Privacy Policy - Cycle Service Nordic US

This privacy policy is applicable to:

Cycle Service Nordic ApS
Emil Neckelmanns Vej 6
5220 Odense SØ
Denmark

Telephon: +45 6599 2411
Email: info@cycleservicenordic.com
VAT: DK14412107

And affiliated subsidiary companies.

Privacy Policy of Cycle Service Nordic ApS
The protection of Personal Data is important to Cycle Service Nordic. We are committed to protecting your information and acting in accordance with your rights and privacy laws. Do read this privacy policy with care. It provides important information about how we use personal data and explains your legal rights.

In this policy, where we say ”you” or ”your”, this means either you, any authorised person acting on your behalf or any beneficiaries and other individuals in your household or organisation. Where we say ”we”, ”us” or ”our”, this means Cycle Service Nordic ApS.

Collection of Your Information and How We Use It

The data we collect about you and how we collect it varies depending on how you use our services and interact with us or our website.

The personal data we collect or have about you will be either provided by you direct, come from third parties or will be collected from your activity on our website and use of our services.

Data are recorded when visiting our website, such as the IP address, the data of the device used, and the items viewed. Contacting us will also often lead to the processing of personal data. This includes matters such as a request for sending a brochure or submitting a guarantee claim.

We process personal data within the following categories: Suppliers, prospective suppliers, dealers, prospective dealers and sponsored athletes.

1. Buy and Use of Our Products and Services

We collect and process the following information about you:

- Contact details including your name, address, contact number(s), email address and country of residence.

- Login and account information and payment details.

- Purchase history, payment or credit card information.

- IP address, demographic data and behaviour when using our websites.

- If you provide us with personal data such as names, mobile numbers and email addresses relating to your customers, you represent to us that you have informed them that we will use their personal data for the purposes mentioned below.

- If you submit inquiries or requests to us via our contact forms, the information provided in the contact form as well as any contact information provided therein will be stored by us.

We use your information for the following purpose:

- Contracting, delivery of product and/or service, and administrative processes (including billing and collecting, credit checks, technical support, handling your inquiries and questions).

- Communication: We will communicate with you over the phone, SMS, Messenger, Skype, fax, by email and/or by post for (routine) service, maintenance and technical purposes, important changes to the scope of our portfolio, and for direct marketing information about our products and services.

- Optimizing our services offered online and providing a better user experience.

- Participation in events, seminars and exhibitions arranged by us or which we are part of. We shall use such information only for handling these arrangements e.g. for confirming your participation, preparing name signs or for participants certificates. Your information shall not be shared with any third parties unless this is necessary in order to hold such arrangements. Any such third parties shall only use your personal information according to our instructions.

- We may use (aggregated) customer data for performance analysis of our products and services for the purpose of further development of our products and services, optimize our product portfolio and for marketing activities for future customers.

Children: We comply with local laws and do not allow children to register on our sites. When they are under the legal age limit, we will ask for parental consent for children participating in our experiences and events.

Our use of your information as described above is permitted by applicable privacy laws and in most instances the processing of your personal data is based on the legal basis of (pre-)contract (our (pre-)contractual obligation to provide you with our products and/or services). In some cases, it is (partly) based on our legitimate interest or your consent.

2. From Your Use of Our Website

Cookies
Cookies do not cause any damage to your computer and do not contain viruses. The purpose of cookies is to make our website more user friendly, effective and more secure. Cookies are small text files that are placed on your computer and stored by your browser.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your leave our site. Other cookies will remain archived on your device until you delete them. These cookies enable us to recognize your browser the next time you visit our website.
You can adjust the settings of your browser to make sure that you are notified every time cookies are placed and to enable you to accept cookies only in specific cases or to exclude the acceptance of cookies for specific situations or in general and to activate the automatic deletion of cookies when you close your browser. If you deactivate cookies, the functions of our website may be limited. Cookies that are required for the performance of the electronic communications transaction or to provide certain functions you want to use (e.g. the shopping cart function), are stored based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically error free and optimized provision of the operator’s services. If other cookies (e.g. cookies for the analysis of your browsing patterns) should be stored, they are addressed separately in this privacy policy.

