Last updated: 11.02.2022
1. Summary (tl;dr)
Keeping your data private is a big deal to us. Privacy is a fundamental human right - period. Therefore, data privacy is also a human right. We believe that with data, we can push the boundaries of human potential and empower people to take control of their lives. However, not only can we enable people with our services, we must do it in a way that respects the user’s privacy and choices. At Bornly, this is at our core. We are building a company that creates opportunities for all users while respecting their privacy. Therefore, we try to be utterly transparent of what personal data we collect and how we handle it.
Our collection and treatment of personal data fall under the EU General Data Protection Regulation or GDPR, which is a direct binding statute.
At any time, if you have questions, want to exercise your legal rights or chat about privacy - reach out to [email protected]
2. Company information
- Company name: Bornly ApS
- Established: 2018
- VAT-number: DK-39857340
- Address: Venøgade 26, 2100 Copenhagen, Denmark
3. Contact information
4. Why do we collect data?
We collect data mainly to provide our services (as defined in our Terms of Service), understand your needs, provide personalized insights and recommendations and communicate with you. Hence, to make applications that you can benefit from, we need to collect some data. What we collect is defined in the next section.
Our data collection resolves mostly around the information you enter in our services, such as name and email when signing up. However, we do also collect usage information and statistics about your usage of our services. Non-personal data, such as how you interact with our services, device data and event data, is anonymous and de-identified (cannot be pinpointed to you) and is mostly used internally to improve our services. We also use the usage information to analyze and fix bugs, so we can create a better user experience. Hence, we use the data to provide you with the best and most reliable experience of our services.
We’ll never sell your personal info to third parties, and we won’t use your name or company in marketing statements without your permission, either. All the data we collect is necessary for Bornly to deliver the services you use. The amount we collect is minimized wherever possible to respect your privacy.
5. What data do we collect?
When you use our services, we collect different kinds of data. We only collect and use personal data if you consent to it!
We collect data via:
- Newsletter sign up forms
- Account registration forms
- By using our applications
- By using our websites we place cookies
5.1 Personal data collected when using our services
If you desire to use our services, you can create an account. When creating an account in our services, we ask for your name, email address, a password, and use your device to store a preferred language (so we can serve content in your language).
These data serve to identify the user and to enable communication between the Provider and the user. The email address and all the user’s other data are not visible to other users. The data are stored on the basis of your consent pursuant to point (a) of Art. 6 (1) GDPR.
When you pay for a paid subscription, we ask for your credit card and billing address. That’s so we can charge you for service, calculate taxes due, and send you invoices. Your credit card is passed directly to our payment processor and doesn’t ever go through our servers. We store a record of the payment transaction, including the last 4 digits of the credit card number, for account history, invoicing, and billing support. We store your billing address to calculate any sales tax or other applicable taxes in your country, to detect fraudulent credit card transactions, and to print on your invoices.
For a better user experience of our services, you can freely choose to enter extra personal details and information. We will use them to make personal recommendations for you and will not share the information with others. When you browse our marketing pages, we’ll track that for statistical purposes (like conversion rates and to test new designs).
When you write us with a question or to ask for help, we’ll keep that correspondence, and the email address, for future reference.
5.2 Personal data collected from newsletter subscribers
You can, at any time, sign up to our newsletter on our website or when registering an account with one of our services. You will only be subscribed to our newsletter if you freely and actively consent to receive updates and marketing via our newsletter. When you accept, we collect your name and email address. You can in some cases, freely choose to enter extra personal details and information. We will use them to send more relevant newsletters for you and will not share the information with others. Please note that we hate spam, and if you at any time consider us spam, you can easily unsubscribe - we will never send you anything without prior consent.
6. How do we share your data?
We share your information when we have to provide you services that you’ve requested, with your permission. This does not mean that we share your data to be misused by marketers or other shady companies, but to enable our services to work. Please see our list of third-party services we use.
We may share your data when we investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
6.1 Scientific Research
We want to contribute to a world that listens to and uses science and rejects pseudo-science. Therefore, we want to provide some of our data to academic scientists who can help us improve the world. However, we are never sharing any data without prior explicit consent from you. All data is de-identified and strictly anonymized to protect the privacy and identity of the users who choose to participate in surveys and research.
7. How do we store your data?
We register your details with the purpose of delivering our product to you. The personal details are registered with Bornly and are stored until the consent is withdrawn or the account deleted, unless stated otherwise, after which the information is deleted. When personal details are collected via Bornly products and services, we ensure that this always happens with your express consent, so you are informed exactly what information is collected and why.
We encrypt customer data when these are transmitted, with the exception of emails sent to customers containing their own details. Transactions are ALWAYS encrypted, and Bornly DOES NOT store your credit card details.
8. How will we use you data?
Bornly collect personal data with the purpose of processing your order, providing products and services to you and managing your account with us. In order to do this we might share data with third party data processors (cf. Data Processors).
We will in some cases use de-identified personal data in bulk sets, to make statistical and analytical publications that will promote our products and/or to share interesting information with the world. This data will never contain any sensitive information, or any information that can identify you.
In certain situations Bornly may be asked to publish customer data in connection with a legal claim by relevant authorities to accord with statute (EU) 2016/679. We may also publish data if compelled or required by the law, e.g. in connection with depositions or other legal matters, where we in good faith believe the publication of such to is necessary to protect our rights, protect customer or other personal safety, in connection with a fraud investigation or if compelled by a subpoena.
