Privacy Policy

 

Who are we

We are the company responsible for the processing of your data in accordance with this policy. Here’s our information:

Beyond Grapes

Am Gaisbügel 20

75180 Pforzheim

Germany

info@beyond-grapes.com

 

Here is the contact details of our data protection officer:

tobias@beyond-grapes.com

+49 176 6360 2720

When we talk about our “website” we mean URL, and the other sites and apps we own and operate. When we refer to “you” we mean you as a user of our website, app or customer of our online services or products.

 

Links to other websites etc.

On our website, in our emails and on our social-media profiles, we may have links to other companies, apps or websites (“other websites”) that aren’t ours. This policy doesn’t cover how those other websites process your data. We encourage you to read the privacy notices on the other websites you visit.

 

Why, what and for long we process your data

We process your personal data for these purposes:

 

Purpose #1: Deliver our service and products

 

We process your data deliver  our services & products, contact you concerning our platform, carry out demos, workshops, and other services that can be ordered through the website. We also process your data to give you access to ensure that you can log into your account, send you notifications, register and identify you as a customer/user, process your payment, enable account and product features, log and save the actions you take when you use our product and website, respond to your questions and provide you with customer service and support, including sending service related messages to you.

Here is the data we process: 

  • Your contact details such as name, email, title and telephone/mobile number

  • The company you work for, incl. their domain, address and country

  • Purchase history

  • Your request, e.g. sign-up and use of our product, when you accepted our terms & conditions, when you signed up, when you requested a demo, when you contacted us for support etc. 

  • If you email us, we will collect the content of your message.

  • Payment information, e.g. your credit or debit card details and billing address. 

  • Login details and verification.

  • What choices you made when you set up your account, when you became a customer, your user role, when you are logging into our product. 

  • Other interactions you have with us and our service, e.g customer support, account and product setup, user interviews, UX research, customer feedback etc. 

  • Information about how you use our product and what services you and your company are subscribing to. 

 

We don’t process any sensitive data. 

 

We process your data on these legal bases:

  • Your consent (GDPR Article 6.1.a)

  • To perform our contract with you (GDPR Article 6.1.b)

  • Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act, the Danish Bookkeeping Act etc. 

  • To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).

  • For the establishment, exercise or defense of legal claims, where necessary (GDPR Article 9.2.f)

 

We will keep these data for as long as they are necessary for the purposes for which they are being processed. As a general rule, data will be kept for as long as you use our product or services or have an account with us plus 5 years following the conclusion of your account / relationship with us. Special circumstances or legal requirements may entail that such periods may be shorter or longer, including for the purpose of complying with legal requirements for the erasure or keeping of data.

 

If you are employed by one of our customers, we will keep your data as long as we have a business relationship with that customer. 

 

We collect your personal data:  

  • Directly from you

  • Online sources, e.g. Linkedin

  • Public authorities

  • Banks, incl. Stripe 

 

 

Purpose #2: Marketing

 

We process your data for marketing-related purposes, incl. sending you newsletters, doing demos and webinars, tailoring our communication with you to accommodate your areas of interests and focus and sending you relevant product and service promotion and offers. 

Here is the data we process: 

  • Your contact details such as name, email, title and telephone/mobile number

  • The company you work for, incl. their domain, address and country

  • Purchase history, interest areas and use of our digital services,

  • What newsletters you signed up for, when you asked to receive email marketing, when you asked to receive a demo, 

  • When you gave consent

  • Which events you have participated in, signed up for etc.  

 

We don’t process any sensitive data. 

 

We process your data on these legal bases:

  • Your consent (GDPR Article 6.1.a)

  • To perform our contract with you (GDPR Article 6.1.b)

  • Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act, the Danish Bookkeeping Act etc. 

  • To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).

