Bodydox'Privacy Policy


Effective date: April 17, 2019

BodySpaces.com ApS is a business registered in Denmark with VAT number DK-39939959. Our address is Skydebanegade 40, 4. Th. 1709 Copenhagen. We operate this website and associated IT tool for bodywork practitioners.

Introduction
Data is collected from anyone visiting our website, anyone who has signed up to a free trial or anyone who has subscribed to our IT tool. We use your data to give you the best possible experience visiting our website and using our IT tool.  By using either, you agree to the collection and use of information in accordance with this policy which informs you of our policies regarding the collection, use, and disclosure of personal data when you visit our website and subscribe to our IT tool. It also lays out the choices you have associated with that data.

Policy Overview
This policy begins with explaining what types of information we collect as either data controller or data processor. Thereafter we lay out what we use the data for. Following we lay out the transfer, storage, disclosure (including our company policy) and security of data. Finally, we go through the following subjects: Service providers, links to other sites, children’s privacy, your rights as a user, what happens when changes are made to this privacy policy and how you can contact us.

Types of Data Collected when we are the Data Controller
Personal Data
Personal data includes information that can be used to identify you as an individual. Examples are: Name, contact details and IP address. In particular, if you sign up to a free trial we will ask you to provide us with certain personal identifiable information that can be used to identify you:

  • Email adress.
  • First and last name.
  • Cookies.
  • Usage.

If you subscribe to our IT tool, we will ask you for your payment information, which is also categorized as personal data.

Usage Data
We collect information about how our website and IT tool is accessed and used. This data may include information such as your computer’s internet protocol address (e.g. IP address), browser type, browser version etc.

Cookies & Tracking Data
We use cookies and similar tracking technologies to track the activity on our website and IT tool.Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from our website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website or IT tool.

Examples of cookies:

  • Session cookies. We use session cookies to operate this website and our IT tool.
  • Preference cookies. We use preference cookies to remember your preferences and various settings.
  • Security cookies. We use security cookies for security purposes.
  • Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our website. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. NB You can opt-out of having made your activity on the service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page.
  • Social media. We use social media buttons to allow you to connect with your social network. For these to work the following social media sites Facebook, Lindkedin, Instagram and Tvitter, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.

Types of Data Collected when we are the Data Processor
Whenever personal data is collected from clients by our free trial users or subscribers we are the data processor. The data controller is our free trial users or subscribers. Personal data collected of clients include name, contact details, birthday, gender, age and journal data. The journal data includes body images and notes taken by the practitioner. Our free trial users or subscribers determine how the Personal Data is to be processed, and they are responsible for:

  • Informing your clients about your privacy policy and how it relates to the law.
  • Compliance with data protection laws in your region/state/country etc. which are applicable to how you handle your client’s data.
  • Informing us if you or your clients object to the way we process data.

Use of Data
We use the data we collect to:

  • Provide and maintain our website and IT tool.
  • Notify you about changes.
  • Provide analysis or valuable information so that we can improve our Website and IT tool.
  • Monitor the usage of our website and IT tool.
  • Detect, prevent and address technical issues.

Transfer of Data
Your information, including personal data, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside Denmark please note that we transfer data, including personal data, to Denmark and process it there. We have signed a legally binding contract with our hosting provider ensuring your data are kept safe. Your consent to this privacy policy followed by you providing information represents your agreement to this transfer.

Service Providers
We may employ third party companies and individuals located in the EU or the US to facilitate, service and analyze the usage of our website or IT tool. Their involvement is always on our behalf.
These third parties are all located in the EU or the US and have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Storage of your Personal Data
The data is kept for the time required by law and we delete them when they are no longer required. The period depends on the nature of the information and the background for storage. It is therefore not possible to specify a general time frame for when information is deleted.

Disclosure of Data
Company Policy
Our company policy is that any information you provide about yourself is yours and any client data collected is theirs. Bodydox will never sell, share or use any data without explicit consent from you or your client.
Legal Requirements
BodySpaces.com ApS may disclose your personal data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation.
  • Protect and defend the rights or property of BodySpaces.com ApS.
  • Prevent or investigate possible wrongdoing in connection with our website or IT tool.
  • Protect the personal safety of users of our website or IT tool or the public.
  • Protect against legal liability.

Security of Data
We have taken technical and organizational measures to prevent your information from being accidentally or illegally deleted, disclosed, lost, impaired, misused or otherwise violated by law. In short, we are HIPAA compliant. We use encryption of data which means that all data transmitted between your device and our servers is unreadable to outsiders. To access your account, you need your personal username and password and must go through our authentication process. We host all data on up-to-date Windows servers that are protected against unauthorized access by a firewall. Our servers are backed up every 24 h.

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100 % secure. While we strive to use commercially validated means to protect your Personal Data, we cannot guarantee its absolute security.

Links to other Sites
Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Children’s Privacy
Our Service does not address anyone under the age of 13 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Your Rights as a User
You have the right to know what Personal Data we are processing about you. Whenever we are the data controller you can contact us and object at any time that information is used. You may also revoke your consent to the processing of your information. If the information processed about you is incorrect, you have the right to have it corrected or deleted. Inquiries can be made to: privacy@bodydox.com.

Changes to this Privacy Policy
We may update our privacy policy, and if you have signed up for a free trial or subscribed to our IT tool we will notify you of any changes. We will let you know via email, prior to the change becoming effective and update the “effective date” at the top of this privacy policy.

You are advised to review this privacy policy periodically for any changes. Changes to this privacy policy are effective when they are posted on this page.

Contact Us
If you have any questions about this privacy policy, please send us an email at privacy@bodydox.com. We will get back to you asap and within 24 hours. If you contact us by email you should not include personal data or sensitive data as the email is not encrypted.