Privacy Policy for Companies Tom Hope April 19, 2022
Description

Capeesh AS (“Capeesh”) provides this Privacy Policy as a means of informing you how your personal data is processed. Capeesh treats all personal data with the utmost care. We have undertaken all necessary steps to ensure the safety of this data.

Who can I contact?

Capeesh AS
Krambugata 2
7011 Trondheim
[email protected]

You can use this contact information to get in touch with our Data Protection Officer or another person with a data protection function. Please feel free to contact us at any time should you have specific questions regarding your data, the deletion of same, or your rights.

What rights do I have?

You can contact us at any time with questions regarding your data protection rights or should you wish to exercise one of the rights listed below:

  • Withdrawal of consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us to withdraw consent and stop receiving a newsletter)

    Right of Access in accordance with Art. 15 GDPR (e.g. you can contact us to find out which data of yours we have saved)

    Rectification in accordance with Art. 16 GDPR (e.g. you can contact us if your e-mail address has changed and you want us to update it)

    Erasure in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete any of your data that we have saved)

    Restriction of processing in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your e-mail address but only wish us to send you e-mails that are strictly necessary)

    Data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive the data we have saved on you in a compressed format, e.g. because you want to provide the data to another website)

    Objection in accordance with Art. 21 GDPR (e.g. you can contact us if you do not consent to one of the advertising or analytical procedures listed in this document)

    Right to lodge a complaint with the relevant supervisory authority in accordance with Art. 77 para. 1 GDPR (e.g. in the event of a complaint you could contact the data protection supervisory authority in your state directly)

Deletion of data and storage period

If not otherwise noted, we delete personal data as soon as it is no longer needed. Your data will also be locked or deleted if a storage period set out by law expires unless the data must be kept in order to complete or fulfill a contract. Some data may have to be stored for a longer time period if the law requires it. You can, of course, request information regarding the personal data we have saved on you at any time.

Hosting/saving the data

The personal data processed for use of services is processed solely on servers located within the EU. The hosting providers were carefully selected, and we have signed processing contracts with them as required by Art. 28 GDPR.
Our main service provider is AWS (https://aws.amazon.com/de/).

Processing for companies within the Capeesh framework

As part of providing Capeesh’s services to companies, Capeesh acts as the data processor, in accordance with Art. 28 GDPR. The company in question makes use of Capeesh’s services in order to provide the app Capeesh Language Learning product to their employees, who are then able to use Capeesh’s services independently.
Companies sign a data processing agreement with Capeesh as required by Art. 28 GDPR in order to legitimize the processing of employee data necessary for this access.

Website access

Each time a page is accessed, access data is stored in a log file, the server log. The data record saved contains the following data:

  •  Your IP address (a unique address used to identify your computer)

  •   The remote host (name and IP address of the computer requesting the page)

  •  The time, the status, the amount of data transferred, and the website from which you accessed the requested page (Referrer)

  •  Product and version information on the browser in use (User-Agent)

Capeesh AS uses a standardized web server log file format for this purpose. Provided the data is not necessary for technical system maintenance or system security, it will be anonymized immediately, and the original logs will be deleted. Anonymization is achieved by removing or shortening the IP address while assigning a code to the data that is not connected to the user.  It is then no longer possible to match the data to a specific person, or to identify a specific person using the remaining information. Capeesh therefore only uses anonymized logs, that is logs containing no connection to or information on your person, for statistical evaluations. Capeesh can use these logs, for example, to determine on which days and at which times Capeesh is mostly used, and what volume of data is created on the Capeesh web servers. In addition, Capeesh can use the log files to identify any potential errors, e.g. incorrect links or program errors, and thus use the log files to improve Capeesh. Capeesh does not connect the page requests or uses saved in the server log with individual persons.
The legal basis for this process is known as legitimate interest, which has been verified within the framework of the previously listed protective measures and in accordance with the European data protection requirements as laid out in Art. 6 para. 1 s. 1 lit f GDPR.

Registration and use of services

When you register for our services, we record and save basic data such as e-mail address, and any other contact information you provide, such as username and password. We may receive additional information from you via the website (e.g. if you fill out your personal profile) or when you communicate with us.

