©SmartResQ ApS – All rights reserved
Denmark, Version 1 – issued 2020.09.23
We handle your data in compliance with GDPR
SmartResQ/CorPatch® respects your privacy. This privacy statement describes your privacy rights and our commitment to secure your personal information.
If you have any questions about our processing of your personal data, please contact us. The data controller is:
Company: SmartResQ ApS (CorPatch®)
CVR No.: 38674102
Telephone no.: +45 2332 5825
SmartResQ/CorPatch® is a Danish/European company with legal entities, business processes, management structures and technical systems, across national borders. SmartResQ/CorPatch® provides products, software and services to public/private companies in Europe.
The head office is located in Denmark and SmartResQ/CorPatch® is subject to European data protection legislation, including the General Data Protection Regulation (GDPR). All major decisions in SmartResQ/CorPatch® concerning the protection of personal data is taken at Management Level under the supervision of the Data Protection Officer.
This privacy statement is available on our website(s) and in app(s).
IMPORTANT! Please do not use SmartResQ/CorPatch® pages or our services if you do not agree to the way we process personal data under this privacy statement.
The type of personal information we collect
When a handler determines the purposes and means of the processing of your personal data, the handler shall act as the controller. This includes scenarios where SmartResQ/CorPatch® collects personal data in the context of you being a job seeker, a representative of a customer or a lead, or when you are a software user.
SmartResQ is processing personal information for a variety of purposes, depending on the relationship we have with you.
We may process:
- Basic contact information, such as name, address, phone number (mobile and/or landline) and e-mail
- Employment information such as employer, title, position, including preferences and interests in a professional context
- Feedback, comments or questions about SmartResQ/CorPatch® or our products and services
- Photos or video recorded at our sites
- Content you have uploaded, such as photos, videos and performance over time
- Unique user information such as login ID, username, password and security question
- Financial information, where you agree to us using your information e.g. for storing your payment card details
- Traffic information provided by your web browser, such as the type of browser, device, language and the address of the website you came from, and other traffic information including IP address.
- Clickstream-behavior and activity on SmartResQ/CorPatch®’s IDs and in our products and services
- E-mail behavior, such as e-mail messages from SmartResQ/CorPatch® you open when and how
- Other personal information contained in your profile that you have freely placed on third party social networks, such as LinkedIn, Facebook etc.
- As a data controller SmartResQ/CorPatch® does not treat non-sensitive personal information about you
- Information used for scientific purposes and collected via our website(s) and apps, e.g. weight
- Information about end-users to deliver products to comply with quality and safety requirements, to provide services to the end-users, and to maintain and improve our offerings.
- Information about job applicants to handle job applications, to communicate about future job offerings and to maintain and improve our recruiting processes.
- Information about persons that have signed up to receive newsletters and other materials to deliver the materials and to maintain and improve our offerings.
- Cookie information to provide tailored advertising on social media and websites.
Data collected and handled in the CorPatch® Services platform and apps
SmartResQ handle, collect and store the following personal data when you use CorPatch® Services platform or apps.
All users (institute admin, trainer, trainee/end user)
- First name (if entered)
- Last name (if entered)
- Gender (if entered)
- E-mail address (mandatory)
- Preferred language of communication (mandatory)
- Password hash (mandatory)
- Whether the e-mail address has been validated (mandatory)
Additionally for trainees/end users (mandatory)
Data on the mobile phone used:
- Operating system (Android/iOS)
- Operating system version (e.g. 9)
- Manufacturer (e.g. Samsung)
- Model (e.g. SM-T518)
- App version (e.g. 1.2.4)
- Time of the last foreground activity of the app
- Time of the last background activity of the app
Data on the CPS used:
- Serial number / MAC address
- Firmware version
- Model name (e.g. CPS_01)
- Manufacturer (currently always SRQ)
- Name (currently always CorPatch)
- Battery condition
User onboarding data
- Tutorial completed (yes/no)
- Self-assessment completed (yes/no)
- Test training completed (yes/no)
- First login successful (yes/no)
- Was a CPS connected (yes/no)
Data collected through training
- Date, time and length of the training
- Training result
- Training type or training settings
- In case of a training within an institute, additional information about the course, trainer and institute
The following data is stored in the web server logs:
- IP address of the accessing party
- Browser version of the accessing party
- Date/time of access
- URL of access
External services that process data
- Google/Firebase for remote logging, crash and error analysis
- Google/Firebase for sending notifications
- Sendgrid for sending e-mails
- Hetzner for hosting web backend and database
What happens when a user is deleted?
- The user is marked as deleted. After that the user can no longer log in, is no longer visible for admins, etc. But the user still exists in the database.
- After 14 days the user is automatically deleted from the database.
- For the purpose of scientific evaluation and functionality upgrades, data of trainings will still exist in the database after deletion of the user, but the reference (the ID) to the user will be empty, and all references to personal data will be removed.
