1. INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA

​

Your data security is important to us, and we therefore take great care to ensure that your personal data is handled responsibly. Below you can read how NorthQ Solutions ApS (hereinafter ”NorthQ”, "we", "us " or "our ") process personal data about you when we act as data controller. You can also read about your rights in relation to our processing.

​

 

2. NORTHQ’S ROLE AS DATA CONTROLLER

In connection with the operation of our business, we process certain personal data. We do this in order to serve you in the best possible way. We mainly collect and process general (non-sensitive) personal data. 

 

If you have any questions regarding our processing of your personal data, please contact NorthQ here:

 

NorthQ Solutions ApS

CVR: 43629816

Tørringvej 7, 2610 Rødovre, Denmark

 

Contact information: dpo@northq.com or by or by regular mail.

​

​

3. WHAT PERSONAL DATA DO WE COLLECT AND WHY

We process personal data about you in a number of different situations. Read more about our processing in the different situations below.

​

3.1 Visitors to NorthQ’s website and users of NorthQ’s online services

When you visit NorthQ’s website (e.g. http://northq.com/, https://connectedhomehub.com/, https://connectedbuildinghub.com) or use our other online services (on, for example LinkedIn or Facebook), NorthQ may process information about your IP address as well as information about your computer, device and browser.

 

We also process information about your visit (e.g. information about how you access our websites, how you navigate around them, which pages you visit, content you view, your searches, advertisements you have seen, etc.). Personal data is collected through cookies, log files and other technologies (you can read more about our use of cookies here (https://www.northq.com/cookie-policy).

 

We also process personal data that you provide to us in connection with your use of the website or our online services, for example. when you use our online contact form, including your name, telephone number, email address, the message, and any other information you provide to us.

 

We use your personal data so that we can make relevant products, supplies, benefits and services ("Services") available to you and to improve your experience of our websites and online services and the Services we offer. We also use personal data to show you content on our and other sites based on your activities and preferences, and to limit the number of times you see the same content.

 

The legal basis for processing is our legitimate interests in making our website (and online services) available to you cf. Article 6(1)(f) of the General Data Protection Regulation) or your consent (Article 6(1)(a) of the General Data Protection Regulation and Section 3 of the Danish Executive Order on Cookies).

 

We store personal data collected in connection with your visit to our website for as long as necessary for the purpose for which the data was collected, usually for 1 year.

​

3.2 You create an account

When you set up an account on one or more of our platforms (Quriosity, ConnectedHomeHUB, ConnectedBuildingHUB (“Platform”)), whether directly via a NorthQ app, the NorthQ home page or via an administrator or other third party, we will process personal data about your email, telephone number, house nickname, activity logs, data generated by the data, data collected by the installed devices (e.g. data on electrical or gas consumption), list of installed devices, push notification devices enabled, geo-location of the house based on the gateway location (IP).

We will process your personal data for the following purposes:

1. Service availability - setting up the Platform account, from which you will have access to the services,

2. Identification of you as a user on the Platform,

3. Service & billing related communication with you,

4. Normal operation of the system, including data received from installed devices,

5. Sending you notifications from the installed devices (e.g. leak detection from water meters),

6. Quality of service and reliability,

7. Identification of your resources and providing budget information to you.

The legal basis for processing your data will be to fulfill the contract concluded with you (Article 6(1)(b) of the General Data Protection Regulation); to comply with a legal obligation (Article 6(1)(c) of the General Data Protection Regulation); or to fulfill our legitimate interest such as making the service available, and to improve our service (Article 6(1)(f) of the General Data Protection Regulation). 

 

It is up to you to decide whether and what personal data you provide us with on the Platform, but remember that when setting up an account on the Platform, providing certain data will be mandatory to provide you the service, because without them you will not be able to login to your secure account, have access to the functionalities of the Platform, manage and control your integrated devices and/or receive notifications from the devices.

 

Your personal data in the Platform will be retained for as long as necessary for providing you access to the Platform. We store personal data about users of our Platform for as long as they have an active account and for up to 5 years after the account has been deleted.

