INTRODUCTION
Cavea Technologies ApS (“Adlab”, “Capturelab”, ”Company”, “We”, “Our”, or “Us”) respects your privacy and are committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website https://adlab.gg (our “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.
This privacy policy defines the manner in which Cavea Technologies ApS uses personal data of the users visiting our websites, interacting with us and using our services. It also informs the users what rights they have and how they are protected by the law.
It is important for every user to read this privacy policy in order to be able to use the websites and services of Cavea Technologies ApS in an informed manner (including the knowledge on how data are used and why they are used).
If you have any questions or you would like to exercise your right to privacy, you should follow the instructions contained in this privacy policy. The Cavea Technologies ApS team is available to help you.
DATA CONTROLLER
Your personal data are controlled by Cavea Technologies ApS with its registered office in Odense, Kochsgade 31D, Denmark, VAT Number: 7010954779. You can contact Cavea Technologies ApS in the following manner: [email protected]
STATEMENT ON THE COPPA
The website and the services of Cavea Technologies ApS contain information which is not addressed to children (persons below the age of 13). This website as well as services and websites related thereto (including services and websites of partners of Cavea Technologies ApS) are not intended for children, and Cavea Technologies ApS does not knowingly collect data about children.
DATA BEING COLLECTED
Cavea Technologies ApS collects various information about its customers and guests when it is provided to Cavea Technologies ApS or when the users use services of Cavea Technologies ApS or when Cavea Technologies ApS collects such information from another source. Collected data can be assigned to the following categories:
Identification data
First name and surname, platform, user name on that platform and profession (source of generated traffic). In the case of contact through social media - also the user name in these media.
Contact data
First name and surname, user name, email address. In the case of contact through social media - also the name in the relevant media. If you subscribe to the newsletter or agree on receiving promotional information, Contact data refers only to the data provided via the subscription form (obligatory data: name and email address).
Data related to image
Image of a person who has concluded a contract with Cavea Technologies ApS (lease of advertising space).
Financial data
Bank account number.
Technical data
Internet protocol address (IP), browser type and version, settings and location of the time zone, types and versions of browser plug-ins, operating system and platform, other technologies applied in devices employed by the user in order to access this website.
User data
Information about the manner of use of the website or services (tracking of behavior).
Tracking data
Information that is collected about the user by Cavea Technologies ApS or other entities using cookies and similar tracking technologies, such as web beacons, pixels and mobile device identifiers.
Recruitment data
First name and surname, date of birth, contact data (phone number, email address, residence), education, professional qualifications, history of previous employment.
Cavea Technologies ApS collects, shares and uses Aggregated data (statistical or demographic data), which, nonetheless, do not constitute personal data. If these data are merged by Cavea Technologies ApS with data allowing for the user identification, aggregated data are treated by Cavea Technologies ApS as personal data.
Cavea Technologies ApS does not collect sensitive data (data of special category), including data revealing one's racial or ethnic origin, religious beliefs, data concerning sexual life and orientation, political views, information about health and diseases as well as biometric and genetic data.
If the user decides not to share some data with Cavea Technologies ApS, it may result in the inability to perform serviced provided by Cavea Technologies ApS. In the event when the consent is required by the law, it is always voluntary. However, when processing data, Cavea Technologies ApS does not rely only on the user's consent, but also on other bases for data processing.
MANNER OF DATA COLLECTION
Cavea Technologies ApS uses various methods of personal data collection, that is:
Direct interactions
The user provides data directly to Cavea Technologies ApS. The provision is performed upon registration (conclusion of a contract), contact by mail or by phone and contact through social media, or upon performance of the contract (lease of advertising space). In this manner, we collect Identification data, Contact data, Data related to image, Financial data and Recruitment data.
Automated activities
Data are collected automatically during interactions with Cavea Technologies ApS (also through the website) by cookies and analytic tools. In this manner, we collect Technical data, User data and Tracking data. We may also collect Aggregated data. In automated activities, we only use Google Analytics and Clarity.
From third parties
Data are provided by entities which are external in relation to Cavea Technologies ApS (including entities providing tracking services, statistical services, etc. as well as entities providing solutions related to logging-in, e.g. Google Sign-In), if these entities have a legal basis for such provision. This basis usually consists in the user's consent. In this manner, we collect Technical data, User data and Tracking data. We may also obtain Financial data (payments operators) and, upon authentication, Identification data and Contact data (social portals, streaming portals). Necessary personal data may be obtained by Cavea Technologies ApS also through API placed in portals of business partners of Cavea Technologies ApS and entities providing services for Cavea Technologies ApS.