How we collect your personal information
Most of the personal information we process is provided to us directly by you. We collect data and process data when you:
- Register online or place an order for any of our products or services; e.g. demographic data, email address, payment information, items, order amount, discount level and frequency. Including sending transactional emails, e.g. order confirmation, shipping confirmation and refund confirmation.
- Engage in the sent communication (email, SMS, direct mail or phone); e.g. open rate, click rate and time spend reading the emails, sender domain and type of email client.
- Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
We might also receive personal information indirectly, from the following sources in the following scenarios:
- From cookies: when you visit our websites or apps; e.g. IP address, country, viewed pages, viewed products, interaction/clicks and searches.
- From you or any other person affiliated with our customer. These people can be a manager or a colleague. If the customer you are working for buys products or services from SmartResQ/CorPatch® through a partner company to SmartResQ/CorPatch®, we may collect information about you from the partner company.
- SmartResQ/CorPatch® Marketing partners, public sources or social networks of third parties.
- SmartResQ/CorPatch® will be able to combine personal data about you collected from one source with information obtained from another source. This gives us a more complete picture of you, which also allows us to serve you in a more relevant way with a higher level of personalisation.
How we use your data
In order to generally manage our customer relationships and to meet our customer commitments, SmartResQ/CorPatch® needs information about you in your role as a customer or when you use a service.
The purposes of processing such personal data are:
- Process your order, manage your account
- Email you with special offers on other products and services we think you might like
- Performing the sales and contract process for customers
- To deliver the requested products and services to customers
- To conduct deliveries in accordance with agreements concluded with you or customers
- To offer support to users of our products and services
- Improve and develop the quality, functionality and user experience of our products, services and SmartResQ/CorPatch® website(s) and apps
- Detect, limit, and prevent security threats and perform maintenance and troubleshooting and debugging
- Preventing the misuse of our products and services
- To process orders, invoicing, payments or another financial follow-up
- Create interest profiles to promote relevant products and services
- To establish user communities to educate and to facilitate interaction between users and SmartResQ/CorPatch®.
SmartResQ/CorPatch® processes personal data on leads for marketing purposes. In order to provide targeted and relevant content to prospective customers, SmartResQ/CorPatch® builds an interest profile based on your activity and your choices and actions on SmartResQ/CorPatch® pages, as well as your response to marketing content. The legal basis for such processing is primarily your consent.
If you are a jobseeker, we process personal data to evaluate your potential as a SmartResQ/CorPatch® employee. Our secure, online career platform ensures that we comply with the latest laws and regulations in relation to data privacy. The legal basis for such processing is your consent.
About website visitors
In order to monitor access to our sites, we process personal information about visitors. The processing is based on our legitimate interest in protecting our business secrets, employees, locations and you as a visitor. You will be informed of your rights in this context when you register with our electronic system for visitors.
If you agree, SmartResQ/CorPatch® might share your data with our partner companies so that they may offer you their products and services.
When we process your order, our system may send your data to, and also use the resulting information from, credit reference agencies to prevent fraudulent purchases.
How we store your personal information
SmartResQ/CorPatch® takes the trust you and our customers show us very seriously.
SmartResQ/CorPatch® undertakes to avoid unauthorised access, disclosure or other aberrant processing of personal data. SmartResQ/CorPatch® shall ensure the confidentiality of the personal data we process, maintain the integrity of personal data and ensure its accessibility in accordance with applicable privacy laws.
As part of our commitments, we take reasonable and adequate organisational, technical and physical procedures and measures to protect the information we collect and process.
We are taking into account the type of personal data and the risk that our customers are exposed to by any security breach, as there is a high likelihood that the root causes of personal data breaches can be found internally, we believe that the building of a strong corporate culture in which respect and vigilance about data protection among our employees is fundamental to ensuring the legal processing and protection of your information.
In case of a data breach, SmartResQ/CorPatch® will follow practices laid out by the Danish Datatilsynet.
Your information is securely stored at Hetzner according to GDPR regulations.
Webhosting information: https://www.hetzner.com/rechtliches/webhosting/
How long do we keep your personal data?
SmartResQ/CorPatch® retains your personal data only for as long as it is necessary for the purposes stated, while taking into account our need to respond to queries and resolve issues and comply with legal requirements under applicable law.
This means that SmartResQ/CorPatch® may store your personal information for a reasonable period after your and our customer’s last interaction with us. When the personal data we have collected is no longer necessary, we delete it. We may process data for statistical and/or scientific purposes, but in such cases the data will be pseudonyms or anonymised.
Time frame for data storage
|Customer service and accounting regulation||
5 years or as long as we are obligated to meet the needed legal requirement.
We delete your registration data as soon as you delete your user account with us, or once the statutory retention period expires.
6 months for application documents that do not result in hiring of the job applicant.
Renewal each 6 months if you wish to be considered for future job openings and you consent to longer storage period.
3 years after your latest activity e.g. visit on our websites, purchase or engagement in communication.
If you have given your marketing permission (email, SMS, phone etc.) and as long as we have your permission to contact you.
