Privacy policy | FOM Technologies

This privacy policy (“policy“) explains how we process your personal data, incl. how it’s used, stored, and protected. Why? Because we care about your privacy.

We are the entity responsible for the processing of your personal data in accordance with this policy. Here’s our information:

FOM Technologies A/S
Bryggergården 2-12
2770 Kastrup
Denmark

VAT: DK 34 715 726
Tel: +45 8870 8900

www.fomtechnologies.com
info@fomtechnologies.com

To make the policy more user-friendly, we use “we,” “us,” “our,” etc. to describe our company.

When we refer to our “website,” we mean www.fomtechnologies.com and the other sites and apps we own and operate.

When we refer to “you,” we mean you as a user of our website, app, or customer of our online services or products.

On our website, in our emails, and on our social media profiles, we may have links to other companies, apps, or websites (“other websites”) that aren’t ours. This policy doesn’t cover how those other websites process your data. We encourage you to read the privacy notices on the other websites you visit.

Deliver our service & products

Personal data are used to deliver our services & products and contact you concerning delivery, plan and perform demos, workshops, and other services that can be ordered through the website. We also process your data to give you access to our products and services, to ensure that you can log into your account, send you notifications, register and identify you as a customer/user, process your payment, to enable applicable account and product features, log and save the actions you take when you use our product and website, respond to your questions and provide you with customer service and support, including sending service related messages to you.

We process the following ordinary personal data:

• Your name and email
• Your title
• Your telephone/mobile number
• The company you work for and their domain
• Address and country
• Purchase history
• Your request, e.g., sign-up and use of our product, when you accepted our terms & conditions, when you signed up, when you requested a demo, and when you contacted us for support, etc.
• If you email us, we will collect the content of your message.
• Payment Information, e.g. your credit or debit card details and billing address.
• Login details and verification.
• What choices you made when you set up your account, when you became a customer, your user role, when you are logging into our product.
• Other types of interactions you will have with us and our service, e.g customer support, account and product setup, user interviews, UX research, customer feedback etc.
• Information about how you use our product and what services you and your company are subscribing to.

We don’t process any sensitive data.

We process your personal data on the following legal bases:

• Your consent (GDPR Article 6.1.a)
• To perform our contract with you (GDPR Article 6.1.b)
• Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act etc. [Add information about the legal obligation])
• To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).
• For the establishment, exercise or defense of legal claims, where necessary (GDPR Article 9.2.f)
• Article 6.1.f (necessary for the pursuit of legitimate purposes of us) [Describe the legitimate interest(s) pursued if 6.1.f is used as legal basis and provide information on your balancing of the different interests involved]]
• Article 9.2.b (necessary for the purpose of carrying out obligation in the field of employment, social security and social protection)
• Section 8 of the Danish Data Protection Act for information about criminal matters or criminal convictions.
• Article 9.2.g (necessary for reasons of substantial public interest, on the basis of Union or Member State law).
• Section 11 of the Danish Data Protection Act for information about national identification number.

We will keep these data for as long as they are necessary for the purposes for which they are being processed.

As a general rule, data will be kept for as long as you use our products or services or have an account with us plus 5 years following the conclusion of your account/customer relationship with us. Special circumstances or legal requirements may require shorter or longer periods, including to comply with legal requirements for the erasure or keeping of data.

If you are employed by one of our customers, we will keep your data as long as we have a business relationship with that customer.

We collect your personal data:

• Directly from you
• Online sources, e.g. social media that are publicly available
• Public authorities
• Banks

Marketing

Personal data is used for marketing-related purposes, including sending you newsletters, providing you with demos and offers, tailoring our communication with you to accommodate your areas of interests and focus and sending you relevant product and service promotion.

We process the following ordinary personal data:

• Your name and email
• Your title
• Your telephony number
• The company you work for and company domain
• Address and country
• Purchase history, interest areas and use of our digital services,
• What newsletters you signed up for, when you asked to receive email marketing, when you asked to receive a demo,,
• When you gave consent
• Which events you have participated in, signed up for etc.

We don’t process any sensitive data.

