Privacy Policy

Last updated on 20/12/2024


1. Certainly Group ApS – PRIVACY POLICY

This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us or collected by us—offline or online—via our website (the Site) or our Chat Platform (app.certainly.io). In this Policy, “we,” “us,” or “our” means Certainly Group ApS, with registered office at Kronprinsessegade 8, 3, Copenhagen 1306, Denmark. Our VAT registration number is DK-42292540. We collect, store, and use your personal information in accordance with the Danish Privacy Act (published in ‘Lovtidende’ on 24 May 2018) and, where applicable, the European Union General Data Protection Regulation (EU) 2016/279 (the GDPR).


2. Personal Information

The types of personal information we may collect include:

  • Your name

  • Your contact details (email address, mailing address, street address, telephone number)

  • Information about your company or team

  • Your role within the company or team

  • Your age and/or date of birth

  • Your demographic information (e.g., age, gender)

  • Your preferences and opinions

  • Information provided via surveys or chat messages

  • Your browser session and geo-location data, device and network information, page view and session statistics, acquisition sources, search queries, and browsing behavior

  • Information about your access to and use of our Site (including details about cookies, browser type, operating system, and ISP)

  • Additional personal information you provide directly or indirectly

  • Any other personal information requested or provided by you or a third party

We may collect this information directly from you or from third parties.


3. Collection and Use of Personal Information

We may collect, hold, use, and disclose personal information for purposes such as:

  • Enabling you to access and use our Site, Chatbots, associated applications, and social media platforms

  • Contacting and communicating with you

  • Operating our chatbot conversations with you

  • Informing you about upcoming or active survey participation opportunities

  • Providing our business clients with feedback on their products or services

  • Internal record keeping and administrative purposes

  • Analytics, market research, and business development (including improving our Site and related platforms)

  • Running competitions and offering additional benefits

  • Advertising and marketing, including sending promotional information about our products, services, and third parties

  • Complying with legal obligations and resolving disputes

  • Processing employment applications


4. Disclosure of Personal Information to Third Parties

We may disclose your personal information to:

  • Third-party service providers (e.g., IT services, data storage, web hosting, debt collection, marketing, professional advisors, payment systems)

  • Our employees, contractors, and related entities

  • Our existing or potential agents or business partners

  • Payment systems operators

  • Sponsors or promoters of any competitions we run

  • Parties to whom our business or assets may be transferred (in good faith)

  • Credit reporting agencies, courts, tribunals, and regulatory authorities (in cases of non-payment)

  • Courts, tribunals, regulatory authorities, and law enforcement as required by law or to defend our legal rights

  • Third parties (including agents or subcontractors) assisting in providing products, services, or direct marketing—this may include parties located or storing data outside Denmark, such as Google Analytics or similar services

When we disclose your personal information, we ensure third parties process it in line with this Policy and applicable data protection laws.


5. Sensitive Information

Sensitive information is a subset of personal information requiring higher protection under the Danish Privacy Act. This includes information relating to:

  • Racial or ethnic origin

  • Political opinions

  • Religion

  • Trade union or professional memberships

  • Philosophical beliefs

  • Sexual orientation, practices, or sex life

  • Criminal records

  • Health or biometric data

We will not collect sensitive information without your consent. With your consent, such information will only be used for the purpose for which it was collected or as required by law.


6. Our Responsibilities as a ‘Controller’ under the GDPR

As a controller, we determine the purposes and means of processing your personal information. This means your data will:

  • Be processed lawfully, fairly, and transparently

  • Be collected solely for the specific purposes outlined above and not processed incompatibly

  • Be adequate, relevant, and limited to what is necessary

  • Be kept up to date (please contact us if you wish to update your information)

  • Be retained only as long as necessary

  • Be processed securely to protect against unauthorized access or loss

These principles apply to both EU citizens and our Danish customers.


7. Our Responsibilities as a ‘Processor’ under the GDPR

When acting as a processor, we:

  • Have contracts with controllers outlining our obligations

  • Do not use sub-processors without prior written authorization

  • Cooperate with supervisory authorities and ensure processing security

  • Keep records of processing activities

  • Notify the data controller of any data breaches

  • Appoint a data protection officer and EU representative if required (currently, these are not required)


8. Your Rights and Controlling Your Personal Information

You have the right to:

  • Consent: By providing your information, you agree to its collection, use, and disclosure as described in this Policy (if under 16, you must have parental or guardian consent).

  • Restrict: Limit the collection or use of your personal information (e.g., opt-out of direct marketing via your member dashboard or by contacting us).

  • Access and Data Portability: Request details or a copy of the information we hold about you, provided in a readable format (like CSV). You may also ask for a transfer of your data to another party.

  • Correction: Request that we correct any inaccurate, outdated, or incomplete information.

  • Complaints: File a complaint with us or with the Danish Data Protection Agency (‘Datatilsynet’) if you believe your data protection rights have been breached.

  • Unsubscribe: Opt-out of marketing communications by contacting us or using the opt-out options provided.


9. Storage and Security

We are committed to protecting your personal information by implementing physical, electronic, and managerial procedures—such as pseudonymization and encryption—to safeguard your data from misuse, interference, loss, or unauthorized access. However, we cannot guarantee complete security over information transmitted via the Internet.


10. Cookies and Web Beacons

We may use cookies (text files stored in your browser to record your preferences) and web beacons (small code snippets that monitor visitor behavior) on our Site. While cookies do not reveal personal information by themselves, they may be linked to personal data you provide, and may also allow third parties (e.g., Google, Facebook) to display retargeted advertisements.


11. Links to Other Websites

Our Site or platform may contain links to external websites. We do not control these sites and are not responsible for their privacy practices; they are not governed by this Privacy Policy.


12. Amendments

We may change this Privacy Policy at any time at our discretion. If amended, you will be notified via the contact details you have provided. Changes take effect once you are notified.


For any questions or notices, please contact our Privacy Officer at:

Certainly Group ApS

Kronprinsessegade 8b, 3 sal, 1306 København K, Denmark

Email: privacy@certainly.io


Last update: December 20, 2024