We delete your email address in newsletter automatically, once you delete your user account or if you unsubscribe from our newsletter.
|Storage of order history and obligations to fulfil orders||5 years or as long as we are obligated to meet the needed legal requirements.|
3 years after your latest activity e.g. visit on our websites, purchase or engagement in communication.
If you have given your marketing permission (email, SMS, phone etc) and as long as we have your permission.
|Fraud and risk assessment||5 years or as long as we are obligated to meet the needed legal requirement.|
You have the right to opt out of receiving marketing communications from SmartResQ/CorPatch® and can do it either by:
- Follow the opt-out instructions in the relevant marketing communications
- Change preferences under the relevant editing section for the account, if you have an account with SmartResQ/CorPatch®.
- Contact us by email at email@example.com
Please note that even if you opt out of receiving marketing communications, you may still receive administrative messages from SmartResQ/CorPatch®, such as order confirmations and notices necessary to manage your account or the services provided to our customers through e.g. mobile services or apps.
Your data protection rights
It is important for SmartResQ/CorPatch® that you are fully aware of all of your data protection rights.It is important for SmartResQ/CorPatch® that you are fully aware of all of your data protection rights.
Some data protection laws, including the European Union’s General Data Protection Regulation (GDPR), corresponding legislation in Germany Bundesdatenschutzgesetz (BDSG), in Switzerland and in the United Kingdom, and some U.S. state laws, provide you with certain rights in connection with personal data you have shared with us.
If you are a resident in the European Economic Area, you may have the following rights:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to request that we correct any personal information you believe is inaccurate. You also have the right to request us to complete information you believe is incomplete.
- Your right to erasure – You have the right to request us to erase your personal information under certain conditions.
- Your right to restrict processing – You have the right to request us to restrict the processing of your personal information under certain conditions.
- Your right to object to processing – You have the the right to object to the processing of your personal information under certain conditions.
- Your right to data portability – You have the right to request that we transfer the personal information that we have collected to another organisation, or directly to you under certain conditions.
If you would like to exercise any of these rights, please contact us at our email: firstname.lastname@example.org
What are cookies?
Cookies are small text files that contain a character string and create a unique identifier for a user. They are returned to the website and/or third parties. Most browsers are initially set up to accept cookies, since most websites are required to access them. However, you can change your browser settings so that your browser can generally reject cookies, block third-party cookies or specify when a cookie is being sent.
SmartResQ/CorPatch® is committed to ensuring your right to adjust your interests and to manage the scope of digital marketing from us through a system of preferential management
- Functionality – we use these cookies to recognise you on our website and remember your previously selected preferences. These would include that language you prefer and location you are in. A mix of first-party and third-party cookies are used.
- Advertising – we use these cookies to collect information about your visit to our website(s), app(s), the content you viewed, the links you followed and information about your browser, device and you IP-address. Sometimes we share some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.
The type of cookies we use
Our website(s) use the following types of cookies:
- Google Analytics: This cookie allows us to view information about website activities for users, including but not limited to page views, source, and time spent on a website. The information is anonymised and is displayed as numbers, which means that it cannot be traced back to individuals. This helps protect your privacy. By using Google Analytics, we can see what content is popular on our pages, and we strive to give you more of what you like to read and see.
- Google Analytics remarketing: Places cookies on your computer, which means that when you leave our site, Google may show you ads about SmartResQ/CorPatch® that you may be interested in based on your previous behaviour on our website. This information is not personally identifiable.
- Google Ads: By using Google Ads, we are able to see which pages were helpful in leading to submissions via our contact form. This information is not personally identifiable, but the data provided in the contact form is.
- Google Ads remarketing: Places cookies on your computer, which means that when you leave our site, Google may show you ads about SmartResQ/CorPatch® that you may be interested in based on your previous behaviour on our website. This information is not personally identifiable.
- Facebook Remarketing: Facebook’s tracking pixel places cookies on your computer that tell Facebook that you’ve checked the site. We then assume that you have an interest in SmartResQ/CorPatch® and the content on this site. When you visit Facebook, you will then be exposed to information or advertisements with similar content. Please use your privacy settings on Facebook to limit the exposure to marketing of this type.
How to manage cookies
You can set your browser not to accept or to delete cookies. However, some of our website features may not function as a result.
See how to avoid cookies in specific browsers:
You may prevent the information generated by the Google cookie about your use of our sites from being collected and processed by Google by downloading and installing the Google Analytics Opt-out browser Add-on for your current web browser.
Privacy policies of other websites
If we change our privacy statement, we will publish the revised statement here with an updated revision date. We encourage you to review the statement regularly. If we make material changes to our statement that significantly changes our privacy practices, we may also notify you in other ways, for example, by sending an email or by posting a notice on our website and/or social media before the changes take effect.
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that SmartResQ/CorPatch® has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office (ICO).
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
For further information, please visit the ICO website.
©SmartResQ ApS – All rights reserved
Denmark, Version 1 – issued 2020.09.23