3. Social Media

Facebook
When Facebook Inc. is using personal information collected at the fan pages of Cycle Service Nordic for instance with the object of improving the advertising system of the company, Facebook Inc. and Cycle Service Nordic shall be joint responsible for the processing of data of visitors to the page. Please consult the Data Privacy Declaration of Facebook for further information.
The purpose of processing your personal information is our legitimate interest in making content accessible for the users who have selected to follow Cycle Service Nordic including for the use of image branding and marketing.
The information shall be deleted when the post is deleted or you choose to withdraw your response to our post (like, share etc.).

Facebook plug-ins (Like & Share button)
We have integrated plug-ins of the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, on our website. You will be able to recognize Facebook plug-ins by the Facebook logo or the "Like" button on our website. An overview of the Facebook plug-ins is available under the following link: https://developers.facebook.com/docs/plugins/.
Whenever you visit our website and its pages, the plug-in will establish a direct connection between your browser and the Facebook server. As a result, Facebook will receive the information that you have visited our website with your plug-in. However, if you click the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our website and its pages with your Facebook profile. As a result, Facebook will be able to allocate the visit to our website and its pages to your Facebook user account. We have to point out, that we as the provider of the website do not have any knowledge of the transferred data and its use by Facebook. For more detailed information, please consult the Data Privacy Declaration of Facebook at: https://www.facebook.com/privacy/explanation. If you do not want Facebook to be able to allocate your visit to our website and its pages to your Facebook user account, please log out of your Facebook account while you are on our website. The use of the Facebook plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media.

LinkedIn-plug-In
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Any time you access one of our sites that contains functions of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited our websites with your IP address. If you click on LinkedIn’s "Like" button and are logged into your LinkedIn account at the time, LinkedIn will be in a position to allocate your visit to our website to your user account. We have to point out that we as the provider of the websites do not have any knowledge of the content of the transferred data and its use by LinkedIn.
The use of the LinkedIn plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media.
For further information on this subject, please consult LinkedIn’s Data Privacy Declaration at: https://www.linkedin.com/legal/privacy-policy.

Instagram-plug-In
We have integrated functions of the public media platform Instagram into our website. These functions are being offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you may click the Instagram button to link contents from our website to your Instagram profile. This enables Instagram to allocate your visit to our website to your user account. We have to point out that we as the provider of the website and its pages do not have any knowledge of the content of the data transferred and its use by Instagram.
The use of the Instagram plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media.
For more information on this subject, please consult Instagram’s Data Privacy Declaration at: https://instagram.com/about/legal/privacy/.

4. Analysis Tools and Advertising

Google Analytics
Our website uses functions of the web analysis service Google Analytics. The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called cookies. Cookies are text files, which are stored on your computer. Cookies enable an analysis of the use of the website by users. The information generated by cookies on your use of our website is usually transferred to a Google server in the United States, where it is stored. The storage of Google Analytics cookies and the utilization of this analysis tool are based on Art. 6 Sect. 1 lit. f GDPR. The operator of our website has a legitimate interest in the analysis of user patterns to optimize the services offered online and provide a better user experience.

IP anonymization
On our website, we have activated the IP anonymization function. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of our website, Google shall use this information to analyse your use of our website to generate reports on website activities and to render other services to the operator of our website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

Browser plug-In
You do have the option to prevent the archiving of cookies by making pertinent changes to the settings of your browser software. However, we have to point out that in this case you may not be able to use all of the functions of our website to their fullest extent. Moreover, you have the option to prevent the recording of the data generated by the cookie and affiliated with your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Contract data processing
We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the Danish data protection agencies to the fullest when using Google Analytics.

