Privacy policy

Privacy policy

  1. Purpose

Infare is committed to protecting your privacy and will act in compliance with applicable data protection laws and regulations. Generally, we intend to collect only the necessary personal data to offer and improve services/products to customers and others, to manage accounts and Infare’s relationship with its customers/partners, and to offer information about employment opportunities.

This Privacy Policy (the ‘Policy‘) explains how we use your personal data. It outlines to whom and when we provide your personal data, the duration for which we store it, our direct marketing policy, the rights you possess regarding personal data, our use of cookies, and other important considerations.

This Policy applies to the personal data we collect related to our business and marketing activities. This includes data collected through your use of our website, as well as data obtained during business communications when you engage with us to use or potentially use the products or services that Infare provides (our ‘Services‘). The Policy also covers situations when you submit your contact details to receive marketing communications from us and when you provide event-related data for attending Infare events.

Please take your time to read this Policy. If you have any questions regarding this Policy or if you would like to exercise any of your rights provided in this Policy, please contact us by email at privacy@infare.com.

  1. Your data controller

Infare is responsible for your personal data. Infare comprises Infare Solutions A/S (address: Borgergade 14, 2nd Floor, DK-1300 Copenhagen K, Denmark) and its subsidiaries (referred to collectively as “Infare” or “we” or “our”). Information on subsidiaries can be found here. This Policy applies to all such entities.

For the purposes of applicable data protection laws (in particular, the General Data Protection Regulation (EU) 2016/679), Infare Solutions A/S and its subsidiaries will control your data. The roles of Infare Solutions A/S and its subsidiaries and their relationship with you are detailed in the arrangements between them.

  1. How do we use your personal data?

Infare collects and processes personal data about you in several ways. Depending on the situation, we may process your information for the following purposes:

  • Use of website

We process data about visitors’ use of our website. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of use of the website. We obtain such data through the use of cookies and similar technologies. We process this data to administer and manage our website, including confirming and authenticating identity, preventing unauthorised access to restricted areas of the website, and personalising and enriching visitors’ browsing experience by displaying content. We also process this data for analytics and improvements and for any other purpose for which you provided information to Infare. The legal basis for this processing is our legitimate interest. For information on the extent of storage of these data, please check Section 9, Cookies and web analysis.

  • When we provide our Services, or you provide services to us

We process information to maintain relationships with our customers, business partners, vendors, and professional advisers. For this purpose, we may process your preferred salutation, full name, job title, workplace details, business contact information, and any other data related to business development purposes which you yourself provide and/or which we obtained from public sources. The legal basis for this processing is any potential contract that we might have with you/your organisation you are affiliated with. Data collected during a continuous contractual relationship will be retained. When the contractual relationship ends, we will generally store data for five (5) years from the contract’s termination date plus the period until 30 January of the succeeding year.

  • Provision, administer, and support your account

We process information to effectively manage accounts when you (end-user) sign up for Infare Services on behalf of your organisation (Infare’s Customer). Examples include managing updates and fixes for our Services, offering customer support, technical assistance, product recommendations, and other support services, safeguarding the security of Infare Services and customers, conducting internal business processes, and sending administrative or account-related communications. In our processing, we handle information that encompasses the access or utilisation of our Services. This information includes identity data (like your username and password), contact data (including email, postal address, and phone number), subscription data (includes details of products and services your organisation has purchased from Infare and details about payments), technical data (such as IP address, login details, and browsing activities), profile data (comprising details about your interests, preferences, feedback, and survey responses), and commercial/usage data (providing insights into how Infare Services are employed). Infare collects data directly from you and gets some of it through your interactions with Services. To learn more about our privacy practices related to those activities and individuals, please visit our Portal Privacy Policy.

  • Marketing communications

For direct marketing purposes (such as providing newsletters, information about our Services, case studies, white papers, business analyses, event highlights, activities, promotions, etc., that you have signed up for or agreed to receive), we process your name, job title, address, email address, workplace details, industry, country, and any other information you provided to us through contact forms (you can see the exact information we collect by filling out the form fields). We process this data based on your consent.

