Effective as of October 1st, 2020, Cookie Information A/S, (“Cookie Information”) and its subsidiaries, (collectively, the “Cookie Information Group” or “we” or “us” or “our”) have updated our Privacy Policy (“Policy”).
This Policy details our commitment to protecting the privacy of individuals who visit our Websites (defined below) (“Website Visitors”), who register to use the products and services which we market for subscription (available at www.cookieinformation.com (the “Service(s)”, or who attend or register to attend sponsored events or other events at which the Cookie Information Group participates (“Attendees”). For the purposes of this Policy, the term, “Websites”, shall refer collectively to www.cookieinformation.com as well as the other websites that the Cookie Information Group operates and that link to this Policy.
This Policy does not apply – Third party websites:
Our Websites may contain links to other websites. The information practices and the content of such other websites are governed by the privacy statements of such other websites. We encourage you to review the privacy statements of any such other websites to understand their information practices.
Account and Registration Information data:
We ask for and may collect personal information about you such as your name, address, phone number, email address and credit card information, as well as certain related information like your company name and website names, when you register for an account to access or utilize one or more of our Services (an “Account”). We also ask for and collect personal information such as an email address and a name from any individual that you authorize to log into and utilize our Services in connection with Your Account.
If you sign-up for a free trial Account, you are not required to enter your credit card information unless and until you decide to continue with a paid subscription to our Services. A third-party intermediary is used to manage credit card processing. This intermediary is not permitted to store, retain, or use your billing information for any purpose except for credit card processing on our behalf.
We refer to any information described above as “Account Information” for the purposes of this Policy. By voluntarily providing us with Account Information, you represent that you are the owner of such personal information or otherwise have the requisite consent to provide it to us.
Other Submissions:
We ask for and may collect personal information such as your name, address, phone number and email address from you when you submit web forms on our Websites or as you use interactive features of the Websites, including but not limited to: Requesting customer support or otherwise communicating with us.
Attendee Information:
We ask for and may collect personal information such as your name, address, phone number and email address when you register for or attend a sponsored event or other events at which any member of the Cookie Information Group participates.
Configuration data:
We collect what you enter directly in our Cookie Information Platform after you log in, such as. domain names on the websites where you implement the Service, as well as the configuration of content and appearance.
When you use our Services, we automatically collect information on the type of device you use, and operating system version.
Service data:
We collect data generated by website visitors (“End Users”) browsing your website(s) using the Service. When an End User sends consent from your websites, the following data is automatically logged to Cookie Information:
Date and time of consent
User Agent of the End User’s Browser
The URL from which the consent was sent
A technically necessary anonymous, random and encrypted key value
The end user’s consent state, which serves as proof of consent
The key and consent mode are also stored in the End User’s browser in the first-party cookie “CookieInformationConsent” so that the site can automatically read and respect End User’s consent on all subsequent page queries and future End User Sessions for up to 12 months. The key is used as proof of consent and as an option to confirm that the consent mode saved in the End User’s browser is unchanged from the original consent sent to Cookie Information.
Cross Domain Consent
If you enable the “Cross Domain Consent” feature to enable consent to across multiple domains using a single End User Statement, the Service also stores:
One third party cookie named “CookieInformationConsent_encodedclientid” with the same content as the 1. Party cookie described “CookieInformationConsent” in encoded format, set from the domain cookieinformation.com.
One third party cookie named “CookieInformationConfig” with the following data in encoded format:
Internal ID to identify the consent solution configuration
The domains included in the consent solutions configuration.
General Uses:
We may use the information we collect about you (including personal information, to the extent applicable) for a variety of purposes, including to (a) provide, operate, maintain, improve, and promote the Websites and the Services; (b) enable you to access and use the Websites and the Services; (c) process and complete transactions, and send you related information, including purchase confirmations and invoices; (d) send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages; (e) send promotional communications, such as providing you with information about products and services, features, surveys, newsletters, offers, promotions, contests, and events; and provide other news or information about us and our partners (you can opt-out of receiving marketing communications from us by contacting us at privacy@cookieinformation.com or following the unsubscribe instructions included in our marketing communications); (f) monitor and analyze trends, usage, and activities in connection with the Websites and Services and for marketing or advertising purposes; (g) investigate and prevent fraudulent transactions, unauthorized access to the Websites and the Services, and other illegal activities; (h) personalize the Websites and Services, including by providing features that match your interests and preferences.
Legal basis for processing (EU visitors only):
If you are a visitor from the European Union, our legal basis for collecting and using the personal information described above will normally be to perform a contract with you (e.g. to provide you with our Services). In some cases, the processing is in our legitimate interests and will not be overridden by your data protection interests or fundamental rights and freedoms.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Us” section below.
Cookie Information meets the requirements of the Children’s Online Privacy Protection Act as well as the GDPR. We will not deliberately collect information from anyone under 13 years. Our website, products and services are all aimed at people who are at least 13 years of age or older.
Third-Party Service Providers:
We share information, including personal information, with our third-party service providers that we use to provide hosting for and maintenance of our Websites, application development, backup, storage, payment processing, analytics and other services for us. These third-party service providers may have access to or process your personal information for the purpose of providing these services for us. We do not permit our third-party service providers to use the personal information that we share with them for their marketing purposes or for any other purpose than in connection with the services they provide to us.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights:
In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms and Conditions, or as otherwise required by law.
