References will be made to the provisions (Articles) of EUROPEAN PARLIAMENT AND COUNCIL REGULATION (EU) 2016/679 of 27 April 2016 on the protection of individuals regarding the processing of personal data.
This Policy applies to all business processes and to all of Moneyflow’s websites, domains, mobile solutions, cloud services and Moneyflow branded websites ("theService"). Service specific supplements can be found in the Terms of Service, Data Processing Agreements or similar resources for that specific service.
The Policy provides information about the data processing performed by Moneyflow, when Moneyflow determines the purpose and the means of the processing (Moneyflow acts as a data controller). The Policy also provides information about the data processing performed by Moneyflow on behalf of our Moneyflow’s customers ("theCustomer") on the basis of their instructions (the client as data controller and Moneyflow as the data processor).
Personal data ("Personal Data") is data that can identify you as a person, such as e-mail address, postal address or telephone number. Moneyflow needs to process Personal Data in order to serve its Customers. Please do not use Moneyflow's Services if you are unable to accept the way we process Personal Data in accordance with this Policy.
Moneyflow processes Personal Data about job seekers, contacts, and other data subjects with our Customers. We also process Personal Data about people who are potential customers and who contact us via the Moneyflow website, through our integrations or through other channels. Our statement relating to this can be found in the section, 'Moneyflow as Data Controller'.
We also process data on behalf of our Customers, where the Customer controls the processing. Our statement relating to this can be found in the section 'Moneyflow as a Data Processor'.
In this Policy, the data subject may also be referred to as ("person"; "persons"; "you").
When Moneyflow determines for what purpose and tools the processing of your Personal Data is carried out, Moneyflow acts as data controller. This includes scenarios where Moneyflow collects Personal Data in the context of being a job seeker, representing a customer or lead. This includes, in connection with our Services, where it is necessary for Moneyflow to process your data, including Personal Data.
In general, to manage our Customer relationships and to fulfill our Customer obligations, Moneyflow needs information about you in your role as a Customer, contact or user of one of our Services. The purposes of processing this Personal Data are:
The legal basis for processing Personal Data for the purposes set out in subparagraphs (a) through (i) above is either (i) that processing is necessary for the purposes of fulfilling a contract to which you are a party (or representative of a party), or for the purpose of implementing measures taken at your request prior to the conclusion of a contract as referred to in Article 6 (1) (b); (ii) from a business perspective, Moneyflow has a legitimate interest in processing your Personal Data in a manner that, in our belief, does not conflict with your privacy and self-protection rights, cf. Article 6 (1)(f); or, (iii) to comply with legal requirements under applicable law. The legal basis for processing your Personal Data for the purposes set out in subparagraph (i) is your consent as referred to in Article 6 (1)(a).
Moneyflow processes Personal Data about potential customers for marketing purposes. In order to deliver targeted and relevant content to potential customers, Moneyflow builds an interest profile based on your activity and choices and actions on Moneyflow's websites, as well as your response to email marketing content. The legal basis for such treatment is primarily your consent, cf. Article 6 (1)(a).
In the sections below you can read about how we create such profiles, how to adjust the profile, and how to revoke your consent, cf. Article 7 (3).
If you are a job seeker, we process Personal Data to evaluate your potential as a Moneyflow employee. The legal basis for such treatment is your consent, cf. Article 6 (1)(a).
Generally, Moneyflow collects Personal Data directly from you or other individuals affiliated with our Customer. These individuals can be a manager or colleague.
In some cases, we may also collect information about you from other sources. These sources may be Moneyflow's affiliates, public sources, or third party social networks. See a list of Moneyflow's suppliers here.
Moneyflow will be able to combine Personal Data about you collected from one source with information obtained from another source. This gives us a more complete picture of you, which also allows us to serve you in a more relevant way, with a higher degree of personalisation.
The type of Personal Data Moneyflow processes about you may be:
As a data controller, Moneyflow does not process any sensitive Personal Data about you other than your CPR number.
Moneyflow may also share your Personal Data with third parties in the following contexts:
Moneyflow may share your Personal Data with our partners, provided this is legitimate from a business perspective and in accordance with applicable data protection laws. For example, in connection with establishing your customer relationship with Moneyflow. In this regard, Moneyflow and our partners may share Personal Data to be able to perform the necessary risk and credit assessment
Moneyflow has a legal responsibility to prevent money laundering and terrorist financing. When required to comply with this legal obligation, Moneyflow may disclose Personal Data to the authorities (such as the police, tax agencies or other authority). This may also happen in cases where the police and other authorities may require the provision of Personal Data from Moneyflow. In these cases, Moneyflow will only disclose the information if there is a court order ordering the disclosure.