​

3.3 Customers of NorthQ and/or contact persons of customers’ or other third party

When you are a customer of NorthQ, NorthQ processes personal data about your contact info, such as name, email address, phone number, title and other information that you provide to us.

 

We process the personal data for the purpose of fulfilling the agreement with our customers, for the purpose of providing the Services, invoicing, keeping statistics and performing quality management as well as for maintaining our customer records and providing general service, marketing and sales to our customers. The purpose may also be to fulfill your request for support. 

 

The legal basis for processing is the agreement with you cf. Article 6(1)(b) of the General Data Protection Regulation or our legitimate interests in managing your information as a customer with us cf. Article 6(1)(f) of the General Data Protection Regulation.

 

We store personal data about our customers for the fulfillment of the contract of sale, and when necessary for the period defending us against claims that may be directed against us. This will as a main rule be stored for 5 years in accordance with requirements of the Bookkeeping Act.

 

3.4 Marketing recipients

When you receive marketing communications from NorthQ, we process personal data about name, email address and product interest. We also process information about your marketing or communication preferences, your use of the marketing we send to you (including, for example, whether you have opened an email from us, whether the email has been read and which links you have opened), and any other information you provide to us.

 

We process your personal data for the purpose of marketing our company and Services, and for setting up and managing your marketing subscription. We use the personal data about your preferences and usage to understand the way customers receive our marketing messages and to improve our marketing to you and other customers going forward.

 

We will only send you marketing material by email, text messages or other electronic means once we have obtained your consent where this is required under the Danish Marketing Practices Act. 

 

We also use personal data about you to show you content on our and other sites based on your activities and preferences, and to limit the number of times you see the same content, as well as to measure the effectiveness of our content and marketing. For this purpose, we may upload your email address to advertising tools with for instance Google or Facebook for the purpose of sending targeted marketing messages.

 

The legal basis for processing is our legitimate interests in complying with your wish to receive marketing communications from us to which you have consented under the Danish Marketing Practices Act cf. Article 6(1)(f) of the General Data Protection Regulation. 

 

We store personal data about recipients of marketing communications until the consent has been withdrawn. We store documentation of the consent for up to 2 years in accordance with the Danish Consumer Ombudsman’s guidelines and requirements.
 

3.5 Business partners and/or suppliers to NorthQ

When you are a business partner or supplier to NorthQ or are a contact person of a business partner/supplier, we process personal data about your name, company name, work telephone number, email address, title as well as publicly available information and other information you provide to us.

 

We process personal data for the purpose of contract management, receiving goods and services from our suppliers and business partners, and where appropriate to fulfill agreements with our customers.

 

The legal basis for processing is the agreement with you cf. Article 6(1)(b) of the General Data Protection Regulation or our legitimate interests in managing the relationship with you/the company you represent as a business partner/supplier cf. Article 6(1)(f) of the General Data Protection Regulation.

 

We store the personal data about business partners and/or suppliers for up to 10 years from the last communication/collaboration.

​

​

4. DISCLOSURE OF YOUR PERSONAL DATA TO OTHERS

NorthQ may disclose your personal data to other suppliers and/or service providers in the ordinary course of our business (e.g. for data storage or visualization purposes) as well as to our group affiliates.

 

NorthQ may also disclose your personal data to a public authority in situations where we are specifically obliged to disclose your personal data pursuant to legislation and notification obligations to which we are subject.

 

It may for example be necessary to disclose personal data to the following recipients:

 

• You have set up an account on the Platform

Our Platform and Apps are using: Amazon Web Services (AWS), Microsoft PowerBI, Google Analytics.

• You have sent us a request for support

We use Zoho Forms (https://forms.zoho.eu/) and Zoho Desk (https://desk.zoho.eu/) for support to our customers via NorthQ’s website. The information that you provide us while placing the ticket is processed in Zoho Desk by our Support Team. Please see Zoho’s Privacy Policy here: https://www.zoho.com/privacy.html.

• You have sent us a message via our contact form on the website

We use Zoho CRM as the Customer Relationship Management System (Privacy Policy: https://www.zoho.com/privacy.html), so that the information provided via the contact form on www.northq.com is sent to us via Zoho Desk, using Zoho Forms.

