All defined terms in this Privacy Policy shall have the meaning as assigned to them in the Terms of Service unless expressly provided herein to the contrary.
1. General
1.1. This Privacy Policy ("Policy") explains how UizardApp ApS and its affiliates ("Uizard", "we", "our", "us" or "our") processes personal data i) in connection with the use of our website, ii) of persons that direct inquiries to us, iii) of contact persons with suppliers and business partners, iv) in connection the provision of our online services found at uizard.io ("Services") and as further defined in the Terms of Services to be found at uizard.io/terms-of-service to customers, and v) of visitors to our social media platforms, and vi) in connection with the Uizard Partner Program.
1.2. In this Policy you can read more about the personal data we collect, how we handle your personal data and how long we will retain your personal data etc.
2. Data Controller
2.1. The data controller responsible for the processing of your personal data is:
- Uizard
- c/o Miro, Republikken
- Vesterbrogade 26
- 1620 Copenhagen
- Denmark
- tel.: +45 5033 3445
- email: support@uizard.io
2.2. All questions concerning this Policy, the exercise of your rights or any suspected non-compliance should initially be directed to support@uizard.io
2.3. The general legal processing framework is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and the attendant rules (the "GDPR"). In addition, the Danish Act No. 502 of 23 May 2018 on supplementary provisions to the EU Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data will apply (the "Data Protection Act").
3. Categories of Personal Data, Processing Purpose, Legal Basis and Retention Periods
Data Subject | Personal Data | Purpose | Legal Basis | Retention Period |
---|
Visitors to the website. | IP address, operating system, language setting, browser type, equipment type, etc. | Make the website available, optimize the website and user experience, ensure the functionality of the website, compile statistics and conduct targeted, relevant marketing. | Consent subject to the Danish Cookie Regulation Section 3 (1) and GDPR Art 6 (1)(f) — Uizard's legitimate interests in delivering the website, compiling statistics and marketing. | 2 years for the purpose of understanding how visitors engage with the Uizard Services. |
Individuals that contact Uizard or otherwise communicate with us. | Contact details and content of any communication. | Communication, and customer support. | GDPR Art 6 (1)(f) — Uizard's legitimate interests in responding to inquiries, etc. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
Contact persons with suppliers and business partners. | Contact details, company name and content of any communication. | Communication, administration of business relationship, payment, documentation of orders, audit/records trail. | GDPR Art 6 (1)(f) — Uizard's legitimate interests in communication with the supplier or business partner. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
Potential customers / contact persons with potential customers. | Contact details and content of any communication. | Communication. | GDPR Art 6 (1)(f) — Uizard's legitimate interests in communication with the potential customers / contact persons with potential customers. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
Customers / contact persons with customers. | Contact details, company name, content of any communication and relevant billing details and credit card information. | Communication, administration and documentation of customer relationship, billing and dispute handling purposes. | GDPR Art 6(1)(b) — necessary for an agreement with private customer and GDPR Art 6(1)(f) — Uizard's legitimate interest in maintaining the customer relationship and communicating with contact persons, delivering the service, billing and establishment, exercise and defence of legal claims. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
Partner program contact persons. | Partner IP, contact details, company name and content of any communication, financial information; and/or certain information about Partner's end users (such as IP address and device identifier). | Communication, administration of business relationship, documentation of transactions, analytics purposes, audit/records trail. | GDPR Art 6 (1)(f) — Uizard's legitimate interests in communication with the supplier or business partner. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
All of the above. | All of the above. | Compliance with legal obligations, implementation and maintenance of organisational and technical security measures, handling enquiries or complaints, handling disputes and when necessary for the establishment, exercise or defence of legal claims. | GDPR Art 6 (1)(f) — Uizard's legitimate interests in compliance with legal obligations, implementation and maintenance of organisational and technical security measures, handling enquiries or complaints, handling disputes and when necessary for the establishment, exercise or defence of legal claims. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
4. Sharing Your Personal Data
4.1. We may share your personal data with our third-party service providers such as, for example, our IT hosting services providers, our providers of technical support, etc.
4.2. We may also share your data with our group companies/entities to the extent that we are entitled to do so under the law.
4.3. In addition, we will share your data to the extent that we are required to do so, for example as a result of requirements to report information to public authorities.
