Privacy Policy

Emento is pleased that you are using our service. It is very important to us that we respect and protect your privacy. It is always our intention and goal to process your data responsibly and appropriately.

The personal data you provide to us will be treated confidentially and will only be disclosed for the purposes determined by the Data Controller. However, it is important that you read these terms and conditions carefully so that you understand why and how we process your personal data. If you do not find answers to your questions in this document, please feel free to contact our Data Protection Officer (DPO) at the following email:dpo@emento.dk

Emento is a Danish company with registered address in Aarhus N:

Emento A/S
CVR-nr. 37321745
Olof Palmes Allé 44
DK-8200 Aarhus N.

WHO IS EMENTO

Emento produces and owns Emento, (collectively referred to as "The Service/Our Service"), which are connected web and mobile applications that help citizens and staff coordinate and navigate processes in the public sector.

We take the privacy of your personal information very seriously and are committed to protecting it. To do this, we have procedures in place to ensure that your information is treated responsibly and in accordance with applicable data protection and privacy legislation. We are grateful for your trust and will act accordingly.

This Privacy Policy describes what information we process when you use our Service, how we use that information, and the choices we offer you about viewing, updating, and controlling that information.

WHO ARE THE DATA CONTROLLERS AND DATA PROCESSORS

To access the Emento Service, you must create a profile. Emento is responsible for processing your personal profile information in a safe and secure manner. Emento is therefore the data controller for your profile. This privacy policy only deals with this processing.

The Emento Service gives you access to courses at one or more hospitals and/or municipalities, for example. It is the hospital or municipality that determines the purpose and scope of the processing of your personal data in relation to these courses. This means that the hospital or municipality is the data controller for the process. When you provide personal data in the Emento Service in relation to your course of treatment, Emento is obliged to follow the instructions issued by the hospital or municipality (the data controller) and must process your personal data solely in accordance with the data controller's purpose in offering you the Emento Service. This means that Emento is the data processor for the course. You will find information on data processing in relation to your course at the organisation that has assigned you the course. The organisation may have added this information under "general info" in the app.

WHAT IS PERSONAL DATA

Personal data is any information about an identified or identifiable natural person. That is, it is any information that can be directly or indirectly linked to an individual. It can be, for example, name, gender, phone number or even images and dynamic IP addresses. When we process personal data about you in connection with your use of our Service, we always ensure that this is done for a clear and explicit purpose and make you aware of the kinds of data that are processed and why the data are processed.

WHEN DOES EMENTO PROCESS PERSONAL DATA

When you use our Service, you will usually provide information such as your name, telephone number, social security number, email address, and other information necessary for Emento to provide you with our Service. You also have the option to insert a profile picture.

We process personal data in the following way:

When you interact with us through the Emento profile, Emento processes different types of personal data and other information as described below:

Technical Data: Emento processes technical data and personal data when using the app. Emento also processes technical information related to your smartphone (such as: IP address, device configuration and country of origin) or related to the Service (such as: log and history of all data transactions, log and history of actions).

Identification Data: Emento processes personal data when you create a profile in the App. This data includes information about your identity (name, phone number and social security number) and demographics (age, gender and any languages spoken).

Health Data: Emento may process the title and sender of the course if you are assigned to a health course.

Communication Data: If you send us a request - for example an email with a need for help - we reserve the right to share (without sensitive personal data), this information internally in order to clarify and respond to your request or to be able to help other users.

WHEN DOES EMENTO PROCESS PERSONAL DATA ON BEHALF OF THE CONTROLLER

When you use our service, we process personal data on behalf of the hospital or municipality in the following ways:

When you interact with us through the Emento Service, Emento processes different types of personal data and other information as described below:

Health Data: Emento may process personal data about your health if you write a message that contains health data. Health data includes information about diagnoses, admissions, referrals, etc.

Behavioral Data: the Emento app automatically processes data about your behavior when using it, including location and use of the app. The location is used to provide you with real-time location-based notifications e.g. instructions on how to find your way from a specific parking lot to the municipality or hospital. Location is not stored.

Communication Data when you use the Emento Service, we process communication data such as messages to the clinic. NB we only process data originating from the Emento Service.

If you have any questions or wish to exercise your rights in relation to these processing operations, please contact the authority that has allocated you the service.