• You are our contact person with our suppliers, customers or any other third party

We use Zoho CRM (https://crm.zoho.eu/) as our Customer Relationship Management system and Zoho Inventory as our Inventory system. Please see the Zoho Privacy Policy here: https://www.zoho.com/privacy.html. 

We use e-conomic as our Accounting system. Please see the e-conomic Privacy Policy here: https://www.e-conomic.dk/sikkerhed/privacy.

• You have agreed to receive commercial information

We will share your information with the entities providing on our request with the service of sending commercial information, such as:

1. Zoho (Zoho’s Privacy Policy: https://www.zoho.com/privacy and https://www.zoho.com/gdpr)

2. We may also share your personal data with other entities from the above categories with which we will establish cooperation.

 

We try to limit the disclosure of personally identifiable information and thus the disclosure of information that can be attributed to you personally.

 

NorthQ also discloses your personal data to data processors. Our data processors only process your personal data for our purposes and under our instructions.

​

​

5. TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE EU/EEA

In connection with our processing of your personal data, we may transfer such information to countries outside the EU/EEA (third countries).

 

Your personal data may be transferred to countries where the European Commission has determined that the level of data protection is equivalent to that in the EU/EEA (secure third countries).

 

We may also transfer your personal data to unsecure third countries. The transfer of your personal data to unsecure third countries will be based on the Standard Contractual Clauses (SCC) drawn up by the European Commission, which have been specifically designed to ensure an adequate level of protection. We assess the adequacy of the transfer basis and adopt additional measures if necessary to ensure an adequate level of protection for the transfer.

 

You can read more about the transfer of personal data to countries outside the EU/EEA on the European Commission's website.

 

If you would like further information about our transfer of personal data to countries outside the EU/EEA, please contact us.

​

​

6. STORAGE, DATA INTEGRITY AND SECURITY 

When your personal data is no longer needed, we will ensure that it is deleted in a secure manner. 

 

It is our policy to protect personal data by taking adequate technical and organizational security measures.

 

We have implemented security measures to ensure data protection for all personal data that we process. We conduct regular internal follow-ups on the adequacy of and compliance with policies and measures.

​

​

7. YOUR RIGHTS

As a data subject, you have certain rights under the General Data Protection Regulation. If you want to exercise your rights, please contact us.

 

You may – unconditionally and at any time – withdraw your consent. You can do so by sending us an email (see email address above). Withdrawal of your consent will not have any negative impact. However, this may mean that we cannot meet specific requests from you in the future. Withdrawal of your consent will not affect the lawfulness of the processing based on consent before it is withdrawn. Furthermore, it will not affect any processing carried out on another lawful basis.

 

You can also – unconditionally and at any time – object to our processing when it is based on our legitimate interests. 

 

Your rights also include the following:

 

• Right of access: You have the right to access the personal data we process about you.

• Right to rectification: You have the right to obtain rectification of any inaccurate and incomplete personal data about you.

• Right to erasure (right to be forgotten): In exceptional cases, you have the right to obtain erasure of information about you before the time when we would normally delete your personal data.

• Right to restriction of processing: In certain situations, you have the right to restrict the processing of your personal data. If you have the right to restrict the processing of your personal data, we may only process personal data in the future – apart from storage – with your consent, or for the establishment, exercise or defence of legal claims, or to protect an individual or important public interests.

• Right to object: In certain situations, you have the right to object to our processing of your personal data, and always if the processing is for direct marketing purposes.

• Right to data portability: In certain situations, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have such personal data transferred from one data controller to another.

• Right to lodge a complaint: You can lodge a complaint at any time with the Danish Data Protection Authority about our processing of personal data. See more at www.datatilsynet.dk where you can also find further information on your rights as a data subject.

​

 

8. UPDATES OF OUR PRIVACY POLICY 

From time to time it will be necessary to update this Privacy Policy. We will review our Privacy Policy on a regular basis in order to ensure that it is updated, valid and in accordance with current legislation and the principles for processing of personal data. We will publish new versions of the policy on our website.

 

This policy has version no. 2 and is valid from 16 February 2024.