Newsletter & e-mails

We will send you e-mails for a variety of reasons. They may include order confirmation or confirmation of registration. However, they may also contain information on our services, provided you have not objected to receiving such information, which you can of course do at any time at https://admin.capeesh.com/company/settings. E-mails that we send to you will be saved and any e-mails that may be considered business letters will not be deleted during the legally required retention period. In addition, we record those e-mail addresses to which an e-mail was unable to be sent, in order to request that the e-mail address be updated.

Apps

In addition to our website, we also offer applications (apps) for various smartphone operating systems. We also collect data regarding the use of these applications in order to detect and correct errors and to improve the applications.

In addition – provided that you have given permission via your device settings – we will be informed in the event of program crashes. These crash reports are performed by third-party service providers. In doing so, however, no data is processed from which a third-party provider could link the data to a specific person.

Cookies

Our website uses cookies in some instances. Cookies are small text files that are usually saved in a folder in your browser. Cookies contain information on your current and previous website visits:

  • Name of the website

  • Cookie expiration date

  • Cookie value

Provided that cookies do not contain a specific expiration date, they are only saved temporarily and automatically deleted as soon as you close your browser or turn off the device. Cookies with expiration data remain saved even after you have closed your browser or turned off your device. These cookies are only removed once they have reached their expiry date or if you manually delete them.
Our website uses the following three types of cookies:

  • Required cookies (these are needed, for example, in order to display the website correctly for you and to temporarily save certain settings)

  • Functional and performance cookies (these cookies help us, for example, to evaluate technical data from your visit and therefore avoid error messages)

  • Advertising and analytics cookies (these cookies ensure that, for example, you see ads for shoes if you had previously searched for shoes)

You can use your browser settings to configure, block, and delete cookies. If you delete all cookies from our website, you may find that some website features are not displayed properly.


Cookies are only activated after you have granted express permission, with the exception of those cookies that are required for the technology to work. You can withdraw this permission at any time. You can find information on how to withdraw permission, as well as additional information, in the cookie configuration options.

Hubspot

This website uses HubSpot for our online marketing activities. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telephone: +353 1 5187500.

Our log-in services allow people who use our website to find out more about our company, download content, and provide their contact information, as well as additional demographic information. This information, as well as the contents of our website, is saved on servers belonging to our software partner HubSpot. It can be used by us to contact those who visit our website and determine which of our company’s services they are interested in. All information we collect is subject to this privacy policy. We only use the information collected to optimise our marketing measures.

On some subpages of our website, we also use the HubSpot form service “Forms” (the form you fill out to try a demo of Capeesh) to receive information about the demo request and provide you with follow-up. If you agree to and use this function, the following data will be sent to the HubSpot servers: the user’s email address (if the user provided their address in the form), the user’s phone number (if the user provided their phone number in the form), the user’s name (if the user provided their name in the form, and the name of the company (if the user provided the name of the company in the form). HubSpot’s services are used on the legal basis of Art. 6 para. 1 s. 1 lit f GDPR – legitimate interest. Our legitimate interest in regard to the use of this service is to record interest in our Language Learning and Workforce Training app.


More information on the HubSpot privacy policy »More information from HubSpot regarding the EU Data Protection Regulations »You can find more information on the cookies used by HubSpot here & here.

Data security

Capeesh takes security precautions to guarantee that your data is protected from loss, alteration, or misuse. Capeesh does this with industry-standard firewalls that are constantly being updated as well as other security systems. At the same time, the user should be aware that we cannot offer one hundred percent protection from attacks, due to the constant barrage of new viruses and ever-developing means of attack on internet service’s secure data systems. Capeesh will pursue every attack on the data, regardless of who carried it out, under both civil and criminal law, and inform users in the event that their data has been compromised.

Data is not forwarded to third parties

Capeesh does not forward the user’s personal data to third parties unless the user has provided express permission to do so or there is a legal requirement to forward the data. In addition, personal data may be forwarded to third parties if doing so is legally allowed and the data must be forwarded in order to fulfill our contractual obligation to our customers.

In the event that payment is made, the data for completion of the payment process will be forwarded to the payment service provider in the event that you do not provide them with the data directly. If you provide your payment data directly to a payment service provider, then we receive only very limited access to this data. In this case, we will only be informed whether or not a transaction matching a specific transaction number has taken place or not. We do not receive your account information in this case. In the event that the rights of third parties (in particular copyright, brand, name, and trademark rights) are violated by the user, the user’s data will only be provided to the rights holder in the event that the rights holder demonstrates their claim conclusively to Capeesh.