Sani nudge Privacy Policy

Privacy Policy

The data we process through our services and website

sub processors

The Sani nudge solutions partners and the data that they process.

terms and conditions

This policy sets out the basis, under applicable data protection law on which Sani nudge will processes personal data.

Privacy Policy

This specifies security procedures and practices protecting the information collected by Sani nudge customers.We respect your privacy at Sani nudge ApS (the “Company or “Sani nudge”).We believe that you should know how information about you is used and shared, and we appreciate that you trust that we will do so carefully and sensibly. Sani nudge has implemented and maintains the following security procedures and practices, which protect the nature of the information Sani nudge collects from customers in order to protect customer personal information from unauthorized access, destruction, use, modification or disclosure. By visiting any site or application within the Saninudge.com domain, you are accepting the practices described in this privacy policy (the “Policy”).If you have any questions about this Policy, please feel free to contact us via our website, email: help@saninudge.com, or write to us at:

Sani nudge,

Attn: Privacy Policy

Erik husfeldtsvej 7

2630 Taastrup

Denmark

Certain areas of Saninudge.com (the “Site”), including but not limited to the Sani nudge website, web based application, and Sani nudge’ mobile application (each a “Service”) require registration for access. Registered users receive a Saninudge.comLogin (user ID and password) to access certain sections and features on Saninudge.com and related Services. In the future, Sani nudge may add other features and Services to be accessed through a Saninudge.com Login. Information obtained from registered users of these areas may be used in accordance with the Terms of Use for that service and this Policy. Please also see the Terms of Use for each particular service for the terms and conditions of use, limitations of liability, and disclaimers of warranty and general terms applicable to that Service.What information does the Site capture about registered participants?The Site uses an extended log file format which has the capability to capture: date and time of visit, referring address (location from which a visitor comes to Saninudge.com or related Service), type of Internet browser, and visitor’s IP address and DNS name. Each computer that connects to the Internet is assigned a unique number, an IP address, for identification purposes. The log file does not capture a visitor’s email address, or other personal or financial information.What identifiable information does the Site collect from me?The Site collects information in several ways. Personal information is gathered when you register for our various Services. During badge or login registration, Sani nudge asks for information such as your name, email address, and job description. In addition to registration we may ask you for business information at other times, including (but not limited to) when you edit information on your profile, change your profile or service options, or sign up for a Service; when you make a purchase using the Site; and when you report a problem with our services. If you contact the Company we may keep a record of that correspondence. The Company also occasionally asks users to complete surveys that we use for research purposes. Wherever the Site collects business information we make an effort to include a link to this Privacy Policy on that page.Data integrityWe review our data collection, storage and processing practices to ensure that we only collect, store and process the business information needed to provide or improve our Services. We take reasonable steps to ensure that the business information we process is accurate, complete and current, but we depend on you and our other users to update or correct their business information whenever necessary.How does the Company use the information?Please be aware that our Services involve collecting your compliance information and delivering it to our customers / your employer. We also use the information collected through the website to improve the website and our Services. This information is also used to send you email notifications about updates to the website, system updates, and system notifications. Proprietary and confidential information provided by you will not be shared with any third party. For additional information, see “With whom does the Company share my information?” below.What are cookies and how does Sani nudge use them?As part of offering and providing customizable and personalized services, the company uses cookies to store a session token to identify your login to our servers. A cookie is a small amount of encrypted data that is sent to your browser from a web server and stored on your computer’s hard drive. Logging on and using our application require that you accept cookies. No sensitive or personal information is stored in the cookies stored on your computer.__hs_opt_out
  • This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again.
  • This cookie is set when you give visitors the choice to opt out of cookies.
  • It contains the string “yes” or “no”.
  • It expires in 13 months.
__hs_do_not_track
  • This cookie can be set to prevent the tracking code from sending any information to HubSpot.
  • Setting this cookie is different from opting out of cookies, as it still allows anonymized information to be sent to HubSpot.
  • It contains the string “yes”.
  • It expires in 13 months.
__hs_initial_opt_in
  • This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode.
  • It contains the string “yes” or “no”.
  • It expires in seven days.
hs_ab_test
  • This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before.
  • It contains the id of the A/B test page and the id of the variation that was chosen for the visitor.
  • It expires at the end of the session.
_key
  • When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again.
  • The cookie name is unique for each password-protected page.
