Privacy Policy

General information

This privacy policy addresses Emply ApS's (Emply) processing of personal data as controller. When Emply processes personal data about the customers' employees in the Emply solutions, Emply acts as processor and is subject to the terms set out in the processor agreement concluded with the customers.

In this privacy policy, you will find further information about how Emply processes data about you in connection with your use of www.emply.com, when you contact us, for the purpose of distributing marketing material and in connection with your participation in courses etc. The data may be provided by you or a third party (for example your employer or one of your relatives).

You are always welcome to contact us if you have any questions concerning the way we process personal data. See also the section below that contains a description of your rights and additional contact details.



Controller

The controller is:
Emply ApS
Lyngbyvej 2
2100 Copenhagen Ø
Denmark
CVR number: 31430747

Contact details:
Phone: +45 70 28 60 50
Email: support@emply.com



General enquiries and CRM

When you contact us using contact forms on our website or in connection with other enquiries (for example as a representative of one of our customers, suppliers or another third party), your enquiry may contain personal data, such as contact details, your affiliation with a certain business or other personal data that you may provide to us. We process such data to be able to process and respond to your enquiry. The legal basis for our processing of the data is the pursuit of our legitimate interest in being able to administer and answer enquiries, including to provide customer services, see point (f) of article 6(1) of the GDPR.

If you express an interest in one of our products in an enquiry, or if you contact us on behalf of a business (for example your employer), we may register you and the data that you provide to us in our CRM system as a potential lead or as a representative of a business in order for us to communicate with you about our products. You will then be registered as a contact person of the business you represent. The legal basis for our processing of the data is the pursuit of our legitimate interest in being able to sell and communicate with customers and potential customers about our products, see point (f) of article 6(1) of the GDPR.

We may also use your enquiry, and, consequently, the personal data contained in it, in the optimisation of our current services or for the development of new services, for example by preparing statistics on enquiries received or by anonymising enquiries received to be able to use them at a later point in time. We may also use your contact details in preparing surveys as well as the personal data we may receive if you participate in the survey. The legal basis for our processing of the data for these purposes is the pursuit of our legitimate interest in being able to optimise our current services or develop new services, see point (f) of article 6(1) of the GDPR.



Support

When you contact us for support for the use of our products, your enquiry will sometimes contain personal data, such as contact details, your affiliation with a certain business or other personal data that you may provide to us. We process such data to be able to provide the support you request.

The legal basis for our processing of the data is the pursuit of our legitimate interest in providing the support that we have agreed to provide with the business you represent, see point (f) of article 6(1) of the GDPR.

We may also use your enquiry, and, consequently, the personal data contained in it, in the optimisation of our current services or for the development of new services, for example by preparing statistics on enquiries received or by anonymising enquiries received to be able to use them at a later point in time. We may also use your contact details in preparing surveys as well as the personal data we may receive if you participate in the survey. The legal basis for our processing of the data for these purposes is the pursuit of our legitimate interest in being able to optimise our current services or develop new services, see point (f) of article 6(1) of the GDPR.



Courses etc.

When you sign up or others (for example your employer) sign you up for a course or another event, we process your contact details, such as your name, email address, your affiliation with a business and other data that we receive specifically. It may also be data about certain food preferences if we arrange for food and drinks during the event. The legal basis for our processing of the data is the pursuit of our legitimate interest in providing the event that we have agreed to provide with the business on behalf of which you participate and in being able to communicate with the participants before, during and, if relevant, after the event, see point (f) of article 6(1) of the GDPR.

If you sign up on your own behalf, and not as a representative of a business, the processing is instead authorised by point (b) of article 6(1) of the GDPR in that the processing is necessary for us to perform the agreement made with you on the participation in the event.



Electronic marketing

When you subscribe to our newsletter or other direct marketing, we register your email address and any other contact details. In some cases, we also register other data which you specifically provide to us. We use such additional data to be able to customise the offers and news we send you.

The legal basis for our processing is the consent you give us when you subscribe to our newsletter, see point (a) of article 6(1) of the GDPR.

You may withdraw your consent at any time. You may withdraw your consent by contacting us using, for example, the contact details provided above.