Testimonials:
From time to time, we may post testimonials on the Websites that may contain personal information. We obtain Your consent to post Your name along with Your testimonial. If you wish to update or delete your testimonial, you can contact us at privacy@cookieinformation.com.
Cookie Information Group Sharing:
We may share information, including personal information, with any member of the Cookie Information Group, and they will use that information only for the purposes already described in this Policy.
Where Cookie Information is the data controller of personal information (for example, personal information relating to Website Visitors, Attendees and individuals who register to use our Services), then we retain the personal information we collect where we have an ongoing legitimate business need to do so (for example, to provide you with our Services, to enable your participation in an event, and to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it.
The personal data that we process are hosted in data centers located in countries in the European Union.
Account and registration data is saved for tax purposes for up to five full fiscal years after you cancel your Service Account.
Configuration data and system-generated data will be deleted immediately after you cancel the Service Account.
Service data is deleted continuously after 5 years after registration and immediately when you cancel the Service Account.
Cookie Information implements adequate technical, organizational and physical precautions to maintain the protection of personal data against accidental or illegal destruction or unintended loss, change, unauthorized use, unauthorized change, disclosure or access, and against any other illegal forms of treatment.
Our Service utilizes a cloud environment to ensure high availability. No personal data is permanently stored outside our cloud platforms. In this way, the physical security of Cookie Information’s subcontractors is maintained. The following subcontractors used are:
Microsoft Trusted Cloud, Holland
E-conomic, Copenhagen, Denmark
Zendesk, USA (privacy-shield certified) and data hosted in the European Economic Area (EEA)
Sendgrid, USA (privacy-shield certified)
The main supplier Microsoft has adopted the International Cloud Confidentiality Practice, ISO / IEC 27018. (read more here https://azure.microsoft.com/en-us/overview/trusted-cloud/) The data processor E-conomic International A / S is certified in “International Standards on Assurance Engagements 3000” (ISAE 3000). Sendgrid follows a global standard for data privacy and security and has SSAE 16 (SOC 2 Type II) certification and PCI-DSS compliance.
Cookie Information monitors the maintenance of these standards and audits by subcontractors and sub-processors to ensure that data protection requirements are met.
In order to ensure secure data transmission, all data transits are encrypted to match them to best practice in the protection of confidentiality and data integrity. E.g. all provided credit card information is transmitted through Secure Socket Layer (SSL) technology and then encrypted into the database of our payment gateway provider so that they are only available to those authorized to access such systems and are required to keep the information confidential.
For data in transit, the Service uses industry standard transport protocols between devices and Microsoft data centers and within the data centers itself.
All personnel are subject to full confidentiality, and all subcontractors and subdivisers require that they sign a confidentiality agreement, unless full confidentiality is already part of the main agreement between the parties.
Any device used to access private information is logged in our Azure Active Directory, Microsoft’s cloud-based identity and access control service. If there are personal data temporarily stored on a device, the memory on this device must also be highly encrypted.
In the event that your data is compromised, Cookie Information will inform you and the competent supervisory authorities within 72 hours by email with information about the extent of the violation, the affected data, all impacts on the Service.
8. HOW TO EXERCISE YOUR DATA PROTECTION RIGHTS
You have certain choices available to you when it comes to your personal information. Below is a summary of those choices, how to exercise them and any limitations.
Accessing and updating or deleting your information:
Our Services give Subscribers the ability to access, update and delete certain personal information from within the Service. For example, you can access your account and make updates to your personal information e.g. email address. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
Deactivating your account:
If you no longer wish to use our Services, you may as Subscriber be able to deactivate their account. First, please contact Cookie Information with your request.
Opt-out of communications:
We offer those who provide personal contact information a means to choose how we use the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of our marketing emails or you may send a request to privacy@cookieinformation.com.
Other data protection rights:
If you wish to exercise any other data protection rights that are available to you under your local data protection laws (such as the right to data portability or to data restriction) then please send your request to privacy@cookieinformation.com and we will action your request in accordance with applicable data protection laws.
You have the right to complain to your local data protection authority if you are unhappy with our data protection practices. Contact details for data protection authorities in the European Economic Area are available here: https://edpb.europa.eu/about-edpb/board/members_en
We may assign or transfer this Policy, as well as your account and related information and data, including any personal information, to any person or entity that acquires all or substantially all of our business, stock or assets, or with whom we merge. If we do, we will inform them of the requirement to handle your personal information in accordance with this Policy.
This Policy may be updated from time to time to reflect changing legal, regulatory, or operational requirements. We encourage you to periodically review this page for the latest information on our privacy practices.
If there are any material changes to this Policy, you will be notified by our posting of a prominent notice on the Websites prior to the change becoming effective. If we are required by law to do so, we will seek your consent prior to those material changes becoming effective.
If you do not accept any changes made to this Policy, please discontinue the use of the Websites and the Services.
If you have questions regarding this Policy or about the Cookie Information Group’s privacy practices, please contact us by email at privacy@cookieinformation.com, or at:
Cookie Information är ett privacy tech-företag som är specialiserade på att utveckla mjukvara som hjälper dig och ditt företag med att göra era webbplatser och mobilappar GDPR- och ePrivacy-kompatibla.