  • It contains an encrypted version of the password so future visits to the page will not require the password again.
  • It expires in 14 days.
hs-messages-is-open
  • This cookie is used to determine and save whether the chat widget is open for future visits.
  • It is set in your visitor’s browser when they start a new chat, and resets to re-close the widget after 30 minutes of inactivity.
  • It contains a boolean value of True if present.
  • It expires in 30 minutes.
hs-messages-hide-welcome-message
  • This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed.
  • It contains a boolean value of True or False.
  • It expires in one day.
__hsmem
  • This cookie is set when visitors log in to a HubSpot-hosted site.
  • It contains encrypted data that identifies the membership user when they are currently logged in.
  • It expires in one year.
hs-membership-csrf
  • This cookie is used to ensure that content membership logins cannot be forged.
  • It contains a random string of letters and numbers used to verify that a membership login is authentic.
  • It expires at the end of the session.
hs_langswitcher_choice
  • This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages.
  • It gets set when an end user selects a language from the language switcher and is used as a language preference to redirect them to sites in their chosen language in the future, if they are available.
  • It contains a colon delimited string with the ISO639 language code choice on the left and the top level private domain it applies to on the right. An example will be “EN-US:hubspot.com”.
  • It expires in two years.
__cfduid
  • This cookie is set by HubSpot’s CDN provider, Cloudflare. It helps Cloudflare detect malicious visitors to your website and minimizes blocking legitimate users.
  • It may be placed on your visitors’ devices to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It is necessary for supporting Cloudflare’s security features.
  • Learn more about this cookie from Cloudflare.
  • It is a session cookie that lasts a maximum of 30 days.
__cfruidThis cookie is set by HubSpot’s CDN provider because of their rate limiting policies. Learn more about Cloudflare cookies. It expires at the end of the session.Consent banner cookies__hstc
  • The main cookie for tracking visitors.
  • It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
  • It expires in 13 months.
hubspotutk
  • This cookie keeps track of a visitor’s identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
  • It contains an opaque GUID to represent the current visitor.
  • It expires in 13 months.
__hssc
  • This cookie keeps track of sessions.
  • This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
  • It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
  • It expires in 30 minutes.
__hssrc
  • Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.
  • If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
  • It contains the value “1” when present.
  • It expires at the end of the session.
If you are logged in to HubSpot, HubSpot will set additional authentication cookies. Learn more about cookies set in the HubSpot product. You can also see whether a contact accepted these cookies in their timeline.Chatflow cookiemessagesUtk
  • This cookie is used to recognize visitors who chat with you via the chatflows tool. If the visitor leaves your site before they’re added as a contact, they will have this cookie associated with their browser.
  • If you chat with a visitor who later returns to your site in the same cookied browser, the chatflows tool will load their conversation history. The cookie is controlled by the Consent to collect chat cookies setting in your chatflow.
  • If this setting is disabled, the cookie is controlled by the Consent to process setting in your chatflow.
  • It contains an opaque GUID to represent the current chat user.
  • It expires in 13 months.
Chatflow cookie consent textWith the Consent to collect chat cookies setting enabled, HubSpot will prompt visitors for consent to drop a cookie in their browser when they open a chat on your website. This cookie is used to interact with website visitors and provide a visitor’s chat history. If a visitor does not give consent, they will not be able to start the chat. With this setting disabled, a visitor can start a chat and give consent to process their information via the Consent to process setting.Visitors can also accept or decline cookies on the HubSpot cookie banner if it is enabled on your pages.
  • If a visitor accepts the cookie when they start a chat, but then clicks Decline on the HubSpot cookie banner the cookie will be removed.
  • If a visitor clicks Decline on the HubSpot cookie banner before starting a chat, HubSpot will not drop a cookie or prompt them to consent to cookies in the chat widget.
Ads trackingIf you have the Facebook pixel code installed on your website, Facebook may set a cookie in your visitor’s browser.If you use the HubSpot ads tool to select and install your Facebook pixel on pages with the HubSpot tracking code, HubSpot will link the placing of that pixel code to the cookie notification banner. If you require opt-in consent via this banner, the Facebook pixel will not be able to set any cookies until the visitor has have opted in.If you have manually placed the pixel code on pages (e.g., by editing your site header HTML), HubSpot will not be able to control which visitors Facebook is able to set cookies on.For additional information, refer to Facebook’s business tools terms and Facebook’s cookie consent guide.Cookies from third-party systemsHubSpot cannot control cookies placed by third-party scripts on your website. When a visitor accepts cookies via the HubSpot consent banner, they consent to HubSpot’s cookies only. However, you can put code in place to know when a user has accepted or declined HubSpot cookie tracking, then send that information to your third-party system. Learn more about using HubSpot’s consent banner for third-party scripts.Other informationLearn about removing the cookies created by