Privacy Data Policy

General Data Protection Regulation

Woman Working Desk

Customers and Users of Pronestor Meeting Management Suite Related to the processes; Sales and Delivery of Pronestor Meeting Management Suite

Pronestor ApS Noergaardsvej 7 2800 Lyngby Denmark

CVR: 26694213

Version 1.0 - Last-Revised and Updated on 27th of February 2019

Privacy policy and process concerning Sales and Delivery of Pronestor Meeting Management Suite

As part of our business Pronestor collects personal data to be used in our processes Sales and Delivery of Pronestor Meeting Management Suite, specifically related to the following persons;

Process Sales

Customers
Process Delivery of Pronestor Meeting Management Suite

Users of Pronestor Meeting Management Suite
This policy describes how Pronestor collects personal data, the purpose for which these personal data are used and how Pronestor treats such data.

This policy contains statutory information regarding Pronestor’s processing of personal data processing. If you as a customer or user of Pronestor Meeting Management Suite have questions about the processing of your data, or you want to enforce your rights under privacy legislation please contact Pronestor using the contact details in this policy.

Collection of data

Pronestor receives, has access to or collects personal data related to customers and users of Pronestor Meeting Management Suite. These personal data are different based on how your solution is hosted. For our cloud-based customers, Pronestor has access to our server, where your solution is hosted, and we process this data to keep the solution running and the ongoing maintenance and improvement of the solution. For our On-premise customers, we do not have access to your servers, where your data is hosted unless you give us explicit access.

For Cloud-based customers

Names
Initials
Job title
Telephone
E-mail addresses
Location data
Online identificators
Usage of solution (Number of meetings etc.)
Profile picture (If you have uploaded one)

For On-Premise customers

Names
Email addresses
Phone numbers
Location data
Online identificators
IP Addresses
Pronestor collects data directly from the registered person/you via the following methods; Website, Pronestor Meeting Management Suite, Phone and Email.

Pronestor also receives or collects data indirectly from business associates and other external sources. Information received from others regarding the registered person/you are;

For Customers

Names
Job title
Email addresses
Phone numbers
For Users of Pronestor Meeting Management Suite

Names
Email
Phone numbers
Pronestor receives data from the following sources;

For Customers

Sales partners (Only sales partners that handle the direct sale to the customer)

For Users of Pronestor Meeting Management Suite

Customers
Purpose of processing personal data

Pronestor treats personal data for the following purpose

For Customers

Sales of Pronestor Meeting Management Suite
Delivery of services or products as per agreed contracts
For Users of Pronestor Meeting Management Suite

Delivery and improvement of Pronestor Meeting Management Suite
The legal purpose of processing personal data for both Customers and Users is art. 6.1 litra a, b, c & f under the "Lawfulness of processing" of the EU GDPR.

If the purpose of the company's processing of personal data change, this will be communicated to the registered person/you before such changes take effect. Such communication will in most cases consist of an update of this policy.

Deleting personal data

Pronestor keeps personal data relating to Customers and Users of Pronestor Meeting Management Suite. Personal data is deleted at the time when the purpose related to the processing of personal data is completed. This means that the data will be kept in the following periods.

For Customers

Up to 5 years
For Users of Pronestor Meeting Management Suite

Up to 6 months after the expiry of the contract for the delivery of product/software
Use of data processors

Pronestor uses suppliers and subcontractors in the processing of personal data. Such "data processors" purely manage data according to the instructions of Pronestor. Pronestor uses the following data processors in relation to fulfilling the above-mentioned purposes of the processing of personal data. All data processors have undertaken a Data Processing Agreement with Pronestor to make secure the processing of your information.

Amazon Web Services - Ireland
Amazon Web Services - Frankfurt, Germany
Microsoft Azure - Ireland
Web2Media ApS – Online marketing advisor
Google Analytics -
Eazysoft A/S - Denmark
Umbraco - Denmark
Compaya - Denmark
E-conomic - Denmark
Upodi - Denmark
Teamviewer - Germany
Microsoft 365 - Ireland
Insights - Ireland
IT-R - Denmark
Penneo - Denmark
Bloom - Denmark
IT Headhunting - Denmark
Careersearch - Denmark
Telehuset - Denmark
Valcore – Denmark
Manao – Denmark