The right to opt out of marketing communications by withdrawing its consent, in accordance with Article 7 (3). You have the right to opt-out of receiving marketing communications from Moneyflow and may do so either by:
Please note that even if you opt out of receiving marketing communications, you may still receive administrative notifications from Moneyflow, such as an active invoice sales agreement and notifications required to manage your account.
You have the right to access your Personal Data by requesting an overview of Personal Data about you, and you may have a right to data portability, cf. Articles 15 and 20. You also have the right to request Moneyflow to correct inaccuracies in your Personal Data , cf. Article 16. If you have an account with Moneyflow, this can usually be done at moneyflow.io.
You also have the right to request the deletion of Personal Data and to limit or object to our processing of your Personal Data in accordance with this Policy or other service-specific terms, in accordance with Articles 17, 18 and 21.
Please note that Moneyflow cannot delete Personal Data to the extent that this processing or storage is necessary to comply with legal requirements under applicable law, cf. Article 17 (3)(b).
Please use firstname.lastname@example.org to submit all requests mentioned in this section.
You also have the right to file a complaint with the Danish Data Protection Agency regarding our processing of your Personal Data.
Moneyflow takes the trust you give us very seriously. Moneyflow undertakes to avoid unauthorised access, disclosure or other non-compliant processing of Personal Data. Moneyflow must ensure the confidentiality of the Personal Data we process, maintain the integrity of Personal Data and ensure its accessibility in accordance with applicable Personal Data protection laws.
As part of our obligations, we use reasonable and appropriate organisational, technical and physical procedures and precautions to protect the information we collect and process, taking into account the type of Personal Data and the risks you and our Customers may be exposed to at any time. We believe that building a strong corporate culture, where respect and vigilance about data protection among our employees, is fundamental to ensuring lawful processing and protection of your information. The following precautions are of particular importance in this regard:
Moneyflow will only keep your Personal Data for as long as necessary for the stated purpose, while taking into account our need to respond to queries, resolve issues and to comply with legal requirements under applicable law.
This means that Moneyflow can store your Personal Data for a reasonable period after your and our Customer’s last interaction with us. When the Personal Data we have collected is no longer needed, we will delete it. We can process data for statistical purposes and store the results, but in such cases the data will be pseudonymised or anonymised.
When the purposes of the processing are determined by our Customers, and not by Moneyflow, this makes the Customer the data controller. In such cases, Moneyflow acts as a data processor and processes the data on behalf of and in accordance with instructions given by the Customer. The relationship between the Customer as a data controller and Moneyflow as a data processor must be governed by a data processing agreement, cf. Article 18 (3).
When the Customer acts as a data controller, the Customer must, in accordance with applicable data protection legislation, ensure the legal basis for the processing of Personal Data. The Customer must also assess and establish ownership of the risks to which data subjects are exposed through the processing of their Personal Data. Another important aspect of the Customer's obligations as a data controller is to comply with the information obligation in relation to the data subject.
Thus, when Moneyflow processes Personal Data on behalf of its Customers, we must do so in accordance with applicable data protection legislation for data processors, cf. Article 28.
In short, the Customer and Moneyflow are committed to working together to ensure the privacy of the data subject. Moneyflow provides the Customer with the necessary information so that it can act in accordance with applicable data protection legislation.
Moneyflow uses suppliers to process Personal Data and in this connection can export your or our customers' data to a location outside the EU. These suppliers are typically credit rating agencies or cloud service providers.
By using suppliers, Moneyflow will enter into a data processing agreement (DPA) with suppliers to secure your Personal Data rights and to fulfill our obligations to our Customers. When suppliers are located outside the EU, Moneyflow ensures the legal basis for such international transfers on behalf of you or our customers, including through the use of EU model clauses or by relying on Privacy Shield (US), which is a scheme who consider the US companies covered to have an adequate level of protection.
Moneyflow relies on some strategic external third parties to support our business processes and provide our cloud services. These third parties include, but are not limited to:
Further information on Moneyflow's suppliers is provided here, or in the specific data processing agreement. In any case, you are welcome to request an overview and more detailed information about Moneyflow's suppliers, including documentation of the legal basis for international shipments mentioned above.
If we change our Policy, we will publish the revised statement on our website with an updated revision date. We encourage you to review this regularly. If we make significant changes to this Policy, which significantly changes our privacy practices, we may also notify you in other ways, for example, by sending an email or publishing a notice on our website and / or on social media.
This Policy was updated on 25. March 2020.
We appreciate your opinion. If you have any comments or questions regarding this Policy, questions regarding data protection or data use, or a possible breach of your privacy, please contact email@example.com.
We treat your requests confidentially. It is our goal to ensure that Customers questions and issues are resolved in a timely and appropriate manner.
Moneyflow is approved by Danish FSA