  • For the establishment, exercise or defense of legal claims, where necessary (GDPR Article 9.2.f)

 

We will keep these data for as long as they are necessary for the purposes for which they are being processed. As a general rule, data will be kept for as long as you use our product or services or have an account with us plus 5 years following the conclusion of your account / relationship with us. Special circumstances or legal requirements may entail that such periods may be shorter or longer, including for the purpose of complying with legal requirements for the erasure or keeping of data.

If you are employed by one of our customers, we will keep your data as long as we have a business relationship with that customer. 

 

We collect your personal data:  

  • Directly from you

  • Online sources, e.g. social media that are publicly available (Linkedin)

 

Purpose #3: Improve, optimize or modify the experience on our website, online service and apps 

 

We process your data to improve and optimize the experience on our website, the services and in the product etc. We use the data to operate our services, enhance and protect the security and ensure their secure, reliable,and robust performance, to improve the content we show you, determine what content is most helpful and the usability of our website, apps and online services.

Here is the data we process

  • When you visit our website, our servers may automatically log the standard data provided by your web browser. It includes your computer’s Internet Protocol (IP) address, your browser type and version, your user agent, the pages you visit, the time and date of your visit, the time spent on each page, and other details.

  • Cookie information: We use cookies and similar technologies to collect additional website usage data and to operate our services.

  • We receive information when you interact with our services, e.g. when you visit our websites, when you sign into your account, or when you interact with email subscriptions. This includes information such as your IP address, browser type, browser language, operating system, the referring web page, pages visited, location, device information, and cookie information. 

 

We process your data on these legal bases:

  • Your consent (GDPR Article 6.1.a)

  • To perform our contract with you (GDPR Article 6.1.b)

  • Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act and the ePrivacy Directive

  • To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).

  • Article 9.2.f (necessary for the establishment, exercise or defence of legal claims)

 

We keep this data for up to 2 years and cookie information is kept in accordance with the cookie policy.

 

We collect your data:  

  • Directly from you

  • Online sources, e.g. social media that are publicly available (LinkedIn)

  • From the use of the cookies which you were presented with in visiting our website

 

Purpose #4: Business- and product development

 

We process your data to do data analysis, audits, developing new products and services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities.

 

Here is the data we process

  • Your contact details such as name, email, title and telephone/mobile number

  • The company you work for, incl. their domain, address and country

  • How you are using our products and services

  • Purchase history, interest areas and use of our digital services,

 

We process your data on these legal bases:

  • Your consent (GDPR Article 6.1.a)

  • To perform our contract with you (GDPR Article 6.1.b)

  • Comply with our legal obligations (GDPR Article 6.1.c), incl. the Danish Marketing Practices Act etc

  • To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).

 

We collect your data:  

  • Directly from you

  • Online sources, e.g. social media that are publicly available

 

We will retain data processed for this purpose for:

  • For as long as you have an account with us plus up to 3 years from you are no longer using our services.

 

Purpose #5: Statistics 

 

We process your data to compile statistics for the use of our website and apps. 

 

Here is the data we process

  • When you visit our website or apps, our servers may automatically log the standard data provided by your web browser. It includes your computer’s Internet Protocol (IP) address, your browser type and version, your user agent, the pages you visit, the time and date of your visit, the time spent on each page, and other details.

  • Cookie information: We use cookies and similar technologies to collect additional website usage data and to operate our services.

  • We receive information when you interact with our services, e.g. when you visit our websites, when you sign into your account, or when you interact with email subscriptions. This includes information such as your IP address, browser type, browser language, operating system, the referring web page, pages visited, location, device information, and cookie information

 

We process your data on these legal bases:

  • Your consent (GDPR Article 6.1.a)

  • To perform our contract with you (GDPR Article 6.1.b)

  • Comply with our legal obligations (GDPR Article 6.1.c), incl. the ePrivacy Directive

  • To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (GDPR Article 6.1.f).

 

We collect your data:  

  • Directly from you

  • Online sources, e.g. social media that are publicly available (LinkedIn)

  • The use of cookies as described when you visited our website (of course depending on your acceptance of the different cookie categories)

 

We will retain your data up to 3 years from when you visited our website and/or used our services & products.

