1.1 For the purpose of compliance with the data protection legislation, the data controller is Neurion ApS, c/o Idebutikken, Frederiksgade 78A, 8000 Aarhus C, Denmark.
2.1 Neurion will ensure that personal data is collected and processed only in accordance with one of the following purposes:
a) to deliver the services on the Platform;
b) to answer the End User’s questions or complaints about the Platform;
c) to communicate with the End User about the Platform, including but not limited to notify the End User about changes on the Platform;
d) to facilitate Neurion’s understanding of how to improve the Platform, develop new products and services provided on the Platform and to enable and promote the Platform;
e) to analyze the use of the Platform, including but not limited to interaction with applications, advertising, products and services made available on the Platform, linked to or offered on the Platform;
f) to ensure technical functioning of the Platform;
g) to provide, personalize and improve the End User’s experience with the Platform;
h) to provide the End User with information on current activities on the Platform, general announcements, upcoming products and changes to the Platform;
i) to facilitate the provision of services ordered from Neurion, including for cookies to identify End Users and remember their preferences;
4.1 As the data controller, Neurion will collect, store, and/or use personal data about the End User such as name, email address, and IP address.
5.1 Neurion collects personal data in various ways, including:
a) Personal data that the End User provides to Neurion through the Platform by filling in forms on the Platform, including information the End User provides when it register to use the Platform;
b) Personal data provided to Neurion through corresponding with Neurion by phone, email or otherwise;
c) Collecting personal data through social media sites, e.g. when the End User connects to the Platform from the End User’s Facebook/Google account, loyalty schemes or contest created by Neurion.
5.2 When the End User ends its subscription to use the Platform, Neurion will anonymise or erase the End User’s personal data from the Platform to ensure the privacy of the End User.
5.3 Notwithstanding section 5.2, Neurion will store the personal data for as long as it is relevant for the purposes set out in section 2 above and as required by law. Notwithstanding the aforementioned, Neurion will at maximum store the End User’s personal data for a period of five (5) years after the End User ends it subscription to the Platform.
6.1 Neurion also collects aggregate or non-personal identifiable information to track data such as the total number of visits to the Platform, how the End Users found the Platform, clicks on advertising, products and services offered, linked to or made available on the Platform, the details of the queries and content posted by the End Users. Neurion uses this information to understand how the End User uses the Platform so that Neurion can improve them. Neurion may also share this information with its affiliates, its partners, or other outside companies. No personally identifiable information is collected, stored or disclosed in this process.
7.1 Neurion may transfer personal data to affiliate or subsidiary companies, as well as professional advisors. Furthermore, Neurion may transfer personal data to employees, agents, business partners, vendors and suppliers in order to deliver a service to Neurion or on Neurion’s behalf.
7.2 Neurion will transfer personal data in order to comply with legal requirements, hereunder when necessary to investigate fraud.
7.3 The transfer of personal data is conducted in compliance with legal requirements, hereunder that transfers are guarded by data processor agreements, to ensure that data is not processed for other purposes than clearly stated and to ensure adequate security measures.
7.4 The personal data that Neurion collects from the End User may be transferred to and stored at a destination outside the European Economic Area (“EEA”). If personal data is transferred outside of the EEA, Neurion ensures an adequate level of security by transferring to countries approved by the EU Commission as having an adequate level of protection, or by entering into an appropriately-drafted contract between Neurion and the non-EEA entity receiving the data, e.g. the EU Commission’s Standard Contractual Clauses for the transfer of personal data to third country.
9.1 Neurion will ensure appropriate security measures to protect data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure, abuse, etc. Neurion applies technical security measures such as 2-step authentication. Furthermore, Neurion applies organizational security measures to protect your personal data.
9.2 While Neurion takes reasonable data protection precautions, no security measures are completely secure, and Neurion does not guarantee the security of the End User’s data at any time. The End User can access and amend some of the information Neurion keeps on the Platform, and Neurion encourages the End User to always update his or her personal subscriber information.
10.1 If the End User has any questions regarding Neurion’s processing of its personal data, the End User can contact Neurion using the contact details described below under Section 12.
10.2 Upon the End User’s request, Neurion will provide the End User with a summary of the personal data that relates to the End User and is being processed by Neurion. This summary can include what kind of personal data is being processed, the purpose of the processing, how the personal data was collected and the category of recipients. Neurion will endeavour to provide this summary within four (4) weeks after the request.
10.3 The End User can request to receive personal data regarding the End User in a format which is structured, commonly recognized and readable for a computer, and the End User has the right to pass this personal data to other data controllers. The End User can request that Neurion passes the personal data directly to another data controller, if this is technically possible.
10.4 The End User can request that any false or misleading personal data processed by Neurion is changed, rectified or erased by Neurion.
10.5 The End User can request to have the processing restricted or to object to the processing, and the End User can withdraw the End User’s consent at any time.
10.6 If Neurion does not comply with their legal obligations, the End User can file a complaint with the Danish Data Protection Agency (“Datatilsynet”), who will consider if the complaint is legitimate.
10.7 Notwithstanding the above, the End User has the right to obtain the erasure of its personal data from Neurion in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 of 27 April 2016). If the End User wants to know more about its rights to erasure, the End User can contact Neurion at the address set out in Section 12.