the HubSpot tracking code that are included in the consent banner under GDPR. When a visitor’s cookies are removed, the visitor will be considered “new” and will see the cookie policy banner the next time they visit your site.Visitors who visited your website before your cookie policy banner was set up will already have the cookies created by the HubSpot tracking code in their browser. They will, therefore, not see the cookie policy banner until their cookies are removed or expired.With whom does the Company share my information?The User’s right to privacy is of paramount importance to Sani nudge. Any personal information provided by the User will not be shared with any third party. Sani nudge reserves the right to use the information to provide the User value-added services and a more personalized online experience. Sani nudge may also disclose your Information in special cases when we have reason to believe that disclosing this Information is necessary to identify, contact, or bring legal action against someone who may be violating Sani nudge’s Terms of Use or may be causing injury to or interference with (either intentionally or unintentionally) Sani nudge’s rights or property, other users, or anyone else that could be harmed by such activities. We may disclose or access account information when we believe in good faith that the law requires it and for administrative and other purposes that we deem necessary to maintain, service, and improve our products and services.What is the Company’s policy on allowing me to update, correct, or delete my personal information?You may edit your profile at any time by contacting help@saninudge.comWhat security precautions are in place to protect the loss, misuse, or alteration of my information?Your Login is password protected. We recommend that you do not divulge your password to anyone. The Company will never ask you for your password in an unsolicited phone call or in an unsolicited email. Also remember to sign out of your account and close your browser window when you have finished your work. This is to ensure that others cannot access your information and correspondence if you share a computer with someone else or are using a computer in a public place like a library or Internet cafe. The Company and Site has users all over the world. When you give the Company your information, that information may be sent electronically to servers outside of the country where you originally entered the information, such as to the United States or other countries. In addition, that information may be used, stored, and processed outside of the country where you entered that information. Whenever the Company handles business information as described above, regardless of where this occurs, the Company takes steps to ensure that your information is treated securely and in accordance with the relevant Terms of Use and this Policy. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your information, the Company cannot ensure or warrant the security of any information you transmit to us or from our registration forms, and online products or services, and you do so at your own risk. Once we receive your transmission, we make our best effort to ensure its security on our systems. We will disclose any breach of security of the system to the party with whom Sani nudge has a contract following discovery or notification of the breach in the security of the data. In California, Sani nudge will notify any resident of California if the resident’s encrypted personal information (name, social security number, driver’s license, identification number, account number, medical information or health insurance information) was or is reasonably believed to have been, acquired by an unauthorized person. Any disclosures will be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement. Notification may be delayed if a law enforcement agency determines that the notification will impede a criminal investigation. The notification will be made after the law enforcement agency determines that it will not compromise the investigation. Notice will be provided by written notice.What about children’s privacy and children’s use of the Service?Saninudge.com is a business website. Persons under 18 years of age are not permitted to use Saninudge.com or the Services.What happens to my information after the Service is no longer used?We will take all reasonable steps to destroy or arrange for the destruction of a customer’s record within its custody or control containing personal information which is no longer to be retained by the business by (1) shredding, (2) erasing, or (3) otherwise modifying the personal information in those records to make it unreadable or undecipherable through any means. If the destruction of information may conflict with existing records retention or contractual inspection and audit obligations, we shall inactivate your profile rendering your information inaccessible to users of the Service; provided that the information will be retained solely for the purpose of complying with such obligations.Policy EnforcementThe Company regularly reviews its compliance with this Policy. Please feel free to direct any questions or concerns regarding this Policy or the Company’s treatment of business information by contacting us through this website, by email at help@saninudge.comWhen we receive formal written complaints at this address, it is the Company’s policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of business data that cannot be resolved between the Company and a user.Changes to this policyPlease note that this Policy may change from time to time to comply with applicable changes in state law, as necessary. The Company reserves the right, in its sole discretion and with reasonable notice posted on the Site and/or sent to your email address provided in the Service, to revise, update, or otherwise modify this Policy. Your continued use of the Service will constitute your acceptance of, and agreement to, such changes. Each version of this Policy will be identified at the top of the page by its effective date.