3rd country data processors

Pronestor is using data processors in countries outside the EU. These data processors are:

Mailgun Technologies Inc. - 535 Mission St. San Francisco, CA 94105 United States of America
Github – United States of America
Campaign Monitor – Australia
GoToMeeting/GoToWebinar – United States of America
Google Inc.
Facebook
Zendesk – Located in Denmark, data hosted in the US
Pronestor has taken steps to ensure adequate protection of your personal data for each data processor outside of the EU. Several of these processers are certified according to the privacy shield agreement between EU and USA under the EU-U.S. Privacy Shield under the EU GDPR art. 45. More information can be found on privacyshield.gov

Mailgun is certified according to the privacy shield agreement between EU and USA. More information can be found on privacyshield.gov
Google LLC's certification: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
Facebook Inc.'s certification: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC
Transfer of personal data

Pronestor transfers personal data to third parties besides data processors in certain cases.

For Customers, we transfer data to:

None
For User of Meeting Management Suite

None
In addition to the above, personal data is only disclosed in cases where Pronestor is required to do so by law, including compliance with the data privacy regulation/directives and country-specific personal data laws.

Rights of the data subject

Under the Privacy Data Protection Act and EU privacy directive, the data subjects ("You") have certain rights regarding the personal data collected by Pronestor in relation to your person. These rights are:

Right to access- You have, under certain conditions, the right to access the data as Pronestor keeps about your person
Right to rectification of data- You have the right to correct errors or omissions in the data Pronestor treats related to your person
Right to deletion- You have, under certain conditions, the right to request deletion of data related to your person. Note that this right does not apply to most legal treatments of personal data. If you have consented to the processing of your personal data, you may withdraw your consent to this processing, by which related data are deleted.
Subject to limited treatment- In some cases you have the right to suspend the processing of your personal data. This will apply if the accuracy of the data is questioned, if you want a copy of unlawfully processed data and thus do not want these deleted, if you need to prolong the storage of data longer than the Pronestor’s purpose allows, or if you dispute the right to process your data and such a dispute is not decided.
Right to data portability - You have, in some cases, the right to receive the personal data that Pronestor has collected about your person in a structured, widely used and machine-readable format, for the use of transferring your personal data to another data controller
Right to object- You may, in some cases, object to the processing of your personal data. If you object to the processing of your data, these will no longer be processed unless there are significant legitimate reasons for this or the processing is required for the determination or defence of a legal claim. If your data is processed for direct marketing purposes, you may object to this at any time, resulting in a termination of such processing.
Use of your rights

EU privacy data regulation and/or local law govern your rights related to data privacy. These rights are not absolute rights, but rights that you can exercise depending on how personal data is processed by Pronestor.

Should you wish to exercise any of the above rights, please forward your inquiry via Pronestor's contact person or DPO, using the contact information in this policy.

Pronestor will assess individual inquiries as soon as possible.

If you wish to appeal against the processing of your personal data to an external authority, such complaints must be forwarded to the supervisory authority of your EU home country. For Denmark, the government institute, Datatilsynet, will handle appeals and complaints. Their contact information is Datatilsynet, Borgergade 28, 5, 1300 København K. You may contact them by e-mail at dt@datatilsynet.dk or telephone +45 33 19 32 00.

Automatic decisions and profiling

Pronestor does not use the data subject's personal data for profiling or as a basis for automatic decisions. If you do not want to be subject to automatic decisions and or profiling, you can contact the Pronestor 's contact person within the meaning of this policy with the desire for human intervention in the manner contesting the automated decisions and/or profiling.

Security

The security of your personal data is important to us. We follow generally accepted standards to protect the personal data submitted to us, in accordance with the risk related to the data and processing hereof. If you have any questions about the security of your personal data, you can contact us via the contact information in this policy.

Pronestor has implemented appropriate technical and organizational safeguards against personal data being accidentally or illegally destroyed, forfeited, altered, accessed or impaired and against unauthorized access or misuse.

Only employees who have an actual need to access your personal data to fulfil their requirements have access to the data.

Contact data

Pronestor contact person for personal data:

Kasper Ullits Houlbjerg R&D director and co-founder Pronestor ApS Noergaardsvej 7 2800 Lyngby email: helpdesk@pronestor.com

The company has no data protection officer, please contact the company's contact person for inquiries related to data privacy.