Effective as of 3th of November 2019
We understand how important it is to explain the privacy implications to you and that standard legal wording of these documents may be incomprehensible. If any part of the document is not clear to you please contact us at email@example.com.
1.1 Good Vibes ApS, Fredericiagade 13F, 9000 Aalborg, Denmark, has a position of a ‘Controller’ as defined in European Union General Data Protection Regulation (GDPR) and we shall be responsible for, and be able to demonstrate compliance with, the principles relating to processing of personal data. We can be contacted by sending an e-mail to firstname.lastname@example.org.
Types of information
2.1 The Information on Users is divided into personally identifiable (PII) and non-personally identifiable information (Non-PII) depending on whether information, alone or with other information, can identify the User as a specific person. Information about legal entities does not fall within the scope of personal information.
Collection and use of PII
3.1 We may obtain some personally identifiable information about Users in order to provide Services. The information we collect is necessary to provide the Services, and we shall not collect any information which is not required by the nature of the Services. We may collect some of the following personally identifiable information:
- E-mail address
- General biometrics
- Log files and usage data
- Payment information
- Other information which you choose to provide
3.2 When entering into contract for using our Services you have to provide your name. Nutiro will only use this information to create an account for you and to address you whenever we contact you.
3.3 Nutiro will collect your name when you contact us through email or through other communication media provided that such information is contained within a communication. We will use this information only for addressing you in our responses.
(B) Email address
– When you contact us. We will collect your email address whenever you contact us through our email email@example.com. Whenever we collect your email address this way, we will only use it in order to respond to your enquiry.
– When you subscribe to the newsletter. We will collect your email address when you subscribe to receive more information about Nutiro.
(C) General biometrics
3.5 In order to provide our Services we need to process Information about your gender, age, height, weight, goal weight loss, amount of exercise you are getting, how fast do you want to lose the weight, and which food you do not like. All this information is necessary to calculate the right meal plan for you and is not used for any other purpose.
(D) Payment information
(E) Log files and usage data
3.7 We integrate security systems on our Site to prevent malicious attempts and exploits of the Site. We scan IP addresses and ban IP addresses that show malicious signs such as seeking exploits and similar. We process this information in the interest of protecting the integrity of the Site and of the databases connected with it. We collect your IP address on the basis of a legitimate interest to maintain the integrity and safety of our databases.
3.8 The Platform collects a series of general data and information when a person accesses the Platform. Information that is collected may include (1) the software and browser types and versions used, (2) the operating system used by the accessing system, (3) the date and time of access to the Services, (4) the internet service provider of the accessing system, and (5) any other similar data and information that may be used in the event of attacks on our information technology systems.
3.9 We collect this information for breach investigation purposes and for providing customer support. When using this information, we may connect specific log files with specific Users. This information is needed to (1) troubleshoot problems and correct system bugs, (2) deliver the content of our Site and Services correctly, (3) optimise the content of our Site as well as its advertisement, (4) ensure the long-term viability of our information technology systems and website technology, and (5) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. We collect this information based on our legitimate interest or for performance of our contractual obligation where applicable.
(F) Other Information
3.10 You may at some point choose to provide other information which is not required for the proper functioning of the Services. In all such cases we will use this information only for the purpose for which you disclosed it. If we are not sure as to why you are providing such information we will contact you wherever possible. Otherwise we will delete such information.
3.11 Some Services will not be available to you if you do not provide the requested Information. We may keep records of any questions, complaints or compliments made by you and the response, if any. Whenever you contact us, we shall collect any information which you chose to provide. We shall store and use this information only for the purpose of responding to your enquiries. Information contained within the enquiry, free from any personally identifiable information, will be stored on our servers for the purpose of improving our Services and providing the best customer support possible.
3.13 We may disclose your personal information to our partners, agents and operators under confidentiality or similar agreements, including data processors who we believe reasonably need to come into contact with that information: (i) to provide Services per your request; (ii) to administer our business or the website; (iii) to provide customer support; (iv) to update account information; (v) to forward updates, announcements, and newsletters; (vi) to respond to your communications, and communicate with you about the website and other activities related to the Services; (vii) in the event of any reorganization, merger, sale, joint venture, assignment, transfer or disposition of all or any portion of Nutiro’s business or operations (including without limitation in connection with bankruptcy or any similar proceedings); or (viii) as otherwise authorized by you.
3.14 We have implemented security procedures and measures in order to ensure appropriate protection of the information we process, against any misuse, unauthorised access, disclosure or modification.
3.15 We acknowledge that the safety of your information is one of the highest priorities and therefore only authorised processors have access to your information. Although we take all appropriate measures in respect to keeping your information secure, you understand that no data security measures in the world can offer 100% protection. If we ever find or suspect a personal data breach we will without delay, within seventy-two (72) hours after becoming aware of it, notify the appropriate supervisory authority about the breach and Users where necessary.
3.16 The processing of the information is being performed automatically, without human intervention. However, whenever you contact us through email, the information within the email will be handled and processed by a real person in order to provide you with the answer to the email.
Storage and transfer of Information
4.1 Information will be stored on secure servers which are located in EU. Hosted servers are controlled and maintained in accordance with sufficient privacy safeguards. We may store or transfer information on Users to processors located in countries deemed adequate by the European Commission, or in countries which the European Commission has not deemed inadequate, provided that such countries implement appropriate and suitable safeguards regarding the security of personal information.
4.3 Some services require the use of third-party solutions or the website or e-mails may contain links to other external websites that do not fall under our domain. When you are redirected from our website to the third-party website you are no longer interacting with our website and we are not responsible for the privacy practices or the content of such external websites. Any information that you provide through third-party websites will be handled and processed in accordance with their Privacy Policies and other applicable terms.
Third Party Services, and Cookies
5.1 We use third-party service providers for some aspects of our services, such as managing emails, communication environment, signing the documents, providing customer support and similar. These service providers sometimes need your personal information in order to properly deliver functionality, but they may only collect and use it under our control. We entered into Data Processing Agreements with all our data processors and you may request a full list of data processors by contacting us at firstname.lastname@example.org.
Information retention period
6.1 Information is stored on the servers only for the duration necessary for providing the Services and maintaining the integrity of our databases. We will maintain records of processing activities for the purpose of demonstrating compliance with EU GDPR. If you register to use our Services we will store your information for as long as you have an active account. As soon as you terminate your account we will remove all information we have collected about you unless we have appropriate legal grounds for continuing their processing.
7.1 You may request to:
- Obtain confirmation if your Information is processed, access Information about you that we had stored as well as supplementary information.
- Receive a copy of Information on you that is held by Nutiro in a structured, commonly used and machine-readable format.
- Correct your Information.
- Have your Personal Information deleted.
- Object to the processing of Information by Nutiro.
- Restrict the processing of your Information by Nutiro.
- File a complaint with a supervisory authority.
7.2 These rights might be limited if they are subject to Nutiro’s own legitimate interests and regulatory requirements.
7.3 To exercise your rights please contact us at email@example.com.