Privacy Policy

DigiScale values and understands that your privacy is important to you and we are committed to protect and use your personal data only as consistent with applicable data protection laws.

This Privacy Policy sets out how we may collect personal data from or about you, how we might use it and, importantly, what rights you have over your own personal data, and applies to all of our products, services, activities and websites (unless they have their own privacy notice).

When we write “you” or “your” we mean you as a website visitor, business contact person (B2B contact), such as the contact person of a company or an organisation we do business with, job applicant or other relevant third party reaching out to us.

Please read this Privacy Policy carefully to understand how we will use and look after your personal data.

01. Information about DigiScale

The DigiScale contact information and details of which can be found on the front page. This Privacy Policy is issued on behalf of DigiScale so when we mention DigiScale in this Privacy Policy, we are referring to the relevant entity in DigiScale responsible as (data) controller for processing your personal data, which will vary depending on your relationship with DigiScale (whether it be as a B2B contact, job applicant or other relevant relationship).

For the purposes of data protection laws such as Regulation (EU) 2016/679 (“GDPR”) and the GDPR as amended and incorporated into UK law under the UK European Union Withdrawal Act 2018 (“UK GDPR”), the (data) controller will generally be:

For processing of personal data in the context of visits to our website digiscale.com
For processing of personal data in the context of visits to our other websites (if applicable) or other DigiScale systems: the DigiScale entity identified on such website or system;
For the processing of personal data in the context of job applications and similar: the DigiScale entity identified in the job posting;
For the processing of your personal data in the context of the provision or procurement of our products or services: DigiScale identified in the proposal, agreement or applicable terms and conditions; or
DigiScale you (or the company you work for) is otherwise doing business with or that you otherwise provided your data to.

You may always get in touch with our Data Protection Officer (DPO) if you have any inquiries or wish to exercise a right in relation to your personal data.

If and to the extent you are based in the EU/EEA and your personal data is processed by Copenhagen DigiScale office in Denmark

If and to the extent you are based in the UK and your personal data is processed by a DigiScale entity based in the EU/EEA, you may get in touch with our UK representative if you have any inquiries or wish to exercise a right in relation to your personal data under the GDPR. Our UK representative, where applicable, is DigiScale. contact information and details of which can be found on the front page of the website.

02. What personal data do we process about you?

2.1 General

We may collect and process your personal data such as when you reach out to us, fill in a form, attend a meeting or event or when we otherwise do business with you or the company you represent.

The type of personal data that you may be requested to provide will vary based upon the context and the type of relationship(s) you have established with us. Most commonly, we may collect personal data such as:

Personal data that you provide by making use of any of the interactive features, such as by filling in forms on our websites, subscribing to services, newsletters and alerts, registering for a conference or event and otherwise request information.
If you contact us through our websites or social media channels, we may keep a record of that correspondence.
We may ask you to complete surveys, such as feedback forms that we use for improving our services. It is completely up to you whether you want to respond to them.
Any postings, comments or other content that you choose to upload or post to any of our websites or social media channels.
Technical data about the device(s) you use to visit our websites, such as internet protocol (IP) address and other unique user or device identifiers, browser type and version, time zone setting and location data, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites or services.
Information about how you use and interact with our websites (including, the pages you view and resources you access or download), such as the time and date of your visit, traffic data, location data, weblogs and other communication data. As well as the information provided under Section “Google Analytics” below for further information.

We may also use third-party services such as Google Analytics to monitor and analyse the use of our websites.

2.2.1 Google Analytics

We use Google Analytics to monitor and analyse the use of our websites. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our websites. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.

You can opt-out of having made your activity on our website available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page

2.2.2 Links to other websites or services

Our websites may contain links to other sites or services that are not operated by us. If you click a third party link, you will be directed to that third party’s site or service. We strongly advise you to review the privacy policy of every site or service you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

03. Why do we use your personal data?

Examples of how we may use your personal data are set out in the table below, including the legal basis relied on in relation to each listed purpose. We will request your prior consent to process your personal data for any of the purposes to the extent such consent is mandatory by applicable law.

Note that we may process your personal data for more than one lawful ground. Please get in touch if you need details about the specific legal basis we are relying on to use your personal data.

