PRIVACY POLICY

In effect as of November 1st 2020.

Impact Business Modeling System™ (“IBMS”) is a a meticulous system, incl. a logic methodology and training program, tools and modules and a membership model for both startups, accelerators, incubators, investors and other organizations that like to get their sustainable impact operational, measurable and profitable.

Further more IBMS is a membership system and digital platform which registers, stores and uses digital data and information about the users, incl. personal data.

IBMS is owned by the company Nordic Impact Business, incorporated in Denmark (“NIB”).

NIB is responsible for processing the personal data you provide in connection with your use of IBMS.

NIB will not disclose your information to others without your explicit consent. When you are a registered member and user of IBMS and upload information in the system, NIB might request a variety of information from you, including your name, email address and address.

NIB uses this information to make the services available to you.

NIB also uses the information for administrative purposes and to improve the current version of IBMS and to develop future versions of IBMS.

Finally, NIB may use your data for statistical purposes.

NIB protects your data and privacy by taking all relevant measures in accordance with applicable legislation, especially the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Danish Data Protection Act.

This privacy notice sets out the basis for how we look after your personal data and the privacy rights you are granted by law.
 
Why do we register and use your personal data?

We register your data in order for you to get access to the curricula, training material, workshop modules, business cases and other information, in order for you to use IBMS.
 
When do we register and use your personal data?

We register your personal data when you provide it to NIB in IBMS and use the data to offer you the best services relating to have access to all digital information in IBMS. This means that we register and use personal data when
— you have made or you are considering making an agreement with us in order to make use of IBMS based on article 6(1)(b) of GDPR
— you have granted us consent to use your personal data for a specific purpose based on article 6(1)(a) of GDPR
— it is our legal duty to do so 6(1)(c)
— it is necessary to pursue a legitimate interest of NIB pursuant to article 6(1)(f) of GDPR. For example, this may be to prevent abuse and loss, to strengthen our IT-solution.

We will only do so if our interest clearly outweighs your interest in not having your personal data processed by us.
 
Which personal data do we register and use?

Depending on the services or products used, we register and use different kinds of personal data, including
— basic personal data, e.g. your name, contact information and national ID
— your business information
— information about your education, profession, work or other
— details about the services and products we provide to you, how you use them and your preferences towards them

We may also register other personal data if needed to provide you with specific products or services or we are required by law to do so.
 
Sensitive data

We do not register sensitive data about you unless you yourself have decided to provide such data to us in your business cases or other information material (slides, pitch decks etc.). Sensitive personal data we may register includes
— trade union membership information
— information about your health and your genetic background, e.g. inherited health qualities, and bio-metric data, e.g. facial image
— information about your religious or philosophical beliefs
 
How long do we register and use your personal data?

We keep your data only for as long as it is needed for the purpose for which your data were registered and used. If you have not accessed IBMS for a period of 5 years we may delete your data.
 
Third parties and your personal data

Personal data from third parties
— We sometimes use and register data from public available sources for compliance purposes.
Third parties that we share your personal data with
In some instances, we may share and disclose personal data with ActiveCampaign, Agorapulse, Amazon, Facebook, Freshdesk, Google Adwords, Google Analytics, Instagram, Linkedin, Lumen5, Mailchimp, Mandrill, MixPanel, Twitter, Unbounce, Zapier in order to send information to our users in a coordinated way.

We cooperate in a written agreement with the following partners:
— The One Initiative (Impact X ApS)
on a strategic level or/and on an operational level. Thus, they may in some instances receive personal data in this connection.
 
Profiling and automated decisions

Profiling
Profiling is a form of automated processing of your personal data. We use profiling e.g. to be able to offer you specific services and products that meet your preferences.

Automated decision-making
We do not use automated decision-making in IBMS.
 
Your rights

Insight into your personal data

You can obtain insight into the personal data we registered and use, where it comes from and what we use it for by contacting us, see below “Contact detail and how you complain”.

You can obtain information about for how long we store your data and about who receives data about you.

Your right of access may, however, be restricted by legislation, protection of other persons’ privacy and consideration for our business and practices. Our know-how, business secrets as well as internal assessments and material may also be exempt from the right of insight.

Correction or erasure of your personal data in IBMS

If the data is incorrect, incomplete or irrelevant, you are entitled to have the data corrected or erased. These rights are known as the “right to rectification”, “right to erasure” or “right to be forgotten” and Impact Matcher provides you with the means to rectify or delete your data.

Restriction of use

If you believe that the data we have registered about you is incorrect, or if you object to the use of the data, you may demand that we restrict the use of this data to storage. Use will only be restricted to storage until the correctness of the data can be established, or it can be checked whether our legitimate interests outweigh your interests.

If you are entitled to have the data we have registered about you erased, you may instead request us to restrict the use of these data to storage. If we need to use the data we have registered about you solely to assert a legal claim, you may also demand that other use of these data be restricted to storage. We may, however, be entitled to other use to assert a legal claim or if you have granted your consent to this.

Withdrawal of a consent

You can withdraw a consent you may have given at any given time. For withdrawal of consent please see contact information below. Please note that if you withdraw your consent, we may not be able to offer you specific services or products. If you withdraw consent, this will not affect the legitimacy of our processing of your personal data based on your previously given consent and up until the time of withdrawal. Withdrawal of your consent will only become effective from the time of withdrawal.

Data portability

You have a right to receive the copy of the data you have provided in an electronic machine-readable format.

Contact details and how can you complain

You are always welcome to contact us if you have questions about your privacy rights and how we register and use personal data at: info@impactbusinessmodeling.org.  

If you are dissatisfied with how we register and use your personal data, and your dialogue with us has not led to a satisfactory outcome, you canal so complain to us at: info@impactbusinessmodeling.org.  

You can also lodge a complaint with the Danish Data Protection Agency: Datatilsynet, Borgergade 28, 5., DK-1300 København K, e-mail: dt@datatilsynet.dk.

© Copyright 2020-2022 Nordic Impact Business, Denmark