Demographic parameters provided by Google Analytics
Our website uses the function “demographic parameters” provided by Google Analytics. It makes it possible to generate reports providing information on the age, gender and interests of website visitors. The sources of this information are interest-related advertising by Google as well as visitor data obtained from third party providers. This data cannot be allocated to a specific individual. You have the option to deactivate this function at any time by making pertinent settings changes for advertising in your Google account.

5. Newsletter

We collect and process the following information about you:

- Contact details including your name and information that allow us to verify that you are the owner of the email address provided and consent to the receipt of the newsletter.

We use your information for the following purpose:

- Delivery of our newsletter and for sending of the requested information.

The processing of the information entered into the newsletter subscription form shall occur exclusively on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke the consent you have given to the archiving of data, the email address and the use of this information for the sending of the newsletter at any time, for instance by clicking on the "Unsubscribe" link in the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place to date.

The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted. This shall not affect data we have been archiving for other purposes.

Mailchimp
We are using Mailchimp for the sending of newsletters. The provider is The Rocket Science Group LLC d/b/a Mailchimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. Mailchimp is a service that can be used to organize and analyse the sending of newsletters. The data you have entered for the purpose of subscribing to our newsletter (e.g. email address) are stored on servers of The Rocket Science Group LLC d/b/a Mailchimp. Newsletters we send out via Mailchimp allow us to analyse the user patterns of our newsletter recipients. Among other things, in conjunction with this, it is possible to see how many recipients actually opened the newsletter email and how often which link inside the newsletter has been clicked. With the assistance of a tool called Conversion Tracking, we can also determine whether an action that has been predefined in the newsletter actually occurred after the link was clicked (e.g. purchase of a product on our website). For more information, please go to: https://mailchimp.com.
The data is processed based on your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation. If you do not want to permit an analysis by Mailchimp, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also send an email to: info@cycleservicenordic.com.
The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted from our servers as well as those of Mailchimp. This shall not affect data we have been archiving for other purposes.

Contract data processing
We have entered into a contract data processing agreement with Mailchimp and implement the strict provisions of the Danish data protection agencies to the fullest when using Mailchimp.

6. Plug-ins og tools Google Maps

Via an API, our website uses the mapping service Google Maps. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of our website has no control over the data transfer.
We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6 Sect. 1 lit. f GDPR.
For more information on the handling of user data, please review Google’s Data Privacy Declaration at: https://policies.google.com/privacy?hl=en.

7. Dealers

Customers largely purchase our products and services via recognised dealers and other resellers. These dealers and resellers are independent parties. We are not responsible for the handling of customer data by recognised dealers and other resellers. Dealers and resellers may provide us with your personal data in connection with the sale of our products and services under their own responsibility for the purposes of warranty, servicing etc., please read their own privacy statements for further details.

8. Disclosure of Your Information

We do not sell your information to third parties. However, we may share it with other Group companies or affiliated companies in the context of the provision of our products and services. As our activities require the skills and resources of other companies, we will further need to share your information with selected recipients in order to perform these activities. These companies will have similar legal obligations to us concerning safeguarding your information. Alternatively, we will remain responsible to you for what they do with your information.

The categories of recipients we share your information with include:

- Customer Communications and Telephone system providers, which store your personal data in the EEA, who we use to provide you with information and offers by email and/or physical mailings and/or get in touch with you via telephone.
- Payment services providers, which store your personal data in the EEA, who we use to process your installation and service payments.
- Financial services providers (debt collection agencies and financial auditors) which store your personal data in the EEA, to whom we may assign claims derived from the contract with you, e.g. in the event of failure of timely payment for products and services.
- Local authorities such as the police if it is apparent that a crime is being committed or that services need to be contacted or enforcement authorities to assist with debt collection.
- IT Services providers which store your personal data in the EEA that provide us with e.g. web and internet services.
- Analytics and search engine providers (e.g. Google Analytics), which store your personal data in the EEA that assist us in the improvement and optimization of our website services and products.
- Marketing and market research providers (e.g. Facebook and Google), which store your personal data in the EEA who we use for marketing, market research and customer feedback.

