Plecto Privacy policy

1. Introduction

The purpose of the Privacy Policy is to inform you which personal data we process how, why and

for how long time we process the personal data.

If you have any questions regarding our processing of your personal data, or if you wish to

exercise your individual rights as described below, please contact us at: support@plecto.com

2. Plecto is the data controller

Plecto ApS, Hermodsvej 22.2, 8230 Aarhus, Denmark, CVR no 34737460 (”Plecto”, ”we” or ”us”) is

the data controller in connection with the processing of the personal data that we collect about you,

when you, e.g., contact us or visit our website, www.plecto.com. We ensure that your personal

information is processed in accordance with the law.

3. Collection and categories of personal data

We process the following categories of personal data about you and for the purposes described

below:

3.1. Business operations

The personal data that we collect about you will typically include your name, telephone number,

email address and performance data which we may receive as part of our regular business

cooperation within our performance and report platforms.

We do not, as a general rule, process your sensitive personal data.

Plecto collects and processes your personal data for different purposes, including for improving

your experience as a user of our platform, to meet or obligation within our cooperation or facilitating

an existing or future cooperation.

Plecto’s basis for processing of the data for the above purposes is as follows:

● Processing is necessary for compliance with a request or a contractual obligation made by

or agreed with you (see Article 6(1) b) in the General Data Protection Regulation).

● Processing is necessary for performance of Plecto’s legal obligations as data controller

(see Article 6(1) c) in the General Data Protection Regulation), as for example the Danish

Bookkeeping Act and the Danish Tax Control Act.

● Processing is necessary for the purpose of pursuing a legitimate interest, for instance in (i)

maintaining an ongoing dialogue with our customers and business partners, or (ii) ensuring

proper registration for purposes of invoicing, bookkeeping and/or delivery (see Article 6(1) f)

in the General Data Protection Regulation).

3.2. Social media

The social media channels allows us to communicate with you and present our business and

performance platform to you. If you visit our page on the social media channels, as listed below,

the provider in question processes a number of personal data about you that they share with us.

For more information about the personal data collected and shared with us, please refer to the

privacy policies of the respective social media providers.

We only use the information we receive about you in connection with your behaviour on our Social

Media pages for customer contact and marketing purposes in accordance with Article 6 (1) (f) of

the GDPR.

Our legitimate interest in processing personal data for the purposes of the above exceeds your

interest in the information not being processed. When a social media channel shares information

with us, a joint data responsibility is established in accordance with Article 26 of the GDPR. We

have therefore entered into separate agreements with the social media channels.

The actual social media pages managed by Plecto is:

● Linkedln: https://www.linkedin.corn/company/plecto

● Facebook: https://www.facebook.com/plecto

● Twitter: https://twitter.com/getplecto

● Instagram: https://www.instayam.com/getplecto/

3.3. Cookies

We want our website to be user-friendly and to provide information that is relevant to you. We

therefore use technologies that can collect, process and sort information and tell us how our

website is used. We collect that information by means of cookies.

A cookie is a small text file which is stored on your computer. In practice, it means that our website

can remember you when you visit it repeatedly, and it allows us to generate statistics telling us how

you and other visitors use our website.

The technical information tells us how our visitors navigate when searching for information on our

site. We may for instance see if a user starts on the home page and move to the sub-pages, or if

users jump to the middle of the website from a browser.

Our use of cookies is based on your consent. You can find more information in our cookie policy

about our use of cookies and how to delete or reject them. lf you wish to revoke your consent,

please refer to the instructions under our cookie policy. On www.minecookies.org is a guide on how

to delete cookies in different browsers.

Please note that some parts of www.plecto.com will only be accessible if you have consented to

cookies in your browser.

4. Recipients of your personal data

Plecto may disclose or transfer the processed data to its business partners to the extent necessary

for the purpose of the cooperation.

Plecto may also disclose your data to third parties, including public authorities such as the tax or

law enforcement authorities, if we have a legal obligation to do so, or if disclosure is necessary to

allow us or third parties to pursue their legitimate interests, except where such interests are

overridden by your interests or fundamental rights and freedoms.

Plecto uses service providers and business partners to deliver work and services on behalf us

(“data processors”), including e.g. providers of server hosting and system maintenance services.

The data processors may get access to your data to the extent necessary for the provision of such

work and services. Our data processors will be required to treat all data as strictly confidential and

will therefore be allowed to use the data only for the purpose of meeting their contractual

obligations to Plecto.

5. Transfer of personal data to third countries (outside EU/EEA)

In certain cases, your personal data may be transferred to a country outside of EU/EEA, for

instance, to a data processor. In such instances, we will ensure that the transfer will be carried out

in accordance with the applicable data protection laws. This entails that any party outside of

EU/EEA that comes in possession of your personal data must ensure an adequate level of

protection, for example, by entering into the EU standard contractual clauses.

You can obtain a copy of the relevant information on third country transfers by contacting us as

stated above.

6. Storage of your personal data

Your personal data will be stored in Plecto’s systems. Your data will be securely stored with our

data processors. We will store your data as long as is relevant and as required by law, including i.a.

the Danish Anti-Money Laundering Act, the Danish Bookkeeping Act, and the Danish Tax Control

Act.

7. Security

We protect your personal information and have internal information security rules.

We have adopted internal information security rules that contain instructions and measures to

protect your personal information from being destroyed, lost or altered, from unauthorized

disclosure, and from unauthorized access or access to it.

We have established procedures for granting access rights to those of our employees who process

sensitive personal information and data that disclose information about personal interests and

habits. We control their actual access through logging and supervision. To avoid data loss, we

continually backup our data sets. We also protect the confidentiality and authenticity of your data

through encryption.

ln the event of a security breach that results in a high risk of you being discriminated against, ID

theft, financial loss, reputation loss or other significant disadvantage, we will notify you of the

breach as soon as possible.

8. Your rights

You enjoy a number of rights under the General Data Protection Regulation in connection with our

processing of your data.

● Right to see your data (right of access)

You have a right to get access to the data that we process about you and to some further

information.

● Right to rectification (correction)

You have a right to have incorrect data about you rectified.

● Right to erasure

In some cases, you have a right to have your data erased before expiry of our general data

retention period.

● Right to restriction of processing

In certain situations, you have a right to have the processing of your personal data

restricted. If you have a right to restriction of processing, any future processing - with the

exception of storage - may take place only with your consent or for the purpose of

establishing, exercising or defending a legal claim, for the purpose of protecting an

individual, or for reasons of substantial public interests.

● Right to object

In some cases, you have a right to object to our lawful processing of your personal data.

● Right to transmit data (data portability)

In some situations, you have a right to receive your personal data in a structured,

commonly used and machine-readable format and to have such personal data transmitted

from one data controller to another without hindrance.

To learn more about your rights as a data subject, see the Danish Data Protection Agency’s

guidance, which is available on www.datatilsynet.dk.

9. Policy update

The Privacy Policy will be update and amended on a regular basis and when necessary due to

changes in applicable law and practice and, thus, we recommend that you keep yourself updated

in this privacy policy regularly.

10. Complaints

You can always complain about our processing of your data. However, we and the Danish Data

Protection Authorities (Datatilsynet), prefer that you contact us first.

The Danish Data Protection Authorities address is: Datatilsynet, Carl Jacobsens Vej 53, 2500

Valby, Tel: 3319 3200, www.datatilsynet.dk.