Privacy policy for organizations

For use of the Bricks Performance App **

1 INFORMATION ON THE PROCESSING OF PERSONAL DATA** Your data security is important to us, and we therefore attach great importance to your personal data being handled in a responsible manner. Below you can read how Bricks Performance App (hereinafter "the Organization", "we", "us" or "our") processes personal data about you when we act as data controller. You can also read about which rights you have in connection with our processing.

2 OUR ROLE AS DATA CONTROLLER

If you have questions about our processing of your personal data, you can contact the Organization here:

Bricks Performance App ApS

CVR: 41732474

Kastanievej 16, 2791 Dragør, Denmark

Contact Information:

Email: kontakt@bricksperformanceapp.dk

3 WHAT PERSONAL INFORMATION WE COLLECT AND THE PURPOSE

We process personal data about you when you have downloaded the Bricks Performance App (the "App"). Read more about our processing in connection with your use of the App in this privacy policy. You can always view the privacy policy in the App under [insert reference to where the privacy policy can be found].

In the App, we have the option of writing information about you. We also have the option of making this information available to you, but there may also be information about you that is only available to the Organisation. For information that is not available to you, the Organization is the data controller.

It can be ordinary personal data, such as e.g. your attendance, assessments, etc. Sensitive information about your health may also be processed, e.g. if you have an injury, health data as well as your sporting performances which will be written in the App either by yourself or by a third party (e.g. your coach).

Our basis for the processing of general information about you is the maintenance of our legitimate interests in making assessments of your performance, cf. the data protection regulation article 6(1)(f). Processing of sensitive information about you takes place on the basis of your consent to this, cf. data protection regulation article 9(2)(a) and article 6(1)(a). Consent for this will be obtained in the App beforehand.

We store information about you as long as you are registered as a user and we have your consent for us to process the information. When you are no longer registered as a user, we delete or anonymize the information after you log out. If you withdraw your consent, we delete or anonymize the information.

For the information about you that the Organization has made available to you and that you have control over, Bricks Performance App is the data controller. Read more about this in Bricks Performance App's privacy policy here [insert reference to Bricks' privacy policy]. 3.1 Parents who have given consent on behalf of the child If you, as a parent or guardian, have given consent for the Organization to process sensitive personal data about your child in the App, we will process information about your name.

The purpose of us storing the information is so that we can document that a valid consent has been given on your child's behalf. Our legal basis for the processing is our legitimate interests in being able to document a lawful consent, cf. the data protection regulation article 6(1)(f).

We store the information about you as long as the child is registered as a user. We will then delete or anonymize the personal data.

4 WHERE WE GET PERSONAL INFORMATION FROM

We collect your information from the trainer, teacher, dietitian etc. who provide the information about you in the App.

5 SHARING OF YOUR PERSONAL INFORMATION WITH OTHERS

The organization may pass on your personal data to other suppliers and/or service providers in connection with the normal operation of our business.

The organization may also pass on your personal data to a public authority in situations where we are specifically obliged to pass on your personal data pursuant to legislation and notification obligations to which we are subject.

For example, it may be necessary to pass on personal data to the following recipients:

  • Bricks in connection with the information processed in the App

We try to limit the passing on of data in personally identifiable form and thus the passing on of information that can be attributed to you personally.

The organization also entrusts your personal data to data processors. Our data processors only process your personal data for our purposes and on our instructions.

6 STORAGE, DATA INTEGRITY AND SECURITY

When your personal data is no longer necessary, we will ensure that it is deleted in a safe manner.

It is our policy to protect personal data by taking adequate technical and organizational security measures.

We have implemented security measures to ensure ddata protection for all the personal data that we process. We regularly carry out internal follow-ups in relation to the adequacy and compliance of policies and measures.

7 YOUR RIGHTS

As registered, you have a number of rights according to the data protection regulation. If you want to exercise your rights, please contact us.

You can - unconditionally and at any time - withdraw any consent. This can be done by sending us an e-mail (see e-mail above). Withdrawal of your consent will have no negative impact. However, this may mean that we cannot fulfill specific requests from you in the future. Withdrawing your consent will not affect the lawfulness of the processing based on consent before it is withdrawn. Furthermore, it will not affect any processing carried out on another legal basis.

You can also - unconditionally and at any time - object to our processing when it is based on our legitimate interest.

Your rights also include the following:

  • Right to access: You have the right to access the personal data that we process about you.
  • Right to rectification: You have the right to have incorrect personal data about yourself corrected and incomplete personal data completed.
  • Right to erasure (the right to be forgotten): In special cases, you have the right to have personal data about you deleted before the time when we would normally delete your personal data.
  • Right to restriction of processing: In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, we may in future only process the personal data - apart from storage - with your consent, or for the purpose of establishing, asserting or defending legal claims, or to protect a person or important public interests.
  • Right to object: In certain cases, you have the right to object to our processing of your personal data, and always if the processing is for the purpose of direct marketing.
  • Right to data portability: In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transferred from one data controller to another.
  • Right to lodge a complaint: You can lodge a complaint with the Norwegian Data Protection Authority at any time about our processing of personal data. See more at www.datatilsynet.dk, where you can also find further information about your rights as a registered person. 8 UPDATE OF OUR PRIVACY POLICY From time to time it will be necessary for us to update this privacy policy. We regularly review our privacy policy to ensure that it is up-to-date, fair and in accordance with applicable legislation and principles for the processing of personal data. We publish new versions on our website.

This policy has version no. 1 and is valid from 1 April 2023.