This website uses cookies. 

This is the Cookie Policy for Sani Nudge APS. Your consent to this policy applies to the following domains: saninudge.com.

What Are Cookies

This site uses cookies,  which are tiny files that are downloaded to your computer, in order to  improve your experience. This page describes what information that the cookies gather, how we at Sani nude use it and why we sometimes need to store these cookies. 

We use cookies, to personalise content and ads, to provide social media features and to analyze our traffic. We also share information about your usage of our site with our social media, advertising, and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. 

How We Use Cookies

We use cookies for a variety of reasons detailed below. Unfortunately in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave all cookies if you are not sure whether you need them or not in case they are used to provide a service that you use.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission.

This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.

To learn more about how we protect your privacy, visit Sani nudge Privacy Policy.

Strictly Necessary Cookies

Essential cookies that help make a website functional by enabling basic needs like page navigation and access to secure areas of the website. 

Name

Provider

Purpose

Expiry

Type

–cfduid

Help.saninudge.com

Used by Cloudflare, to identify clients within trusted web traffic on a specific IP address.

29 days

HTTP Cookie

–cfuid

Help.saninudge.com

Provided by Cloudflare – including load-balancing, delivery of website content and serving DNS connection for website operators.

Session

HTTP Cookie

CookieConsent

Cookiebot

Stores user’s cookie consent state for the current domain

1 year

HTTP Cookie

JSESSIONID

New Relic

Preserves users states across page requests.

Session

HTTP Cookie

Preferences (2)

Preference cookies enable a website to recall information that changes the way that the website behaves or how it looks, your preferred language, or the region that you are in.  

 

Name

Provider

Purpose

Expiry

Type

messagesUtk (x2)

Saninudge.com Hubspot Inc.

Stores a unique ID string for each chat-box session. This allows the website- support to see previous issues and reconnect with the previous supporter.

1 year

HTTP Cookie

 

Statistics (5)

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

 

Name

Provider

Purpose

Expiry

Type

_ga

Google

Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

2 years

HTTP Cookie

_gat

Google

Used by Google Analytics to throttle request rate

1 day

HTTP Cookie

_gid

Google

Registers a unique ID that is used to generate a statistical data on how the visitor used the website.

Session

Pixel Tracker

collect

Google

Used to send data to Google Analytics about the visitor’s decive and behavior. Tracks the visitor across devices and marketing channels.