PURPOSE OF THE USE OF PERSONAL DATA IN EMENTO

The information we collect about you when you create a profile is for the following purposes:

To provide the Service: Emento will use your personal data to provide you with access to our Service.

To improve the Emento Service: in order to improve our Service and ensure accessibility to our platform, we keep a record of actions performed in a log. We never process your data when it can directly identify you unless you have given us consent to do so, e.g. if we need to solve a problem that you have brought to our attention.

To communicate information to you: We use your phone number to send an identity reassurance message. This is a security measure.

Legal basis for the use of personal data: the processing of data by Emento for the purpose of creating a profile is carried out with the legal basis of Article 6(1)(e) of the General Data Protection Regulation (GDPR) (and Article 9(2)(b)).

When Emento processes your social security number in connection with the creation and validation of your profile, this is done with the legal basis of Article 11(2)(3) of the Data Protection Act.

PERSONAL DATA TO THIRD PARTIES

Proper handling of your personal data is very important to Emento.

Personal Data will not be shared or otherwise accessed by third parties other than to Emento, the data processor, and selected and trusted sub-processors with whom we cooperate to provide our Service to you. Information may be disclosed to sub-processors who are authorized to use your information in connection with login administration as well as hosting.

It is Emento's responsibility to ensure that your personal information is not misused. Therefore, we always ensure that our sub-processors guarantee that your personal data is protected.

STORAGE OF PERSONAL DATA IN EMENTO

In Emento, we keep your personal data for as long as you use our Service. We also retain and use your information as necessary to comply with legal obligations and enforce our agreements.

Emento is committed to protecting your personal data. We use technical and organizational measures to safeguard against unauthorized access and use, destruction, alteration or disclosure of your personal information by any individual or organization. To ensure security and protection for you, only a limited number of persons with a legitimate need have access to personal data.

To best safeguard your information, we have adopted internal information security policies that include both instructions and measures to protect your personal data from destruction, loss or alteration, as well as from unauthorized disclosure, access or knowledge. In addition, all Emento employees must follow internal procedures and rules regarding the handling of personal data. Training in and around the correct handling of personal data is also conducted on an ongoing basis.

NB your use of the ISP will be subject to some other separate terms of use. Please note in particular that the ISP's handling of data is not covered by this Privacy Policy and is therefore not Emento's responsibility.

DELETION OF PERSONAL DATA IN EMENTO

We delete your personal data when it is no longer necessary for the purpose for which it was collected, processed and stored. The profile is deleted when it is no longer active. NB: as we are only the data controller for your profile, please contact the department if you wish to have your personal data deleted before the deadline. The department will then contact us.

YOUR RIGHTS

As a user of Emento, you can, upon request, find out what information we have processed about you, where it comes from and what we use it for. You can also find out how long we keep your data and who receives data about you, to the extent that we transfer data in Denmark and abroad. However, access may be restricted for reasons of privacy, trade secrets and intellectual property rights of others.

If your profile information is incorrect, incomplete or irrelevant, you have the right to have the information corrected. You can correct the information in your profile directly in the app.

As our service depends on your data being correct and up to date, we ask you to inform us of any relevant changes to your information.

If you have given consent, please know that it is voluntary. If you withdraw your consent, you have the possibility to easily withdraw it directly in the app.

We process Personal Data of children under the age of 13 if a hospital or municipality has assessed that the child needs treatment. Profiles for children under 15 are manually validated in the department that assigned the course.

You can lodge a complaint with a supervisory authority regarding our processing of your personal data at any time. The Danish supervisory authority is Datatilsynet, Carl Jacobsens Vej 35, 2500 Valby. Datatilsynet can also be contacted by email:dt@datatilsynet.dk

CONTACT INFORMATION

If you have any questions or comments about this privacy policy, please contact us at:

Emento A/S
Olof Palmes Allé 44
DK-8200 Aarhus N
E-mail: dpo@emento.dk
Phone: +45 72 22 70 70

You also have the possibility to contact our external DPO:

DPO Danmark ApS
Højbro Plads 10
DK-1200 København K
E-mail: dpo-emento@dpo-danmark.dk
Phone: +45 77 34 46 00
www.dpo-danmark.dk/dpo-hotline