Purpose	Legal basis
To manage or enter into a contractual relationship with you.	The processing of your personal data is necessary for the performance of a contract between you and us, or in order to take steps at the request by you prior to entering into a contract with you.
Recruitment, such as may be necessary for us in order to receive and process your job application.	The processing of your personal data is justified on the basis of our legitimate interests to ensure that we recruit the appropriate employees. If we want to keep your data for possible future openings, we will ask you to consent to this.
To facilitate communications with you (including to respond to inquiries and requests).	The processing of your personal data is justified on the basis of our legitimate interests for ensuring proper communications with you, including provision of correct information.
To manage our business relationship with the company or organisation you represent/work for, such as may be necessary in order for us to achieve the purpose of a contract or evaluate potential business partners and manage existing business relations (including communication, procurement, contract signing and financial transactions).	The processing of your personal data is justified on the basis of our legitimate interests to manage our business relations and/or to achieve the purpose of a contract, including to carry out our contractual rights and obligations.
Managing our everyday business needs and operations.	The processing of your personal data is justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations.
To evaluate, develop and improve our services for our customers in general, e.g. by analysing the use of our services or the content of a feedback form you provide us.	The processing of your personal data is justified on the basis of our legitimate interests for evaluating, developing and improving our services and the way we provide them.
To coordinate and administer different types of events, such as meetings and conferences, we will process personal data of the invited persons. Certain events may be recorded and transcribed.	The processing of personal data is justified on the basis of our legitimate interests to manage and follow up on events.
When we create, use and/or publish content such as articles, interviews, videos or case studies for our internal use or other channels (such as our website, in presentations or our social media channels) we will process your personal data if you appear in such content.	We may also use personal data to prepare, facilitate, follow up on interviews, case studies and other content. Except where applicable law require us to obtain your consent, the processing of personal data is justified on the basis of our legitimate interests to create and, as applicable, publish content and marketing material.
To provide and maintain our websites and social media channels to you (including to allow you to participate in interactive features, when you choose to do so).	Except where applicable law require us to obtain your consent, the processing of personal data is justified on the basis of our legitimate interests to provide and maintain our website. You can find further information about our use of cookies and how you can disable them in our Cookie Policy.
We may monitor and analyse the use of our websites in order to improve the user experience and make our websites more effective.	Except where applicable law require us to obtain your consent, the processing of personal data is justified on the basis of our legitimate interests to provide and maintain our website. You can find further information about our use of cookies and how you can disable them in our Cookie Policy. Regarding our use use of Google Analytics and how it may be disabled, please see the section “Google Analytics” above.
To detect, prevent and address technical issues in relation to our websites.	Except where applicable law require us to obtain your consent, the processing of personal data is justified on the basis of our legitimate interests to provide and maintain our website. You can find further information about our use of cookies and how you can disable them in our Cookie Policy.
In order to ensure the ongoing security, we may monitor your access and use of our websites, systems and services (including, as applicable, external systems, apps and tools utilized in the provision of our services) for security reasons, e.g. by logs and access management systems.	Except where applicable law require us to obtain your consent, the processing of personal data is justified on the basis of our legitimate interests to ensure the ongoing security and access to our website, systems and services, to the extent permitted by applicable law.
To manage, detect, register, investigate and resolve IT and information security incidents and accidents.	Except where the processing of your personal data necessary for the compliance with a legal obligation to which we are subject (such as the notification requirements under the GDPR and/or the UK GDPR in case of a personal data breach), it is justified on the basis of our legitimate interest to properly handle IT and information security incidents and accidents, to the extent permitted by applicable law.
To comply with our legal requirements, such as requirements related to accounting and the protection of your personal data in our systems.	Processing is necessary for the compliance with a legal obligation to which we are subject.
To establish, exercise or defend our legal rights.	Our legitimate interest to manage legal issues and disputes.
Marketing our products and services to you (as a B2B contact person), unless you objected against such processing.	Except where applicable law require us to obtain your consent, the processing of personal data is justified on the basis of our legitimate interests to create and publish content and marketing material. If you receive any newsletters from us, you can always opt-out. You can do so either by clicking an opt-out link provided in such newsletter or by contacting us, please see our further contact details below. When you opt-in to receiving marketing communications from us (including newsletters), we use Mailchimp to send you such marketing communications. Please see Mailchimp’s Privacy Policy for more information about Mailchimp’s use of your personal information.

Click here for more information on Mailchimp’s Privacy policy.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another purpose and that purpose is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will (when required by applicable law) provide you appropriate notice and explain the legal basis which allows us to do so.

If the processing of your personal data for any the purposes set out in this Privacy Policy involves automatic decision making and/or profiling, we will only make such automated decision and/or profiling with your prior consent (if required by applicable law) and after providing you information about such automatic decision making and/or profiling.

04. How long do we keep your personal data?

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies. We perform regular disposals and erase personal data that is no longer necessary to process.

Technical data and usage data used for internal analysis purposes is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our website, services or systems, or we are legally obligated to retain this data for longer periods.

05. How do we keep your personal data safe?

The security of your personal data is important to us and you should always feel safe when you provide us with your personal data. Therefore, we maintain organizational, physical and technical security arrangements for all the personal data we hold. We have protocols, controls and relevant policies, procedures and guidance to maintain these arrangements taking into account the risks associated with the categories of personal data and the processing we undertake.