Moreover, if we are currently providing or have previously provided Services to the organisation with which you are affiliated, and you haven’t objected to the use of your personal data for marketing purposes, we will process your personal data based on legitimate interest — specifically, to maintain and enhance business relationships. If you haven’t objected to your data being used for marketing purposes, we will continue processing this data as long as your organisation remains actively engaged with our business (while contracts, subscriptions, etc., are active). Contact details of individuals who haven’t engaged with us within the past two (2) years will be deleted from our databases. Please note that your essential contact details will be retained on our opt-out list if you’ve opted to no longer receive Infare publications.

  • Recruitment

We process data for recruitment purposes, including all the information you provide to us online, via email, or in hard copy, such as your CV, recommendations, cover letter, or any other documents. This enables us to assess your suitability for any position you apply for. Your consent to this processing is granted when you submit this information for employment purposes.

We process this data based on your consent and erase it no later than four (4) months after selecting a candidate for a vacant position. If you request it, we can store this information to extend another job offer, provided you give your prior consent. In such cases, your personal data will be stored for a period of three (3) years from the date of your consent.

  • Events and meetings

To organise and evaluate events or meetings, we process your registration data, such as name, current job title, workplace details, email address, and phone number. We process these data based on your consent and erasure them seven (7) days after the event.

  • Communication with you

For communication with you, we may process your personal data to raise awareness about the performed activity – in presentation messages, including, but not limited to, brochures, visual presentations, and social media. For this purpose, we may process your name, current job title, workplace details and information, your expert opinion and (or) insights on the topic under discussion, and photographs. This data will be processed based on your consent and stored for a duration of five (5) years, commencing from the date of publication, along with an extension until January 30 of the following year.

Infare collects and processes personal data about you in several ways. Depending on the situation, we may process your information for the following purposes:

  1. Who may access your personal data?

We may also share personal data with a variety of the following categories of third parties as necessary:

  • authorised Infare representatives based either within the EEA or outside of the EEA (and so are subject to specific contractual requirements) who are in contact with you or responsible for commercial activities and the performance of Infare’s contractual obligations;
  • service providers acting as processors who provide IT and system administration services;
  • professional advisers, including lawyers, bankers, auditors and insurers, who provide consultancy, banking, legal, insurance and accounting services.

Please note that this list is non-exhaustive, and there may be other examples we need to share with other parties to provide Services as effectively as we can.

When hiring subcontractors, we take all necessary measures to ensure that our data processors also implement appropriate organisational and technical security measures and keep the confidentiality of personal data.

  1. Which countries do we transfer your personal data to?

To provide our Services, we may need to transfer your personal data to companies working with us or on our behalf for the purposes described in this Policy outside the jurisdiction in which you provide it or where you are viewing this website for the purposes set out in this Policy. This may entail transferring your information from a location within the European Economic Area (the “EEA”) to outside the EEA, or from outside the EEA to a location within the EEA.

The level of information protection in countries outside the EEA may be less than that offered within the EEA. Where this is the case, we take appropriate security and legal precautions to safeguard the safety and integrity of personal data transferred. Where our third-party service providers process personal data outside the EEA in providing services to us, our written agreement with them will include appropriate measures, usually Standard Contract Terms approved by the European Commission.

  1. Steps taken to safeguard the personal data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have also put procedures to deal with any suspected personal data breach and notify you and any applicable regulator of a breach where we are legally required to do so.

We use a range of physical, electronic and managerial measures to keep your personal data secure, accurate and up to date. These measures include:

  • Education and training to relevant staff so they are aware of our privacy obligations when handling personal data;
  • Administrative and technical controls to restrict access to personal data on a ‘need to know basis;
  • Technological security measures, including firewalls and anti-virus software; and
  • Physical security measures, such as staff security passes to access our premises.