We process your personal data on the following legal bases:

• Your consent (GDPR Article 6.1.a)
• To perform our contract with you (GDPR Article 6.1.b)
• Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act etc
• To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).
• Article 9.2.f (necessary for the establishment, exercise or defence of legal claims)

We keep your data for as long as you are subscribing to our newsletters, email marketing etc. If you ask us to unsubscribe you, we will keep your data for two years after your request so we can show that we have honored your request and to make sure that you aren’t receiving the material.

We keep your information for up to two years after our most recent contact with you.

If we have collected publicly accessible information about you for the purpose of being able to carry out marketing activities, we will keep such data for as long as the relevant activity is ongoing and for two years after that.

Regarding events, seminars, courses etc. we’ll keep your personal data as long as they are necessary for the purposes of the course, the event or seminar in question and for evaluating them.

We collect your personal data:

• Directly from you
• Online sources, e.g. social media that are publicly available
• Forms on our website

Improve, optimize, or modify the experience on our website, online service, and apps

Personal data are collected by your use of our website, apps, and online services and products. We use these details to improve the user experience on our website, apps, and the services we offer. We use the data to operate our services, enhance and protect the security, and ensure their secure, reliable, and robust performance to improve the content we show you, determine what content is most helpful, and determine the usability of our website, apps, and online services.

You can read about the cookies we use on our website.

We process the following ordinary personal data:

• When you visit our website, our servers may automatically log the standard data provided by your web browser. It includes your computer’s Internet Protocol (IP) address, your browser type and version, your user agent, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
• Cookie information: We use cookies and similar technologies to collect additional website usage data and to operate our services.
• We receive information when you interact with our services, e.g. when you visit our websites, when you sign into your account, or when you interact with email subscriptions. This includes information such as your IP address, browser type, browser language, operating system, the referring web page, pages visited, location, device information, and cookie information.

We process your personal data on the following legal bases:

• Your consent (GDPR Article 6.1.a)
• To perform our contract with you (GDPR Article 6.1.b)
• Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act etc
• To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).
• Article 9.2.f (necessary for the establishment, exercise or defence of legal claims)
• Article 9.2.f (necessary for the establishment, exercise or defence of legal claims)

We keep this data for up to 5 years and cookie information is kept in accordance with the cookie policy.

We collect your personal data:

• Directly from you
• Online sources, e.g. social media that are publicly available
• Forms on our website

Business- and product development

We engage in data analysis, conduct audits, develop new products and services, identify usage trends, evaluate the effectiveness of our promotional campaigns, and manage and expand our business operations.

We process the following ordinary personal data:

• Your contact details
• Address and country
• The company you work for and the company domain
• How you are using our products and services
• Purchase history, interest areas and use of our digital services,

We process your personal data on the following legal bases:

• Your consent (GDPR Article 6.1.a)
• To perform our contract with you (GDPR Article 6.1.b)
• Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act etc
• To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).

We collect your personal data:

• Directly from you
• Online sources, e.g. social media that are publicly available
• Forms on our website
• We will retain personal data processed for this purpose for:
• Up to 5 years from last contact with you.

Statistics

Personal data are used in order to compile statistics for the use of our website and apps.

We process the following ordinary personal data:

• When you visit our website or apps, our servers may automatically log the standard data provided by your web browser. It includes your computer’s Internet Protocol (IP) address, your browser type and version, your user agent, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
• Cookie information: We use cookies and similar technologies to collect additional website usage data and to operate our services.
• We receive information when you interact with our services, e.g. when you visit our websites, when you sign into your account, or when you interact with email subscriptions. This includes information such as your IP address, browser type, browser language, operating system, the referring web page, pages visited, location, device information, and cookie information

We process your personal data on the following legal bases:

• Your consent (GDPR Article 6.1.a)
• To perform our contract with you (GDPR Article 6.1.b)
• Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act etc
• To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).

We collect your personal data:

• Directly from you
• Online sources, e.g. social media that are publicly available
• Forms on our website

We will retain personal data processed for this purpose for:

• Up to 5 years from last contact with you.

Comply with obligations

Personal data are used in order to comply with legal obligations and requirements, requests from public and governmental authorities, relevant industry standards, and our internal policies, and protect our operations and our rights.