Use of website

Our website uses cookies and similar technologies to collect and process data about how visitors use our website. If you want to know more about our use of cookies and similar technologies, you may read our cookie policy: https://www.emply.com/cookiepolicy.

When cookies and similar technologies are stored on your terminal equipment, we may process your personal data, such as data about your IP address, and disclose it to our business partners. The legal basis for our processing of such data is:
  • For technically necessary cookies: The pursuit of our legitimate interest in preparing statistics on the traffic on and use of the website, optimising our website and marketing our services to relevant visitors, see point (f) of article 6(1) of the GDPR.

  • For all other cookies: The consent you have given us to use cookies and similar technologies on the website, see point (a) of article 6(1) of the GDPR.


Recipients of your personal data

We generally do not disclose your personal data to third parties without your consent unless we are required to do so by law or if such disclosure is necessary for the purposes set out above.

For example, we may disclose your name to a third party if such third party's premises will be used for a course or other event in which you will be participating. We may also share your contact and preference details with our group companies if, for example, you have consented to it in connection with your subscription to our newsletters etc., or if you (or the business you represent) receive or are to receive services across our group companies.

In several cases, we leave the processing of your personal data to our processors. This is the case, for example, when we allow our data to be hosted by an external service provider and when we allow another business to run our website. Our processors only process your personal data under our instructions, and we always conclude processor agreements with our processors. We preferably use recognised and mature processors that are capable of providing appropriate safeguards in the form of expertise, reliability and resources to implement appropriate technical and organisational security measures for the personal data that they process on our behalf.



Transfer of personal data to third countries outside the EU/EEA

In exceptional circumstances, your personal data may be transferred to recipients outside the EU and EEA, including our parent company, Paychex, Inc., in the USA, or our processors located in the USA. The basis for such transfer is the EU Commission's standard contractual clauses for the transfer of personal data to third countries.

If you want further information on the transfer of your personal data to third countries or if you want a copy of the relevant basis for such transfer, you are welcome to contact us using the above contact details.



Storage of your personal data

We will process your personal data for as long as necessary for pursuing the purposes for which the personal data have been collected. You may find an overview of the time limits for erasure in the table below.

Purpose Storage period
(as a general rule, data are erased no later than on the dates stated)
Data included in general enquiries, data about contact persons in our CRM system and data used for statistics and business optimisation etc. Five years after the end of the financial year in which your enquiry/issue was closed or in which the customer relationship with the relevant business ended. Within the above time limit, the data may be anonymised and used for statistics and business optimisation following which they will no longer be considered to be personal data as they can no longer be used to identify a person.
Data included in support issues One year after the end of the financial year in which the support issue was closed.
Data processed in connection with courses etc. One year after the end of the financial year in which the event was held.
Data received in connection with the subscription to our newsletter or any other form of electronic marketing Two years after the distribution of the latest enquiry. If the consent is withdrawn, the data will be erased no later than at the end of the financial year in which the consent was withdrawn.
Data collected using cookies etc. The storage period depends on the lifetime of each type of cookie. You may read more about this in our cookie policy: https://www.emply.com/cookiepolicy.



Your rights

Under the GDPR, you have several rights in relation to our processing of data about you. You may read more about them below.
  • Right of access: You have the right to access the data which we process about you and several other data.

  • Right to rectification (correction): You have the right to have inaccurate data about you rectified.

  • Right to erasure: In special circumstances, you have the right to have data about you erased before we are generally required to erase such data.

  • Right to restriction of processing: In certain circumstances, you have the right to restrict the processing of your personal data. If you have the right to restrict the processing, we will, in future, only be permitted to process the data – except for storage – with your consent or for the establishment, exercise or defence of legal claims or for the protection of a person or important public interests.

  • Right to object: In certain circumstances, you have the right to object to our otherwise lawful processing of your personal data.

  • Right to transmit data (data portability): In certain circumstances, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have such personal data transferred from one controller to another without hindrance.
To make enquiries about the exercise of your rights, please use the contact details set out above. In addition to the above, you have the right to file a complaint about our processing of your personal data. You may do so by contacting the Danish Data Protection Agency via www.datatilsynet.dk. You may also learn more about your rights by visiting the website of the Danish Data Protection Authority.


Version 2.0
© 2022 Emply ApS.
 
All rights reserved.