Although we use appropriate security measures once we have received your personal data, data transmission over the internet (including by email) is never completely secure. We endeavour to protect personal data; however, security cannot be guaranteed against all threats.

  1. Direct marketing

If you consent, we will send you marketing messages via email to inform you of what we are up to. You could also receive marketing material from us through personalised social media advertising. Also, suppose we already have provided Services to you, and you do not object. In that case, we will inform you about our other Services that might interest you, including further information related to such. You may opt out of receiving marketing messages at any time. You may do so by:

  • Choosing the relevant link in any of our marketing messages. You can do this by clicking the “unsubscribe” link at the bottom of each marketing email.
  • Contacting us by email at privacy@infare.com.

Upon you having fulfilled any of the provided actions, we will update your profile to ensure that you will not receive our marketing messages in the future. The opt-out of the marketing messages will not stop you from receiving messages directly related to the provision of Services.

  1. Social media

Please note that we currently have the account on LinkedIn | Infare, which privacy policy can be found here.

  1. Cookies and web analysis

Our website uses cookies, which may also be stored on your computer when you visit it. You can access more information and control the cookie settings related to the use of cookies on the website by clicking on the Cookiebot hyperlink on the bottom left hand side of the website.

  1. Third-party websites

You may find links to and from partner websites, information sources, and related party websites on the website. Please note that such third-party websites you will visit by clicking on links have their privacy policies, and we take no responsibility regarding such privacy policies. We recommend familiarising you with the privacy policies of such websites before providing any personal data to such.

  1. Your rights and how you may exercise them?

Your principal rights under data protection law are the following:

  • The right to access your personal data

You have the right to confirmation as to whether or not we process your personal data and, if we do, access to your personal data. We will provide you with a copy of that personal data and related information if you ask us. The first copy will be provided free, but additional copies may be subject to a reasonable fee.

  • The right to require rectification of your personal data

You have the right to have any inaccurate or incomplete personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed. Please let us know if the personal data that we hold about you needs to be corrected or updated.

  • The right to require the erasure of your personal data

In some circumstances, you can ask us to delete or remove your personal data. Nevertheless, this right is not absolute and can be justified for at least one of the following reasons:

  • The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • You withdraw consent to consent-based processing, and there is no other legal basis to process personal data;
  • You object to the processing under specific rules of applicable data protection laws; or
  • The personal data have been unlawfully processed.

However, there are exclusions of the right to erasure. Such exclusions include when processing is necessary for exercising the right of freedom of expression and information, or for compliance with our legal obligation, or for the establishment, exercise or defence of legal claims.

  • The right to restrict the processing of your personal data

This enables you to ask us to suspend the processing of personal data about you in the following circumstances: if you want us to establish the data’s accuracy; where our use of the data is unlawful, but you do not want us to erase it; where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

  • The right to withdraw consent regarding the processing of your personal data when personal data is processed exclusively based on your consent.

If you make such an objection, we will cease to process your personal data for this purpose.

  • The right to lodge a complaint

If you are unhappy with the way we process your personal data, please contact us, and we’ll do our best to improve. We take every privacy complaint seriously and will make all reasonable efforts to resolving your complaint promptly and according to applicable law. If you think your privacy rights were breached, you may also lodge a complaint with an authority of the EU country of your habitual residence. Contact information for these authorities can be accessed at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080. However, we recommend that you contact us first so we can try to resolve it.

  1. Use of the website by children

Infare understands the importance of protecting children’s privacy, especially in an online environment. In particular, our website is not directed to children, and it is our policy never to collect or maintain information about children knowingly. Also, we request such individuals not to provide personal data through the website.

  1. Changes to the Policy

We keep our Policy under regular review. We may also make changes as required to comply with changes in applicable law or regulatory requirements. The applicable version will always be found on our website. Where it is practicable, we will notify you by email of any significant changes. However, we encourage you to review this Policy periodically to be informed of how we use your personal data.

This policy was last updated on August 23, 2023.