5. Sharing Your Personal Data With Non-EU/EEA Recipients
5.1. Some of our service providers are located outside the EU/EEA. We therefore may share your personal data with non-EU/EEA recipients. However, this will require:
- That an adequacy decision has been issued by the European Commission for the level of protection offered by the country or the international company in question;
- That the standard contractual clauses on data protection adopted by the European Commission have been entered into between us and the recipient of your personal data;
- That the recipient in question is certified in accordance with Article 42 of the GDPR; or
- That the recipient in question has adopted a set of binding corporate rules.
5.2. We may also sometimes ask for your consent to transfer your personal data to non-EU/EEA recipients, or such transfer may sometimes be necessary for the performance of an agreement with you, or the implementation of pre-contractual measures taken at your request. Such exemptions for specific situations are governed by Article 49 of the GDPR.
5.3. You are entitled to information about or a copy of any appropriate safeguards which form the basis of the transfer of personal data to non-EU/EEA recipients or — in the case of exemptions provided under Article 49 of the GDPR — the exemptions which serve as the basis for such transfer.
6. Your Rights
6.1. The list below includes an overview of your rights.
- Access: You have the right to access the personal data we process about you. You may request access to the personal data we hold about you, including the purposes for which the data were collected.
- Rectification and erasure: You have the right to request rectification, supplementary processing, erasure or blocking of the personal data we process about you.
- Restriction of processing: In certain circumstances, you have the right to restrict the processing of your personal data.
- Data portability: You have the right to receive your personal data (only data about you which you yourself have provided to us) in a structured, commonly used and machine-readable format (data portability).
- Right to object: You have the right to ask us not to process your personal data in cases where our processing is based on Article 6(1)(f) (legitimate interests). The extent to which we process your personal data for such purposes is described in this Policy.
- Withdrawal of consent: If the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time.
6.2. Your exercise of the above rights may be subject to conditions or restrictions.
7. Secure Processing
7.1. At Uizard, our processing of personal data is governed by our Information Security Requirements, which is implemented to ensure that all data is handled in a manner that complies with information security best practices.
8. Cookies Policy
8.1. Cookies are small text files that are placed on your computer or mobile device when you visit a website, mobile app or use an online product. We use cookies to enhance your user experience when using the Uizard Services, and to show you ads related to Uizard online.
8.2. You can decide to delete non-essential cookies at any time. Deleting cookies or similar technologies means that any preference settings you have made on a particular website will be lost and the functionality of the Uizard Services may be impaired. You can use the preference settings in your web browser to:
- See what cookies or other similar technologies have been stored on your device;
- Block cookies or similar technologies;
- Clear cookies or similar technologies from your browser.
For more information on how to manage cookies on the most popular browsers, please see below:
Moreover, you may opt out of advertising partners' targeted advertising using the following links:
Provider | Name | Purpose | Expiration |
---|
Google Analytics | _ga | We use Google Analytics, which is a web analytics tool that helps us understand how users engage with the Uizard Services. Like many services, Google Analytics uses cookies to track user interactions, as in our case, where they are used to collect information about how users use the Uizard Services. This information is used to compile reports and to help us improve our Services. The reports disclose website trends without identifying individual visitors. For more information on Google Tag Manager, see here. For more information on Google Analytics, see here. If you want to opt out of Google Analytics across all websites you use, see here. | 2 years |
Google Analytics | _gat | Used by Google Analytics to throttle the request rate. | 1 day |
Google Analytics | _gid | Used to generate statistical data on how the visitor uses the website. | 1 day |
Google AdWords | ads/ga-audiences | Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. | Session |
Meta (Facebook and Instagram) | tr | We use the pixel function of Facebook Custom Audiences to identify users who have landed on certain pages for the purposes of target group-orientated remarketing and advertising. The Facebook pixel stores a cookie, which means that information about your visit to the Uizard Services will be shared with Facebook. These cookies, and the information collected, are used to help Facebook deliver advertising on our behalf to users who have previously visited our Services when they are on Facebook or another platform powered by Facebook Advertising, and to track advertising success. To modify your Facebook Ad settings to restrict these advertisements and to learn more, see Facebook Ad settings here. | Session |
