Protecting our Users’ information is really important to us and we will only use our Users’ information in line with the relevant laws concerning the protection of Personal Data, which when processing Personal Data in the European Economic Area (“EEA”) shall include the General Data Protection Regulation (EU) 2016/679 (the “GDPR”), the Privacy & Electronic Communications (“EC Directive”) Regulations 2003 and, in Denmark, the Danish Data Protection Act 2018, each as amended or replaced from time to time (together, the “EEA DP Legislation”).
2. General Terms
- Nabo may be referred to as “Nabo”, “we”, “our” or “us”.
- The Komak mobile application (whether on iOS or Android) is referred to as the “App”.
- Our website (https://komak.io/) is referred to as the “Site”.
- Users of our Platform are referred to as “Users”, “you” or “your”.
- Users of the App who, through the App’s functionality, volunteer to help other Users with their day-to-day activities are referred to as “Volunteers”.
- Users of the App who, through the App’s functionality, request assistance from Volunteers with their day-to-day activities are referred to as “Persons-in-Need” or “PINs”.
- Our Site and App, and related services, information and communications are collectively referred to as our “Platform”.
3. Who decides how your information is used?
4. What information do we collect and how do we use it?
Examples of the types of Personal Data that we collect are set out below. We receive this data automatically when Users download, sign-up to and use the App, and may receive some of this data when you engage with us via social media channels, subscribe to online content we produce (such as newsletters) or when you telephone, email or write to Nabo.
The Personal Data that we collect includes the following, which may, if relevant to providing services of Nabo, be combined with information we receive from other sources:
- Contact Information: This may include your first and last name, residential address, telephone number and email address. You voluntarily provide us with this information when you sign up to use our Platform. We collect and use that information in order to authenticate you when you register to use our Platform and to make sure you are able to access our Platform. We may also use your address, telephone number or email address in order to communicate with you to provide technical and customer support.
- Identity Information: If you are a Volunteer, this may include your date of birth or your social security information (or equivalent, depending on your jurisdiction), to the extent permitted by law in your jurisdiction. We may use this data to validate your identity, in the interests of protecting the safety and security of our PINs.
- Content Information: You may also choose to send us Personal Data in an email containing enquiries about our Platform and we will use this information to help us respond to your enquiry.
- Location Information: As the services we provide through the Platform are location based, when you use the Platform, we collect and use your device location information, whether you are a Volunteer or a PIN to, to identify other relevant Users (e.g. PINs, if you are a Volunteer) who you may be able to assist (in the case of a Volunteer) or who may be able to assist you (in the case of a PIN). We identify your location using a variety of technologies, including GPS, the WiFi points you are accessing the App through and mobile/cell tower triangulation.
- Performance Information: We also collect and use information relating to your in-App actions (e.g. how often you respond to PIN requests, if you are a Volunteer, or how often you make a request, if you are a PIN) to allow us to assess the effectiveness of the App and its utilisation across different regions (regionally, nationally and internationally). This helps us to continue to develop the App, identify and address any technical issues that may arise with the App and to assess the proportion of PIN help-requests to the number of Volunteers available across different geographic areas, so that we can consider how the App might be better utilised for the benefit of communities across the globe.
- Technological Information: In relation to our Site, we will collect and use your IP address, browser type, operating system, the pages of our Site which you browsed or the features you used, and the time you spend on those pages or features to better understand who is using our Site and how. Similarly, we will collect and use information on your in-App user settings and preferences to understand the same matters in relation to the App. We may also use your in-App information, as well as certain information about your mobile device (including device identifiers, device OS, model, configuration, settings and information about third party applications installed on your device), to monitor performance of the App and address any technical issues identified by us or by other Users, as well as to carry out anti-fraud measures in accordance with our Terms of Service and for the benefit of Users (e.g. to prevent PINs from being misled by fabricated offers of assistance).
If you elect to turn on background activity tracking in the App, we will collect your Personal Data as you use the App as well as in the background when you do not have the App open on your device. This information will solely be used for the purposes set out in “Location Information” and “Technological Information” above. You can change your mind and turn-off background activity tracking at any time in your device settings.
By submitting Personal Data to us, you consent to such Personal Data being collected and processed for the purposes described above. Where you voluntarily provide Health Data or other sensitive Personal Data, for example via email or other communications with us, we may need to ask you to confirm that you expressly consent to us collecting and processing the relevant data. In some instances, it is necessary for us to collect your Personal Data in order to enter into or perform our part of a contract with you, or provide you with access to the Platform and certain services. Failure to provide such Personal Data may prevent us from providing you with the goods, services, information, activities or online content you select, or tailoring such content to your personal preferences.
5. Who do we share your information with?
If other technical or administrative issues arise in connection with the Platform, we may be required to engage other service providers, associated organisations, contractors and agents to help us address these in an efficient and non-disruptive way. Those service providers may be required to process your Personal Data but we will ensure that this is limited to the greatest degree practicable (e.g. through anonymization of data) and will agree contractual arrangements with such service providers to ensure that they process such information solely to the extent needed to provide the services which we have engaged them for and only in accordance with our instructions.