Session

Pixel Tracker

jserrors/1/f9d051f404

New Relic

Registers the website’s speed and performance. This function can be used in context with statistics and load-balancing.

Session

Pixel Tracker

 

 



Marketing (15)

Marketing cookies are third party cookies used for advertising purposes and tracking.

Name

Provider

Purpose

Expiry

Type

_ _ hmpl

Hubspot

Collects information on user preferences and/or interaction with web-campaign-platform used by website owners for promoting events or products.

Persistent

HTML Local Storage

_ _ptq.gif

Hubspot

Sends data to the marketing platform Hubspot about visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.

Session

Pixel Tracker

Embed/v3/counters.gif

Hubspot

Collects information on user preferences and/or interaction with web-campaign-content. This is used on CRM-campaign-platform used by website owners for promoting events or products.

Session

Pixel Tracker

GPS

YouTube

Registers a unique ID on mobile devices to enable tracking based on geographic GPS location.

1 day

HTTP Cookie

HUBLYTICS_EVENTS_53

Hubspot

Collects data on visitor behavior from multiple websites, in order to present more relevant advertisement – This also allows the website to limit the number of times that they are shown the same advertisement.

Persistent

HTML Local Storage

IDE

Google

Used by Google DoubleClick to register and report the website user’s action after viewing or clicking one of the advertiser’s adds with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

1 year

HTTP Cookie

Test_cookie

Google

Used to check if the user’s browsers support cookies.

1 day

HTTP Cookie

VISITOR_INFO1_LIVE

YouTube

Trys to estimate the users’ bandwidth on pages with integrated YouTube videos.

179 days

HTTP Cookie

YSC

YouTube

Registers a unique ID to keep statistics of what videos from YouTube the user has seen.

Session

HTTP Cookie

yt-remote-cast-installed

YouTube

Stores the users’ video player preferences using embedded YouTube videos.

Session

HTML Local Storage

yt-remote-connected-devices

YouTube

Stores the users’ video player preferences using embedded YouTube video.

Persistent

HTML Local Storage

yt-remote-device.id

YouTube

Stores the users’ video player preferences using embedded YouTube video.

Persistent

HTML Local Storage

yt-remote.fast-check-period

YouTube

Stores the users’ video player preferences using embedded YouTube video.

Session

HTML Local Storage

yt-remote-session-app

YouTube

Stores the users’ video player preferences using embedded YouTube video.

Session

HTML Local Storage

yt-remote-session-name

YouTube

Stores the users’ video player preferences using embedded YouTube video.

Session

HTML Local Storage

Unclassified (1)

Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.

Name

Provider

Purpose

Expiry

Type

events/1/#

New Relic

Unclassified

Session

Pixel Tracker

Sub Processors



Solutions Partners

Data they process

Where

Grinn

Grinn develops electric printed circuit boards (PCB) and the firmware of these. They are currently working on/maintaining the Sani ID (firmware) and Sani sensor (hardware & firmware).

Poland

Vimanet

Vimanet is the Sani nudge software developer planning projects through Visual Studio Team Services. 

Poland

Sani virtual machine

Found on Microsoft Azure which is used for tests and prototypes

 

Nordic Semiconductor

The Sani nudge system utilizes Bluetooth beacon as the main source of identification from centered around a nRF bluetooth chip from Nordic Semiconductors.

Norway

 

In addition to the above, the Customer authorises Sani nudge to disclose Personal Data to any Sani nudge Affiliates where this is necessary for the provision of the Services, including Sani nudge Affiliates based outside the EEA. Sani nudge shall not disclose Personal Data to Sani nudge Affiliates unless such Sani nudge Affiliates are bound by equivalent contractual terms as those set out in the Data Processing Agreement and (in the case of Sani nudge Affiliates based outside the EEA) Sani nudge has put in place appropriate safeguards to protect such Personal Data. 