• Your contact details
• Address and country
• The company you work for and the company domain
• Information required to comply with public and governmental authorities
• Purchase history and use of our digital services

The data retention period will be based on statutory requirements.

Recruitment through solicited and unsolicited applications

FOM Technologies’ processing of your personal data in connection with our recruitment activities is to assess your qualifications and suitability for a solicited role you have applied for, or if you have submitted an unsolicited application. The personal data may also be used to contact you to progress your application with a view to offering you an employment contract and may further be used to screen if other open job vacancies might be of interest to you.

We process the following ordinary personal data:

• Name
• Email
• Phone number
• CV/resume
• Cover letter
• Language skills
• Experience
• Education
• Qualifications
• Citizenship
• Other relevant information required for FOM Technologies to evaluate your application

We may create personal data in the course of our recruitment activities in terms of assessment and personality tests, which have independent privacy notices that you will be presented beforehand by our test providers. If you are called in for an interview, FOM Technologies may also process this data.

We process your personal data on the following legal bases:

• To perform our contract with you as the processing of personal data is necessary for FOM Technologies to take steps at your request prior to entering a contract. (GDPR Article 6.1.b)
• It may also be a legitimate interest of FOM Technologies to evaluate and manage our recruitment process, including to assess and confirm suitability for employment if your interests and fundamental rights do not override that interest (GDPR Article 6.1.f).
• If you provide your job application with special category data, such as health, religious or ethnical information, the legal basis for the processing of this personal data is GDPR article 9.2.b, which relates to FOM Technologies’ obligations in employment law.
• We may ask you to provide contact details to referees from former employers to collect information about you. FOM Technologies will never contact any referrer before your approval. The legal basis for the processing of this personal data is your consent (GDPR Article 6.1.a).
• In some circumstances, FOM Technologies may also request a copy of your personal data relating to criminal convictions and offences or related security measures depending on the role you have applied for. The legal basis for the processing of this special category of personal data is based on your explicit consent (GDPR article 9.2.a). We will only collect this information on behalf of your prior explicit consent.

We collect your personal data:

• Directly from you
• From test providers
• From referees
• From online sources, e.g. social media that are publicly available
• From forms on our website

We will retain personal data processed for this purpose for:

• Up to 24 months from last contact with you.

PLEASE DO NOT include personal data such as national identification numbers, data relating to criminal convictions and offences, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning sex life or sexual orientation in your application, unless requested by FOM Technologies and unless you agree to disclose this information.

Outreach recruiting

FOM Technologies may obtain your personal data indirectly from third-party sources such as recruitment platforms and websites, such as social media sites of which you are a member. The processing of your personal data is to identify and source talent for FOM Technologies to evaluate you for open positions that match your qualifications or interests.

We may process your publicly available personal data:

• Name
• Email
• Phone number
• CV/resume
• Cover letter
• Language skills
• Experience
• Education
• Qualifications
• Other relevant information you have made available

FOM Technologies may contact you through the above-mentioned platforms or social media sites of which you are a member or directly based on the information you have made available to investigate whether you are open to further recruitment activities as stated and processed in accordance with section 7.1 above.

We process your personal data on the following legal basis:

• It is a legitimate interest of FOM Technologies to to attract talented candidates to our workforce (GDPR Article 6.1.f).

We collect your personal data:

• Directly from you
• From recruitment platforms of which you are a member
• From third-party websites of which you are a member
• From online sources that are publicly available

Retention period:

• Personal data in relation to outreach recruiting is stored according to your settings on the recruitment platforms and third-party websites of which you are member, or when we have assessed whether further recruitment activities should be initiated.

Talent Pool

If you have submitted a solicited or unsolicited application with FOM Technologies, you may be asked if you would like to be added to FOM Technologies’ talent pool prior to the erasure of your candidate profile. If you consent to this, FOM Technologies may proactively contact you if suitable vacancies arise.

We process your personal data on the following legal basis:

• The legal basis for the processing of this personal data is your consent (GDPR Article 6.1.a).
• You can withdraw your consent at any time by contacting FOM Technologies.