Please note that this list is not exhaustive and can vary over time.

If we or substantially all of our assets are acquired by a third party, your information will be transferred to the new owner. The new owner will be subject to the same laws concerning your information as we are. If we sell any business or assets to a third party, in which case we will disclose your data to the prospective buyer of such business or assets.

9. Transfers of Your Information Abroad

We store your information within the European Economic Area (EEA) or countries that have an adequate level of data protection.
Where we share your information with companies based outside the EEA or countries with an adequate level of data protection, we contractually require these companies to handle your information on a similar basis to us. In those cases, we will ensure that the transferred information is protected.

10. How Long Do We Retain Personal Data?

We process data for as long as necessary for the purpose for which the data is used. This may depend on registration by you, such as for an account, newsletter or application.
In principle, account data containing personal data is retained or is made anonymous for no longer than five years after the termination of the contract, unless longer retention is necessary to be able to assess any complaints or claims or for the purpose of compliance with statutory or administrative obligations.
Unsolicited job applications and sponsorship applications will be deleted no later than six months after the receipt of the application.

11. How Do We Secure Consumer Data?

Data security is an important part of our business operations. Various security measures are implemented in order to guarantee this. This includes matters such as a password policy, screening internet data and password procedures for the employees. Consumer data are stored in a secure technical room. This room is a cooled computer room with UPS and an electronic door with password protection. Other security measures involve alarm systems and surveillance. The abovementioned measures are part of the many measures being implemented by Cycle Service Nordic in order to protect the data of our consumers. If you have any questions in this regard or you suspect abuse, you can send an email to: info@cycleservicenordic.com.

12. Your Rights

You have a number of rights in relation to your personal data.

Right to be informed
You have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data.

Right to rectification (correction)
You are entitled to have incorrect information about yourself rectified. You also have the right to get your information supplemented with additional information if this will make your personal information more complete and/or up to date.

Right to be deleted
In some cases, you are entitled to have information about yourself deleted prior to the time of our general deletion. To do so, you may contact us at any time at: info@cycleservicenordic.com.

Right to limitation of processing
You may, in certain cases, have the right to restrict the processing of your personal information. If you are entitled to limited processing, in future, we may only process information - except for storage - with your consent or for the purpose of determining, enforcing or defending legal claims, or for protecting a person or important social interests.

Right to objection
In some cases, you may object to our otherwise legitimate processing of your personal information. You can also object to processing your information for direct marketing. You can read more about your rights in the Data Inspectorate's Guide on the Registrar's Rights, which you will find at www.datatilsynet.dk.

Right to data portability
You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

Right to log a complaint
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.
The Danish supervisory agency is “Datatilsynet”.
Further information can be found at www.datatilsynet.dk.

However, the execution of your rights may be limited in accordance with applicable privacy laws including the interest of decisive private interests if they are estimated to outweigh your interests. Furthermore, we reserve the right to charge a fee if we estimate that requests are made repeatedly and unreasonably or will require an excessive technical solution.

13. Contact and Complaints

The primary point of contact for all issues from this statement, including request to exercise data subject rights, is our managing director.
If you have a complaint or concern about how we use your personal data, please contact us at info@cycleservicenordic.com, in the first instance and we will attempt to resolve the issue as soon as possible.

14. Status of This Privacy Policy

We reserve the right to change this privacy policy from time to time. The changes shall take effect as from the time we publish the change. Consequently, we would advise that you check this page from time to time to ensure that you are happy with any changes. If you have any questions about these changes, please feel free to contact us directly at info@cycleservicenordic.com.

Current version: Version 2.0 / Revision 001 – September 18th, 2019