- Information Shared with Other Users: When you use the Platform, we will share certain Personal Data with other Users so that we can help you identify Users who can assist you (if you are a PIN) or who you can assist (if you are a Volunteer). This Personal Data includes your name and your telephone number or email address (i.e. the information needed for the relevant User to contact you). As set out in our Terms of Service, Users are only permitted to use Personal Data relating to other Users for the purposes of contacting, in the case of Volunteers, PINs who have requested assistance and, in the case of PINs, contacting Volunteers who may be able to assist them. Upon downloading the App or accessing Our Platform, all Users agree to comply with these requirements.
- Information Disclosed for Our Protection and the Protection of Others: We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We only share information about you with government or law enforcement agencies or private parties where we reasonably believe necessary or appropriate: (a) to respond to claims and as part of legal processes (including where disclosure is required under subpoenas and warrants); (b) to protect our property, rights and safety, or the property, rights and safety of a third party or the public in general; or (c) to investigate and stop any activity that we consider illegal, unethical or legally actionable.
For the avoidance of doubt, as a not-for-profit organisation, we will never use or share your Personal Data with any third party for its own marketing purposes. You have the right at any time to request that we cease giving your Personal Data to third parties identified above or for contacting you for our own marketing purposes.
In addition to the third parties noted above, we may disclose your Personal Data to third parties:
- in the event that we buy or sell any business or assets, in which case we may disclose your personal information to the prospective buyer or seller;
- if Nabo or substantially all of its assets are acquired by a third party, in which case Personal Data held about Users and Volunteers will be one of the transferred assets; and
- in order to enforce or apply our terms and conditions or to protect the rights, property or safety of Nabo, or our members, Users or Volunteers.
6. How is your Personal Data transferred?
The Platform is available globally and, if you are not located in the EEA, the applicable data protection laws in your jurisdiction may not be the same as those in which we process your Personal Data (i.e. Denmark, a country within the EEA). As the performance of the services for which the Platform was created requires the sharing of some of your Personal Data with other Users within your local area, this means that there may be two potentially applicable sets of data protection rules in relation to your Personal Data:
- the EEA DP Legislation; and
- the data protection rules that apply in the jurisdiction in which you are located (if different from those applicable in Denmark).
7. How do we keep your Personal Data safe?
8. How long will we keep your Personal Data?
When we no longer need to use your Personal Data and there is no need for us to keep it to comply with our legal or regulatory obligations, we will either remove it from our systems or annonymize it so that it can no longer be associated with you. When removing Personal Data, we will take reasonable and technically feasible measures to make this information irrecoverable and irreproducible.
9. What rights and choices do you have?
You have certain rights in relation to your Personal Data. In order to exercise these rights, please contact us at email@example.com.
- Request access to and obtain a copy of the Personal Data we hold about you.
- Request that we rectify or correct the Personal Data we hold about you that is inaccurate, out of date or incomplete. The easiest way to update your account information is via your in app-settings.
- Request that we delete or remove your Personal Data, where there is no good reason for us to continue processing it or where you have exercised your right to object to processing (see below), where we have processed your Personal Data unlawfully, or where we are required to erase your Personal Data in order to comply with applicable law. Please note that we may not always be able to comply with your request to delete or remove Personal Data for specific legal reasons, which will be notified to you if applicable.
- Object to us processing your Personal Data. Some of the Personal Data we hold is necessary for us to provide you with access to the App and for you to be able to use the services it provides including, in the case of Volunteers, your Health Data.
- Ask us to restrict or suspend processing your Personal Data, but be aware that sometimes we need to use your Personal Data in order for you to be able to use the Platform.
- Have your Personal Data transferred to another organisation (where this is technically feasible). This right is only available if we are processing automated information (initially) based on your consent, or under (or in contemplation of entering into) a contract with you.
- Where we rely on consent as the lawful basis for processing, you may withdraw your consent.
- Complain to a regulator. We’d appreciate the chance to deal with your concerns directly in the first instance so we’d prefer you to contact us first. However, if you’re based in the EEA and believe that we have not complied with data protection laws, you can complain to our regulator, the Danish Data Protection Agency (Datatilsynet), or with your local supervisory authority.
The applicable law may provide exceptions to these rights in certain circumstances. Where you cannot exercise one of these rights due to such an exception we will explain to you why.
We offer you choices regarding the collection, use and sharing of your Personal Data and we will respect the choices you make. Please note that if you decide not to provide us with the Personal Data that we request, you may not be able to access the Platform or use the features it provides.
After you contact us, you may receive an email in order to verify your request. We aim to provide the information or complete the outcome you request within one month. If your request is particularly complex or you have made a number of requests, it may take us longer than a month. If this is the case, we will notify you and keep you updated.
10. What about my Health Data?
To ensure that Volunteers do not contribute to the spread of COVID-19, Volunteers are required to confirm certain information regarding their physical health when utilising the App. This Health Data falls within a special category of Personal Data for the purposes of data protection rules applicable within the EEA.
Each Volunteer is required to expressly and proactively confirm their consent to our collection and processing of their Health Data before such data is provided to us and they are permitted to use the App.
We only use your Health Data to determine whether you are permitted to be a Volunteer and will not use this data for any other purpose without your express prior consent.
11. What about Children?
It is important that the Personal Data we collect and store about you is accurate. Please keep us informed if your Personal Data changes.
Legal entity: Nabo, CVR 41250399
Postal address: Christianshavns Voldgade 13, st tv, 1424, Copenhagen K
Contact Name: Dragos Petria, firstname.lastname@example.org
For further information or if you disagree with the way in which we are handling your personal information, you can contact the Danish Data Protection Agency (email: email@example.com).