06. Where do we store your personal data?

We will primarily store and access your personal data in the countries we operate in within the European Economic Area (EEA), but we may also transfer to and process your personal data in a country outside the EEA, including to the United Kingdom (UK) (e.g. to an affiliate, a business partner or services provider located in such country). We will take all reasonable measures necessary to ensure that your personal data is handled securely and in accordance with applicable law. We will ensure that all personal data transfers outside the EEA are done in accordance with Chapter 5 of the GDPR, for instance by entering into standard data protection clauses in the absence of an adequacy decision from the EU Commission, and that all personal data transfers outside the UK are done in accordance with applicable provisions of the UK GDPR.

07. Who has access to your personal data?

7.1 Recipients

Your personal data may be shared within DigiScale for the purposes described in this Privacy Policy. Access to your personal data within DigiScale will be limited to those employees who have a need to know the information for the purposes described in this Privacy Policy.

Furthermore, where there is a need, we may forward your personal data to third parties outside DigiScale as may be required to carry out our business operations, provide our services and for the purposes described in this Privacy Policy, but we will never sell your personal data for marketing purposes to such third parties.

Third parties to whom we may forward your personal data usually includes:

Other companies (e.g. when necessary to fulfill the agreement between us and you or the company or organisation you represent)
Our services providers (such as suppliers of IT systems, applications and support as well as other service providers)
Our professional advisers (such as lawyers, accountants, auditors, banks, insurance companies and other professional advisers)
Public authorities (e.g. a court or supervisory authority)

7.2 Disclosure to service providers and professional advisers

Where there is a need, our third party service providers (such as suppliers of IT systems, applications and support as well as other service providers) and professional advisers (such as lawyers, accountants, auditors, banks, insurance companies and other professional advisers) may gain access to and process your Personal Data.

Any third party service providers and professional advisors to whom your personal data are disclosed, are expected and required to protect the confidentiality and security of your personal data and may only use your personal data in compliance with applicable data protection laws.

7.3 Disclosure for law enforcement

Under certain circumstances, we may be required to disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

7.4 Disclosure for legal requirements

We may disclose your Personal Data in the good faith belief that such action is necessary to:

comply with a legal obligation that we are subject to;
protect and defend the rights or property of DigiScale;
prevent or investigate possible wrongdoing in connection with our business operations or the use of our services or website;
protect the personal safety of users of our services or website or the public; or
protect against legal liability.

08. What are your rights in relation to your personal data?

In certain circumstances (subject the conditions and exceptions in applicable law), you have the following data protection rights:

The right to access. You have the right to request information about the personal data we have on you and, if we do, to obtain a copy of that personal data.
The right of rectification. You have the right to have your personal data rectified if that personal data is inaccurate or incomplete.
The right to erasure. In certain circumstances, you have the right to request us to delete your personal data, e.g. such personal data would no longer be necessary to achieve the purposes for which it is kept.
The right to object. You have the right to object to our processing of your personal data. If you object to our processing of your personal data based on our legitimate interest, we will not continue to process the personal data unless we can demonstrate a legitimate ground for the processing which overrides your interest and rights or due to legal claims.
The right of restriction. You have the right to request that we restrict the processing of your personal data (i.e. personal data may under certain circumstances be blocked from normal processing but not erased).
The right to data portability. You have the right to be provided with a copy of the personal data we have on you in a structured, machine-readable and commonly used format. This only includes personal data you have submitted to us based on your consent or a contract, and may be further subject to conditions and exceptions in applicable law.
The right to withdraw consent. You have the right to withdraw your consent at any time where we relied on your consent to process your personal data. When you do so we might not be able to provide you with a service, specific content on our websites or similar based on the consent.
The right to object to direct marketing. You have the right to object to direct marketing, including profiling analysis carried out for direct marketing purposes. You may opt out of receiving any, or all, direct marketing communications from us, e.g. by following an unsubscribe link or instructions provided in any direct marketing email we send or by contacting us.
The right to request human intervention. If we have taken a decision about you based solely on automated processing that produces legal effects concerning you or similarly significantly affects you (automated decision making), you have the right to request “human intervention” from us.

You may always exercise your rights by contacting us, please see our further contact details below. Please note that we may ask you to verify your identity before responding to such requests.

You may contact us if you consider us to process your personal data in an incorrect way. You also have the right to complain to a supervisory authority (such as your local data protection authority within the EEA or the ICO if you are based in the UK) about our collection and use of your personal data.

09. Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

10. Contact us

Do not hesitate to contact us if you have any questions about our processing of your personal data or this Privacy Policy. Questions, requests and complaints shall at first hand be directed to our data protection officer Thomas Edvardsen