Cavea Technologies ApS's websites uses YouTube API Services. Users using websites and solutions provided by YouTube API Services are bound by and are obligated to comply with the YouTube's Terms of Service (available at https://www.youtube.com/t/terms), and their data are processed in accordance with Google's Privacy Policy (available at https://www.google.com/policies/privacy). Users, in addition to the rights provided for in this policy (section 13), can revoke Cavea Technologies ApS's access to use the data via Google's security settings page (available atsecurity.google.com/settings/security/permissions).
Adlab's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.MANNER OF USE OF DATA
The manner of use of data by Cavea Technologies ApS is contingent upon the purpose for which these data have been provided or obtained:
If we perform a contract which has already been concluded or if we want to conclude a contract.
For example, if the user logs in to lease advertising space.
If it is justified by the interests of Cavea Technologies ApS or by the interests of third parties, and the interests of the user do not override them.
For example, if we have a reasonable suspicion of fraud; if Cavea Technologies ApS wants to inform the user about new services.
If Cavea Technologies ApS must perform a legal obligation imposed on it.
For example, for the purpose of tax settlement.
However, as a rule, Cavea Technologies ApS uses data for the purpose of:
a. performance of services provided by electronic means, and in the case of users with whom a contract has been concluded - also for the purpose of performance of that contract; b. performance of other services; c. handling of inquiries, requests and orders; d. marketing activities (marketing of own products); e. analysis and improvement of the functioning of websites and services provided by Cavea Technologies ApS; f. development, repair or tests of various functionalities; g. recruitment process;
When completing Campaigns, the Adlab will share your personal data with Gigapay Sweden AB (“Gigapay”). Gigapay is a third-party provider that facilitates onboarding and payment of compensation to the Creator. The processing is necessary and will be used by Gigapay to contact the Creator, proceed with the onboarding of the Creator and enable the payment of remuneration for the Influencer Campaigns. The personal data will not be used for targeted marketing purposes unless Gigapay has obtained the Creator’s consent. More information on how Gigapay is processing personal data can be found here"
LEGAL BASIS FOR DATA COLLECTION. RETENTION
Performance of a contract or action prior to its conclusion Article 6(1)(b) of the GDPR. Data are retained for a period that is necessary for the contract to be performed, terminated or otherwise dissolved. (Identification data, Contact data, Data related to image and Financial data)
Direct marketing (general; excluding newsletter): Article 6(1)(f) of the GDPR. Data are stored for the period of existence of a legitimate interest pursued by Cavea Technologies ApS . Contact data
Newsletter Article 6(1)(a) of the GDPR. Data is stored till the consent is withdrawn. (Contact data)
Keeping accounts: Article 6(1)(c) of the GDPR in conjunction with Article 74 paragraph 2 of the Accounting Act. Data are stored for a period required by the legal provisions obliging Cavea Technologies ApS to maintain accounts (five years calculated from the beginning of the year following the financial year concerned by the data). Identification data, (Contact data and Financial data, NIP [Tax No.])
Responding to an inquiry: Article 6(1)(f) of the GDPR. Data are stored for the period of existence of a legitimate interest pursued by Cavea Technologies ApS, however, no longer than for a period necessary to respond to inquiries sent. (Identification data, Contact data)
Determining, pursuing or defending against claims Article 6(1)(f) of the GDPR. Data are stored for the period of existence of a legitimate interest pursued by Cavea Technologies ApS, however, no longer than for the period of limitation of claims in relation to the data subject. The limitation period is defined by the law, in particular, by the provisions of the Civil Code (the basic limitation period for claims related to conducting business activity is three years, and in the case of a sales contract - two years). (Identification data, Contact data and Financial data, NIP [Tax No.])
Ensuring security, data protection and protection against fraud Article 6(1)(f) of the GDPR. Data are stored for the period of existence of a legitimate interest pursued by Cavea Technologies ApS, however, no longer than for the period of limitation of claims in relation to the data subject. The limitation period is defined by the law, in particular, by the provisions of the Civil Code (the basic limitation period for claims related to conducting business activity is three years, and in the case of a sales contract - two years). (Identification data, Contact data, Data related to image and Financial data)
Recruitment process Article 6(1)(b) of the GDPR and art. The Danish Labour Act. Data is stored for a period that is necessary for the recruitment process for a specific job. If a check-box with a consent was selected the legal basis for processing is article 6(1)(a) of the GDPR. In this case data are stored till the consent is withdrawn. Recruitment data
THE RIGHTS OF DATA SUBJECTS
The data subject (the user) has the following rights:
The right of access, rectification, limitation, erasure or portability
The data subject has the right to request the following from Cavea Technologies ApS: access to their personal data, their rectification, erasure (“the right to be forgotten”) or limitation of their processing, the right to object to their processing and the right to data portability. The detailed conditions of exercising the aforementioned rights are indicated in Article 15-21 of the GDPR.
