Find our Cookie Declaration, and change your cookie settings here: Cookie Decleration

 

Privacy Policy

EXERP ApS

The website you visit is owned and operated by EXERP ApS, CVR no. 10501148, Rued Langgaards Vej 8, 2300 København S (“EXERP”, “we”, “us”, “ours”). When we use your personal data on our website or in our apps, we are the data controller that you can contact about the processing of your personal data.

Below you will find a description of the personal data that we process about you, as well as the purpose and legal basis for the processing.

1 – Types of personal data that we collect and process and legal basis

1.1 Marketing from EXERP

If you sign up for one of our newsletters, you consent to us sending you our newsletters, cf. Article 6 (1) (a) of the General Data Protection Regulation (“GDPR”), where we process:

a. Name
b. Contact information, including e-mail address and phone number
c. Content and your choices in relation to newsletters – contact forms and content etc.

The marketing in newsletters, on our and others’ websites, including social media, is also adapted to your personal preferences based on our knowledge of you through profiling, cf. Article 6 (1) (f) of the GDPR, where we process:

a. Consent to newsletters
b. Stated areas of interest
c. Cookies
d. Information from your social media profiles
e. Information from our customer databases

Our legitimate interest in making personalized marketing for you overrides your interests and fundamental rights. We perform an automatic evaluation of your personal data in order to personalize the marketing presented to you, but we do not use automated decisions that have a legal effect or similarly significantly affect you.

1.2 As a supplier to EXERP (B2B)

If you are a supplier with us, we process personal data about you in order to fulfil our agreement, e.g. delivery of software services, development etc., cf. Article 6 (1) (b) of the GDPR, where we process:

a. Name of employees
b. Contact information, including e-mail address and phone number
c. Job descriptions and qualifications
d. Order details
e. Banking Information
f. Project Information

EXERP is also legally required to document the personal data in financial transactions when fulfilling our agreement, e.g. when paying or receiving payment for delivery of goods and services etc. cf. Article 6 (1) (c) of the GDPR.

1.3 When you apply for employment with us

If you submit a job application to us, we will collect and process the following personal data about you to take steps at your request prior to entering into a possible employment contract, cf. Article 6 (1) (b) of the GDPR, where we process:

a. Name
b. Contact information, including address, e-mail address and phone number
c. Diplomas
d. Information contained in job applications and other documents uploaded to the website as part of the job application process
e. References in general

Should you job application not be granted we will store your personal data, where our legitimate interest in documenting compliance with the application process overrides your interest in the information not being processed, cf. Article 6 (1) (f) of the GDPR.

Where we would need criminal records or possibly to contact a reference, we will collect your prior consent, cf. Article 6 (1) (a) of the GDPR.

1.4 Analysis on our websites and databases

We also make analyses in order to optimize our products, marketing, website, sales and to know more about our customers’ preferences in relation to EXERP’s products. We do this by making analyses of our databases with information about e.g. website use, job applications, customer preferences, investment preferences, sales and by sending questionnaires where our legitimate interest in processing the personal data overrides your interest in the data not being processed, cf. Article 6 (1) (f) of the GDPR, where we process:

a. Information from our customer databases as listed above
b. User behaviour and logs from our websites and databases
c. The answers you provide regarding suggestions and preferences in the questionnaire

1.5 Security on our website, our digital solutions and on our premises

We monitor user behaviour and have implemented security solutions on our website as well as in our digital solutions and on our premises, where our legitimate interest in anti-fraud, anti-bribery, anti-corruption, avoiding cybercrime and other criminal actions overrides your interest in the information not being processed, cf. Article 6 (1) (f) of the GDPR, where we process:

a. Name
b. Contact information
c. Cookies
d. User behaviour and logs
e. Images captured by video surveillance
f. Other safety information

1.6 Cookies when using our website

Cookies are small text files that are stored on the user’s computer or other IT equipment when a website is visited. When you interact with our website, we collect cookies that can be divided into three categories

a. Necessary cookies that help make a website usable by enabling basic features such as page navigation and access to secure areas of the website. This category of cookies cannot be deselected and does not require consent.
b. Statistical cookies that help website owners understand how visitors interact with websites by collecting and reporting information. This category of cookies is optional and requires your consent, cf. Article 6 (1) (a) of the GDPR.
c. Marketing cookies used to track visitors across websites. The intention is to show ads that are relevant and engaging to the individual user, and thus more valuable to publishers and third party advertisers. This category of cookies is optional and requires your consent, cf. Article 6 (1) (a) of the GDPR.

You can see a list of the cookies that we set in your browser when you visit our website and when they expire, here: Cookie Decleration.