Facebook | _fbp | Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | 3 months |
aedIn | bscookie | Used by the social networking service, aedIn, for tracking the use of embedded services. | 2 years |
aedIn | lang | Set by aedIn when a web page contains an embedded "Follow us" panel. | Session |
aedIn | lidc | Used by the social networking service, aedIn, for tracking the use of embedded services. | 1 day |
aedIn | bcookie | Used by the social networking service, aedIn, for tracking the use of embedded services. | 2 years |
aedIn | UserMatchHistory | Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. | 29 days |
Twitter | personalization_id | This cookie is set by Twitter — The cookie allows the visitor to share content from the website onto their Twitter profile. | 2 years |
Zendesk | __zlcstore | This cookie is served by Zendesk, a service that we use in order to provide a customer support chat to the visitors of the website. This cookie is necessary for the chat-box function on the website to function. | Persistent |
Zendesk | __cfruid | This cookie is served by Zendesk, a service that we use in order to provide a customer support chat to the visitors of the website. This cookie is a part of the services provided by Cloudflare — Including load-balancing, deliverance of web site content and serving DNS connection for website operators. | Session |
Zendesk | ZD-suid | Unique id that identifies the user's session when using the customer support chat on the website. | 20 minutes |
Zendesk | ZD-store | Registers whether the self-service-assistant Zendesk Answer Bot has been displayed to the website user. | Persistent |
Zendesk | ZD-buid | Unique id that identifies the user on recurring visits to provide customer support through a chat. | Persistent |
Intercom | intercom-id-[app-id] | Unique id to identify users anonymously. | 9 months |
Intercom | intercom-session-[app-id] | Identifier for each unique browser session. This session cookie is refreshed on each successful logged-in ping, extending it to 1 week from that moment. The user can access their conversations and have data communicated on logged out pages for 1 week, as long as the session isn't intentionally terminated upon logout. | 1 week |
Stripe | __stripe_mid | This cookie is necessary for making credit card transactions on the website. The service is provided by Stripe.com which allows online transactions without storing any credit card information. | 1 year |
Stripe | __stripe_sid | This cookie is necessary for making credit card transactions on the website. The service is provided by Stripe.com which allows online transactions without storing any credit card information. | 1 day |
Stripe | m | Determines the device used to access the website. This allows the Stripe payment service content to be formatted accordingly. | 2 years |
Amazon Web Services | AWSALB | Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience. | 6 days |
Amazon Web Services | AWSALBCORS | Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience. | 6 days |
Pendo | _pendo_meta | We use Pendo to improve the website and optimize user experience. | Persistent |
Pendo | _pendo_visitorId | Unique id that identifies the user. We use Pendo to improve the website and optimize user experience. | Persistent |
Uizard | X-Experiment | Used to track which version of the website each visitor saw in order to optimize the website and perform A/B experiments. | Session |
Uizard | Locale | Used to track the preferred browser language of the visitor. | Session |
Uizard | cookie-disclaimer | Used to track if the cookie disclaimer has been shown to a user. | 20 years |
Uizard | referral | Used to track referrals from other users. | 20 years |
Uizard | ad-tracking-entries | Used for general ad tracking. | 20 years |
Uizard | ad-campaign | Used for ad campaign tracking. | 20 years |
Uizard | affiliate | Used for affiliate tracking. | 20 years |
Uizard | auth:redirect | Redirect users to their desired page after authentication. | 20 years |
Uizard | deviceId | Unique identifier for the browser used for tracking events. | 20 years |
Uizard | token | Authentication token used for user sessions. | 20 years |
Uizard | browserUpdateDialogShown | Keep track of whether the browser compatibility dialog has been shown to the user or not. | 20 years |
Uizard | noTrack | If set will prevent most user tracking. Used for development purposes. | 20 years |
Uizard | auth:email | Used to pre-populate the email field in the login form when a user logs in or signs up as a result of an invitation to join Uizard by another user. | 20 years |
Uizard | auth:action | Determines an action that the website should carry out after a user authenticates. | 20 years |
9. Complaints to Supervisory Authority
9.1. Any complaint about our processing of your personal data may be submitted to the Danish Data Protection Agency:
- The Danish Data Protection Agency
- Carl Jacobsensvej 35
- 2500 Valby
- Denmark
- tel.: +45 3319 3200
- email: dt@datatilsynet.dk
10. Amendments and Updates
10.1. We reserve the right to amend this Policy as and when needed. We encourage you to periodically review this page for the latest information on the Policy.
10.2. This version of the Policy is effective December the 21st of 2021.