In this privacy notice, GoSimplo ApS (”GoSimplo”, ”we”, ”us”) provides the information required pursuant to Regulation (EU) 2016/679 (“GDPR”) about our processing of personal information about customers, vendors, business partners and other external persons, except for candidates for positions with GoSimplo.
1. Data controller
Data controller for the processing is:
GoSimplo ApS
CVR number 41221208
Frederiksborggade 15, 3.
1360 København K
Telephone: +45 20322810
Email: support@gosimplo.com
2. Our use of personal information about you
We may process personal information about you with the following purposes:
1) Entering into or fulfilling an agreement
2) General operations and administration
3) Operation of our website
Each of the processing activities is described in further details in the sections below.
2.1 Entering into or fulfilling an agreement
When you or the organisation you represent enters into a contract with GoSimplo, including a contract on use of the services we offer, we may process the following categories of information about you:
Name and position
Your work address, email and telephone number
Correspondance and trading history
Invoices and payment information
The purpose of this processing is to establish and manage your relationship with us as a customer, vendor, or business partner.
The legal basis for the processing is:
GDPR article 6(1)(b) as the processing is necessary to enter into or to fulfill a contract with you or the organisation you represent,
GDPR article 6(1)(b) as the processing is necessary for us to comply with legal obligations, we are subject to, primarily the Danish Act on bookkeeping and accounting,
GDPR article 6(1)(f) as the processing is necessary for us to pursue our legitimate interest in managing our relationship with you.
We store information about transactions for five years from the end of the year, the transaction is related to, in accordance with the requirements of the Danish Act on bookkeeping and accounting. Master data (name and contact information) is retained for five years from the end of the year of the latest transaction with you.
We may, however, retain information for an extended period if this is necessary for us to comply with a legal obligation, or to establish, exercise, or defend a legal claim.
2.2 General operations and administration
If we interact with you for other purposes than a contract as described in section 2.1 above, or in connection with your use of our website, as described below in section 2.3, we may process personal information about you for the purpose of supporting the relationship and communication with you, as well as ensuring efficient operations of our business. For these purposes, we may process the following categories of personal information:
Name and contact information (unless you contact us as private individual, the contact information will be your work contact information)
Correspondance and trading history, as well as other information relevant to our relationship
The legal basis for our processing is – depending on the nature of our relationship with you – either:
GDPR article 6(1)(b), as the processing is necessary to enter into or to fulfill a contract with you or the organisation you represent, or
GDPR article 6(1)(f), as the processing is necessary for us to pursue our legitimate interest in ensuring efficient operations and administration of our business.
Where our processing of information about you involves financial transactions, we will – as a general rule – retain information about the individual transactions for five years from the end of the year, the individual transaction relates to, in accordance with the Danish Act on bookkeeping and accounting. Master data (name and contact information) is retained for five years from the end of the year of the latest transaction with you.
If you communicate with us for other reasons, we will – as a general rule – retain the information for two years from the end of the year of our most recent communication.
We may, however, retain information for an extended period if this is necessary for us to comply with a legal obligation, or to establish, exercise or defend a legal claim.
2.3 Operation of our website
In connection with operation and optimization of our website, we may collect the following categories of personal information:
Information about your device and browser, including in some situations your IP address, browser type, and other information about your hardware and software,
Information on your navigation on and between our websites, as well as the ressourcers you access,
The identification number of your mobile device,
Your preferences (e.g language and cookie settings),
Other information collected through cookies and similar tracking technologies.
The legal basis for this processing is GDPR article 6(1)(f) as the processing is necessary for us to pursue our legitimate interest in understanding how our website is used for the purpose of continuously providing a well-functioning and relevant website, as well as understanding the needs of our customers, so that we can make sure that our marketing efforts are targeted and relevant for the recipients.
The retention period depends on the specific purpose of the individual cookie and the information that is stored.
Information may be exported and stored for longer than indicated for the individual cookies, if this is necessary for us to comply with a legal obligation, or to establish, exercise or defend a legal claim.
3. Data processors and disclosure
We may share your informtion with suppliers (data processors) supporting our business, for example suppliers involved in operating our IT systems.
4. Your rights as a data subject
As a data subject, you have the following rights:
You have the right to request access to or rectification or erasure of the personal data, we process about you.
You also have the right to object to the processing and to have the processing restricted.
Particularly, you have an unconditional right to object to your personal data being used for direct marketing purposes.
Where the processing of your personal information is based on your consent, you have the right to withdraw such consent at any time. Withdrawal of your consent will not affect the lawfulness of the processing up until the point in time, where you withdraw the consent.
You have the right to receive a copy of the personal data, you have provided to us, in a structured, commonly used, machine readable format (data portability).
You always have the right to lodge a complaint with a data protection authority, for example the Danish Data Protection Agency.
Please be aware that conditions or restrictions may apply to these rights. Therefore, we might not be obliged meet any request from you to exercise your rights.
You may exercise your rights by contacting us, using the contact information provided in section 1.
5. Updates
GoSimplo may reassess and update this privacy policy at any time.