The right to withdraw the consent at any time
The person whose data are processed by Cavea Technologies ApS based on the consent given (pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR) has the right to withdraw the consent at any time without affecting the legitimacy of the processing performed based on the consent prior to its withdrawal. If you did not find a dedicated tool to withdraw the consent please email us on [email protected].
The right to lodge a complaint with the supervisory body
The person whose data are processed by Cavea Technologies ApS has the right to lodge a complaint with the supervisory body in the manner and mode defined in the provisions of the GDPR and the Danish law, in particular, the Act on Personal Data Protection. The President of Personal Data Protection Office is the supervisory body in Denmark.
The right to object
At any time, the data subject has the right to object - for reasons related to their specific situation - to the processing pertaining to their personal data based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest), including profiling based on these provisions. In such an event, Cavea Technologies ApS will no longer be able to process such personal data, unless it proves the existence of important, legitimate grounds for the processing, overriding the interests, rights and freedoms of the data subject, or any grounds for determining, pursuing or defending claims.
The right to object to direct marketing
If personal data are processed for the purpose of direct marketing, the data subject has the right to object, at any time, to the processing pertaining to their personal data for the purposes of such marketing, within the scope in which the processing is related to such direct marketing.
The exercise of rights of the data subject is performed by contacting Cavea Technologies ApS using the contact details indicated in the introduction to the policy.
PROFILING
Cavea Technologies ApS does not perform profiling.
DATA PROVISION
As a rule, data collected by Cavea Technologies ApS are not shared with third parties. However, Cavea Technologies ApS may:
a. share data of persons who have concluded a contract with Cavea Technologies ApS (lease of advertising space) with advertisers at the stage of their deciding about cooperation with Cavea Technologies ApS, as well as information about the implemented campaigns;
b. share data of persons who have used the services of Cavea Technologies ApS with entities supporting Cavea Technologies ApS in the provision of services, such as payment processors or providers of analytic tools (e.g. Google Analytics, Google Workspace);
c. provide data to law enforcement authorities, supervisory bodies, entities performing public tasks or other entities, if the obligation to provide data results from the legal provisions.
The provision of data must always be performed based on the legal provision or the relevant contract (outsourcing of personal data processing).
Data may be shared outside the European Economic Area, whereby Cavea Technologies ApS ensures that adequate security measures are provided. In particular, Cavea Technologies ApS concludes the relevant contracts (standard contractual clauses) in order to secure personal data being transmitted, and provides data to those countries for which the European Commission has issued a decision acknowledging the appropriate level of protection.
SOCIAL MEDIA
The liability for collecting and further processing of personal data of the user at social media portals shall be borne by the entity providing the portal. The owner of such portal shall collect information, including personal data, in relation to the user's visits to the portal (also visits without registration). Cavea Technologies ApS is only the operator of the website or account created as part of the social media portal, and the scope of data collected by Cavea Technologies ApS in this way is limited. In addition, in the case of some social media portals (for instance, Meta/Facebook), the scope of data to which Cavea Technologies ApS may gain access is determined by the settings of the account user.
Social media additionally provide Cavea Technologies ApS with Aggregated Data that are not personal data. All other data obtained by Cavea Technologies ApS come from direct interactions with Cavea Technologies ApS (e.g. replying to threads, posting queries) that we describe in point 5 of this Privacy Policy. Such data are processed in accordance with the relevant legal basis set forth in point 7 of this Privacy Policy.
The user is not obliged to provide Cavea Technologies ApS with personal data, but the entity providing a given portal may condition the operation of a specific portal function on the provision of such data (e.g. sending a private message always involves the provision of user data, that is account name). Within the above-mentioned scope the user has certain rights, as described in point 8 of this Privacy Policy.
At Cavea Technologies ApS websites you can find the so-called social media plugins that direct you to social media portals. Their basic function is to redirect you to the relevant resources of the social media portal (for instance, Cavea Technologies ApS fan page at Facebook/Meta). What is more, such plugins may provide information about visits to the Cavea Technologies ApS website directly to the entity providing a given social media portal. It only happens when the visitor to the Cavea Technologies ApS website is also logged in at the portal.
Last Modified: January, 2024