 

Purpose #6: Comply with obligations

 

Data is processed to comply with legal obligations and requirements, requests from public and governmental authorities, relevant industry standards and our internal policies, and protect our operations and our rights.  

 

Here is the data we process

  • Your contact details such as name, email, title and telephone/mobile number

  • The company you work for, incl. their domain, address and country

  • Information required to comply with public and governmental authorities

  • Purchase history and use of our digital services,

 

The data retention period will be based on statutory requirements.

Additional information

If you would like more information about our legal basis for processing your data, feel free to contact us. Some of the grounds for processing your data overlap, so there may be several reasons which justify us processing your data. We do not sell or rent your data to marketers or third parties. We may use your data in other ways than described here but we’ll inform you about these purposes when we collect your data. Please note that special circumstances or legal requirements may mean that such periods may be shorter or longer, depending on the purpose of complying with legal requirements for the erasure or keeping of information.

 

 

Keeping your data safe

We use reasonable organisational, technical and administrative measures to protect your data within our company. The Internet is not a 100% secure environment and that means we cannot guarantee the security of the data you transmit to us. Emails sent via the Internet might not be encrypted, so we advise you not to include any confidential or sensitive information in your emails to us.

 

Third parties and processors

We use companies (processors) to help us deliver our services to you, e.g. to provide the hosting environment for our product, send out newsletters, to help us run our website, manage our payment etc. 

 

When we use a processor we make sure that there is a legal agreement in place regarding how they will be handling data on our behalf. We’ll also make sure that they have appropriate security measures in place and if they are located outside the EU, we’ll of course make sure that there is a legal agreement in place allowing us to give them access to the data (see more below).

 

We share your data with:

  • Suppliers and vendors that we work with to assist our company (meaning service providers, technical support, supply services, and financial institutions)

  • Group entities

  • Public authorities

 

 

Your rights

You have the following rights:

 

1. Your right of access and rectification - You have the right to ask us for copies of your personal data or ask us to rectify information you think is inaccurate. There are some exemptions, which means you may not always receive all the information we process but as a main rule you can always contact us and ask for your information.

 

2. Your right to erasure - You can ask us to erase your information in certain circumstances.

 

3. You also have the right to have the processing of your data restricted.

 

4. Your right to withdraw your consent: If processing of your data is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent. You may withdraw your consent by [insert].

5. Your right to restriction of processing and object to processing - You have the right to ask us to restrict the processing of your information and a similar right to object to processing.

6. Your right to data portability: You have the right to receive your data in a structured, commonly used and machine-readable format (data portability).

7. Where your data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data about you for such marketing.

 

The law gives us one month to respond to you, but we will try to respond sooner.

There may be conditions or limitations on these rights. It is therefore not certain e.g. you have the right of data portability in a specific case - this depends on the specific circumstances of the processing activity. You are always welcome to contact us and ask. The same goes for some of the other rights.

 

Complaints

You can always lodge a complaint with a data protection authority.

Assistance and additional information

You can take steps to exercise your rights by using the contact details above . If you have questions about the policy, feel free to contact us by using the contact details in this policy.

 

How to unsubscribe to email marketing material?

If you have subscribed to our newsletters or asked to receive marketing material from us, you can always unsubscribe. In all these emails we include an unsubscribe link and you always click the link and easily unsubscribe. You can also unsubscribe by sending us an email to info@beyond-grapes.com

 

Children and Our Services

Our services and website are not directed to children, and you may not use our services if you are under the age of XX. You must also be old enough to consent to the processing of your information in your country.

 

Changes to this policy

Sometimes we need to make changes to this policy to reflect our current practices. We will take reasonable steps to let you know about changes via our website. If you are a registered user, we will notify you via email if significant changes are being made to the policy using the email address you gave us when you signed up. If you continue to use our website or services after the notification, we will regard this as your acceptance of our privacy practices.

 

Last updated and Version The policy was last updated on April 14th, 2021.