, e.g., through newsletters, invitations to technical seminars, digital advertising on social media (primarily, but not limited to Facebook and LinkedIn)
- Market surveys
- Personal contact
- Marketing, in general
Deletion & Retention
We store personal data for as long as it is relevant in order for us to deal with your request or where filing is required by law. After this, your personal data will be deleted.
We keep your information confidential and secure. We have implemented the necessary technical and organizational security measures to ensure that your information is not accidentally or illegally destroyed, lost or altered, and against the unauthorized disclosure of or access to your personal data.
8 OTHER WEBSITES, PLATFORMS AND APPLICATIONS
9 YOUR RIGHTS
As a data subject, you have a number of rights under the General Data Protection Regulation. Please contact us if you want to exercise your rights.
You may withdraw any consent unconditionally and at any time. This can be done by sending an e-mail to us (see the e-mail address above). Your withdrawal can mean that we cannot honour specific requests from you in the future. Withdrawal of your consent will not affect the lawfulness of processing on the basis of your consent before it is withdrawn. Furthermore, it will not affect any processing performed on another legal basis.
In addition, you may – unreservedly and at any time – raise objections to our processing when it is based on our legitimate interest.
Your rights also include the following:
Right to access: You have the right to gain access to the personal data we process about you.
Right to rectification: You have the right to have incorrect personal data about yourself corrected and incomplete personal data completed.
Right to erasure (right to be forgotten): Under certain circumstances, you have the right to have your personal data erased prior to the time when we normally delete it.
Right to restriction of processing: Under certain circumstances, you have the right to have the processing of your personal data restricted. If you are entitled to restricted processing, we will from that time on only process the data – with the exception of storage – with your consent or for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of important public interest.
Right to objection: You have the right to object to our processing of your personal data under certain circumstances – and always if the processing is for direct marketing purposes.
Right to data portability: Under certain circumstances, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit this personal data from one data controller to another.
Right to lodge a complaint: You can lodge a complaint with the Danish Data Protection Agency at any time regarding our processing of personal data. For more information, see datatilsynet.dk where you can also find further information about your rights as a data subject.
Last revised, July 7th, 2023