If you do not want us to set or read cookies on your equipment, then you have the option to deselect cookies in your web browser, where you can choose which cookies to allow, block or delete or to do so in our cookie-tool.

You can also choose to have your computer alert you every time a cookie is sent, or you can choose to deactivate all cookies. You can do this in the internet settings of your browsers and devices.

All browsers are different, so look in your browser’s help function to find the right way to change your cookie settings.

Finally, we share your information about your use of our website with our social media partners, advertising partners and analytics partners. We and our partners may combine this data with other information you have provided to them or which they have collected from your use of their services, in order to adapt the marketing to your personal circumstances based on our knowledge of you by profiling, cf. Article 6 (1) (f) of the GDPR, where we process:

a. Consent to newsletters
b. Cookies
c. Information from your social media profiles
d. Information from our costumer databases

Our legitimate interest in presenting personalized marketing to you overrides your interests and fundamental rights. We perform an automatic evaluation of your personal data in order to personalize the marketing we present to you, but we do not use automated decisions that have a legal effect or similarly significantly affects you.

You should be particularly aware that some of our partners use your cookie data for their own purposes, and we encourage you to read our partner’s personal data policies.

2 – How we secure your personal data

We choose to use suppliers that implement security in accordance with industry practices for good IT security, and we only use encrypted data communications when transferring sensitive personal data. This includes, where necessary, appropriate and possible written assurances from third parties who have access to your personal data, in which they must guarantee that they will protect the data with security measures designed to provide an adequate level of protection.

However, no information system can be 100% secure. So we can not guarantee the absolute security of your information. In addition, we are not responsible for the security of the information you send to us through networks that we do not control, including the internet and wireless networks.

EXERP will generally not pass on your personal data to third parties.

However, your personal data will be passed on to our group companies within the EXERP Group. If your personal data is passed on to companies outside the EU / EEA, this transfer will take place on the basis of the EU Commission’s Standard Contractual Clauses provisions. You can request a copy of the agreement, which includes the transfer of personal data, by sending an e-mail to dpo@exerp.com.

3 – When do we delete your personal data

EXERP stores your personal data for as long as it is necessary to fulfil the purpose of the processing, unless EXERP is obliged under applicable law or is entitled to store the personal data for a longer period.

For job applications, we delete your personal data 6 months after the final rejection of the specific job application.

For suppliers (B2B), we delete your personal information 5 years after the end of the financial year in which the last transaction was made.

Personal data in connection with marketing is deleted 5 years after the last marketing has been made to you, just as personal data in connection with analysis is deleted 5 years after the last analysis has been made of your personal data.

4 – Automated decisions

EXERP uses automated decision-making in processing your personal data for some services and products. An example is our fraud prevention and detection efforts on our online platforms.

You may request that EXERP provides information about the decision-making methodology and ask us to verify that the automated decision has been made correctly.

We may reject the request, as permitted by applicable law, including when providing the information would result in a disclosure of a trade secret or would interfere with the prevention or detection of fraud or other crime. However, generally in these circumstances we will verify that the algorithm and source data are functioning as anticipated without error or bias.

5 – Your rights

The right to information and access. Your have the right to ask us for information about or access to your personal data. There are some exemptions, which means you may not always receive all the data we process.

The right to object. You have the right to object to EXERP processing (using) your personal data. This effectively means that you can stop or prevent us from using your data. However, it only applies in certain circumstances, and we may not need to stop the processing of your personal data if we can give legitimate reasons to continue using your personal data.
The right to erasure. You have the right to ask us to erase your personal data in certain circumstances.

The right to data portability. You have the right to receive a copy of your personal data in a structured, commonly used and machine-readable format by contacting us through the contact information set out in section 6. If technically possible, you have the right to request that the personal data is transmitted directly to another company or person acting as data controller.

The right to rectification. You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete personal data you think is incomplete.

The right to restriction of processing. You have the right to ask us to restrict the processing of your personal data in certain circumstances.

The right to withdraw your consent. You have the right to withdraw your consent at any time by contacting us by opting out in the e-mail or contacting us by e-mail: dpo@exerp.com.

The right to complaint. If you have a query regarding this notice, the way we process your personal data, wish to exercise your rights or file a complaint, you can contact us by e-mail: dpo@exerp.com.

If you have any complaints about EXERP’s processing of your personal data, you may contact the Danish Data Protection Agency.

6 – Contact information
You may contact us by using the below information:
– E-mail : dpo@exerp.com, or
– Post: EXERP ApS, Rued Langgaards Vej 8, 2300 København S

7 – Version

This privacy policy was last updated on April 27th 2021.