Additional information

• We do not sell or rent your data to marketers or third parties.
• Some of these grounds for processing your data overlap, so there may be several reasons that justify us processing your data.
• We may also use your data in other ways but we will inform you about these purposes when we collect your data.
• If you would like more information about our legal basis for processing your data, feel free to contact us (see our details elsewhere in this policy).
• Please note that special circumstances or legal requirements may mean that such periods may be shorter or longer, depending on the purpose of complying with legal requirements for the erasure or keeping of information.

Keeping your data safe

We use reasonable organisational, technical and administrative measures to protect your data within our company.

The Internet is not a 100% secure environment and that means we cannot guarantee the security of the data you transmit to us. Emails sent via the Internet might not be encrypted, so we advise you not to include any confidential or sensitive information in your emails to us.

Third parties and processors

We use companies (processors) to help us deliver our services to you, e.g. to provide the hosting environment for our product, send out newsletters, to help us run our website, manage our payment etc.

When we use a processor we make sure that there is a legal agreement in place regarding how they will be handling data on our behalf. We’ll also make sure that they have appropriate security measures in place and if they are located outside the EU, we’ll of course make sure that there is a legal agreement in place allowing us to give them access to the data (see more below).

We share your personal data with:

• Suppliers and vendors that we work with to assist our company (meaning service providers, technical support, supply services, and financial institutions)
• Group entities
• Public authorities

Here’s an example of some of the suppliers we use:

• Hubspot
• Mailchimp
• Google Analytics

Read our cookie policy regarding the suppliers we use for those services.

In the event that we are involved in a bankruptcy, merger, acquisition, reorganization, your information may be transferred as part of that transaction. This policy will continue to apply to your information also after the information has been transferred to the new entity.

In some cases, we’ll transfer personal data to the following countries outside the EU/EEA:

• Mailchimp
• Google Analytics
• The transfers will take place on the basis of the following legal basis:

[The country/countries has/have been deemed by the Commission of the European Union to have an adequate level of protection of personal data.]

Your rights

You have the following rights:

1. Your right of access and rectification – You have the right to ask us for copies of your personal data or ask us to rectify information you think is inaccurate. There are some exemptions, which means you may not always receive all the information we process but as a main rule you can always contact us and ask for your information.
2. Your right to erasure – You can ask us to erase your personal information in certain circumstances.
3. You also have the right to have the processing of your personal data restricted.
4. Your right to withdraw your consent: If processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent. You may withdraw your consent by contacting using the contact information at the top of this document.
5. Your right to restriction of processing and object to processing – You have the right to ask us to restrict the processing of your information and a similar right to object to processing.
6. Your right to data portability: You have the right to receive your personal information in a structured, commonly used and machine-readable format (data portability).
7. Where your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data about you for such marketing.

The law gives us one month to respond to you, but we will try to respond sooner.

There may be conditions or limitations on these rights. Therefore, it is not certain, for example, that you have the right of data portability in a specific case—this depends on the specific circumstances of the processing activity. You are always welcome to contact us and ask. The same goes for some of the other rights.

Complaints

You can always lodge a complaint with a data protection authority, for example, the Danish Data Protection Agency.

Assistance and additional information

You can take steps to exercise your rights by using the contact details above.

If you have questions about the policy, feel free to contact us by using the contact details in this policy.

How to unsubscribe to email marketing material?

If you have subscribed to our newsletters or asked to receive marketing material from us, you can always unsubscribe. We include an unsubscribe link in all these emails, and you always click the link to easily unsubscribe.

You can also unsubscribe by sending us an email to the contact listed at the top of this document.

Children and Our Services

Our services and website are not directed to children, and you may not use our services if you are under 18. You must also be old enough to consent to the processing of your information in your country.

Changes to this policy

Sometimes, we need to change this policy to reflect our current practices. We will take reasonable steps to inform you about changes via our website.

If you are a registered user, we will notify you via email if significant changes are being made to the policy using the email address you gave us when you signed up.

If you continue to use our website or services after the notification, we will regard this as your acceptance of our privacy practices.

The policy was last updated on February 25, 2021.

Version 01.01