Bornly may with consent send you marketing emails. Consent to this must happen willingly, specifically and clearly. This happens when you elect to receive marketing emails (actively chosen). All our marketing emails are handled by a third party processor, chosen by us.
You always have the right to oppose, for free and by request, the processing of personal data relating to you in relation to direct marketing activities without providing any particular reason. You can do this by using the “Unsubscribe”-link found in every email sent by us, or by contacting us at [email protected].
Once a customer has objected, this customers personal data will no longer be used for direct marketing purposes.
Marketing emails contain information which we believe would be of interest to you, such as the latest information regarding our products and services.
As a registered member with Bornly, you have the right to at any time object to your registration. You also have the right to insight into what information is registered about you. These rights are provided to you by the data protection laws and queries relating to this should be directed via email to [email protected].
9. Data Processors
Personal details are not shared with any third party, with the exception of circumstances wherein such disclosure is necessary in the delivery of our services. Examples of this could be a company which treats or delivers systems or technologies that improve our products and services, and we will share the necessary information in these cases. An example is our services stored on the Google Cloud Platform. They store our data for us, but do not have access to the data. Service providers are only granted access to the personal data required to provide the service. We do not publish personal data to third parties with the purpose of advertising their products or services to our customers. Please see our list of third-party services we use.
10. Data transfer outside the EU and to third-party applications
Any personal data collected from you may only be transferred to countries outside the European Union / the European Economic Area (EEA) observing applicable privacy regulations and ensuring that your privacy rights remain protected.
10.1 Apple Health (iOS)
We will not exchange any personal data with Apple’s Health app without your prior approval. Approval is given by you in the relevant settings of the Health app or within relevant application using apple health during initial user profile setup or via app settings and can be revoked by you at any time. If you have given your approval, the services may interact with the Health app on your iOS device and read and/or write information between the services and Apple Health. This may include a transfer of your personal data to Apple servers located outside the European Union.
You can choose if and to what extent your personal data is exchanged between our services and Health by granting or revoking appropriate permissions in Health app settings. Please refer to the Privacy Information of Apple Health for further information.
10.2 Sign-In with Apple
We allow the use of Sign-In with Apple. If you choose to use this Apple service to sign in to our servies and create an account, we will exchange certain data with Apple, such as Device Data, your IP-address and information you provided to Apple when creating an account with Apple Inc. This may include a transfer of your personal data to Apple servers located outside the European Union. It is your choice if and to what extent you use the Apple Sign-In service and what information you provide to Apple. Absolutely no health data will be exchanged with Apple for the purpose of using the Apple Sign-In Service.
11. Your Rights
- Right of Access: This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
- Right to Correction: This is your right to request correction of your personal information.
- Right to Erasure: This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession (also known as the “Right to be forgotten”). However, if applicable law requires us to comply with your request to delete your information, fulfillment of your request may prevent you from using Bornly services and may result in closing your account.
- Right to Complain: You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
- Right to Restrict Processing: This is your right to request restriction of how and why your personal information is used or processed.
- Right to Object: This is your right, in certain situations, to object to how or why your personal information is processed.
- Right to Portability: This is your right to receive the personal information we have about you and the right to transmit it to another party.
- Right to not be subject to Automated Decision-Making: This is your right to object and prevent any decision that could have a legal, or similarly significant, effect on you from being made solely based on automated processes. This right is limited, however, if the decision is necessary for performance of any contract between you and us, is allowed by applicable European law, or is based on your explicit consent.
Many of these rights can be exercised by signing in and directly updating your account information. If you have questions about exercising these rights or need assistance, please contact us at [email protected]
In order deliver the best user experience for you on our services, Bornly and third parties commissioned by Bornly store cookies on the visitors’/customers’ hard disk. The legal basis for this type of use is point (f) of Art. 6 (1) GDPR.
Cookies are small text files that serve, among other purposes, to record information on how a website is used. These cookies cannot execute programmes, nor can they infect your computer with viruses. They do not contain any personal data, cannot be attributed to a certain person and are automatically erased at the latest after one year, unless otherwise stated.
If users elect to block our cookies, they will not be able to utilize the full functionalities of the website or app.
You can get an overview of all the cookies Bornly and third parties commissioned by Bornly, place on you hard disk and see what purpose they have below.
12.1 Technical cookies
Some cookies are necessary for our website to function properly and to show you the right things at the right time. You do not have the opportunity to deselect these types of cookies. This includes cookies that keep you signed in and allows our servers to verify your account identity.
12.2 Statistical cookies
We place our own cookies to record statistics of the use of our website. These cookies track how visitors use and behave on our website, so we can improve the user experience and our services. This data is not stored with a third party provider.
12.3 Personal cookies
A personal cookie personalizes the content that is shown to you on our website, from how you behave on our site and other personal information you have given to us.
12.4 Other websites
13. Encryption and security
We always strive to provide the best security to protect our customers and their data. We make use of internal security audits, follow best practices from OWASP and other industry standards, and make use of encryption standards.
Ingoing and outgoing data is always transferred over an encrypted connection (TLS) and our data is stored with Google Cloud Platform that stores our data at rest encrypted. You can learn more about the security enforced at Google Cloud Platform here.
If you would like to make a complaint regarding your purchase, this should be directed via email to [email protected]. Should the unlikely event occur in which we cannot come to a solution regarding your problem, you can make use of the EU-commissions online complaints portal, which will be especially relevant to you if you reside outside of Denmark. You will find the complaints portal here.
15. Changes & Updates