Sub-processor

Data they process

Where

Where the data is stored

Microsoft Azure

Stores all Sani nudge pseudonymization  sensitive data recommended by the General Data Protection Regulation (GDPR) and hosts the functions for processing both raw data and Aggregated Hand Hygiene Level Data.

Ireland

Cloud Based Data Center

Evernet

Process raw data from the Sani nudge Gateway.

Italy, England, The Netherland

Germany

TDC IoT

Transmit data to Evernet from the Sani nudge Gateway. 

Denmark

Denmark

G-Suite Admin

Stores Sani nudge relationship data.

The Netherlands

The Netherland

Vimanet

Stores customer data but not proprietary information.

Poland

Poland





Terms and Conditions

Sani nudge ApS of Erik husfeldtsvej 7 2630 Taastrup Denmark and its group companies as detailed further below (collectively, “Sani nudge” / “we” / “our” / “us”) are committed to protecting and respecting your privacy.

This policy sets out the basis, under applicable data protection law (including the General Data Protection Regulation (EU 2016/679), on which we will process any personal data we collect from you, or that you or your employer provides to us through your use of the Sani nudge online software platform and the accompanying software App (together the “Platform”). 

OUR PROCESSING OF PERSONAL DATA

In the normal course of our business we collect and process data in respect to:

  • People performing hand hygiene while wearing a Sani ID. These individuals are typically nurses, doctors, chiropractors or consultants who have been granted access to our Platform by their employer (where their employer is an existing client) and who are invited to engage with the Sani nudge system (“Survey Recipients”);
  • administrative users of Sani nudge applications both though smart phone applications and browsers who are acting on behalf of their relevant employer (where their employer is an existing client) (“Client Users”); and
  • trial users or potential new users of the Platform, including those who we have identified as possible future clients and to whom we are marketing or promoting the Platform and our services (“Marketing Contacts”).

When we refer to “personal data” in this policy, we mean that any information relating to you, from, or in relation to which you may be identified (directly or indirectly).  This might include, for instance, contact details, your biographical details, online identifiers, and factors specific to your physical, mental, economic, cultural or social identity.  Your personal data may also include any comments or opinions made by you or about you.

Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting a saninudge.com domain including but not limited to saninudge.com, Sani analytics, Sani help, Sani academy, or using the Sani nudge smart phone application or platform, you are accepting and consenting to the activities and data usage as described in this policy.

When referred to the “Platform” it means any part of the Sani nudge system including: 

  • The sensors of the system including the wall or dispenser mounted, the wearable sensor or other sensors connected to the system.
  • The Sani nudge applications which are located on a saninudge.com domain or provided as smartphone or tablet applications

 

OUR STATUS AND RESPONSIBILITIES

In the case of Survey Recipients and Client Users, Sani nudge ApS and/or one its subsidiary companies has entered into an agreement with your employer to grant you access to the Platform and / or to engagement surveys completed on or via the Platform (the “Employer Agreement”), and your employer is the data controller of your personal data. We will process your personal data on behalf of your employer and in accordance with its lawful instructions. The information you provide to us and/or upload to the Platform (whether or not it constitutes personal data) will also be governed by the Employer Agreement.

In the case of Marketing Contacts, we are the data controller in respect of your personal data.

We are also the data controller in respect of contact information for each client contact which we hold for account and contract management purposes, including for contract queries and billing purposes.

References in this policy to “your employer” shall refer to the entity who has entered into the Employer Agreement with us, whether or not as a matter of law you are an employee, consultant or contractor of that entity, and such references are not intended to characterize or prejudice your status vis-à-vis that entity.

INFORMATION WE COLLECT ABOUT YOU  

For Survey Recipients and Client Users: we will collect and process the following data about you as follows.

  • Information you give us. You may give us information about you:
    • when using the Platform’s functions, including filling in forms or completing surveys on or via the Platform. The extent of the information collected in engagement surveys is set by your employer. This information may include your name, company email address, company telephone number, job title, level of seniority, department, primary work location, as well as your compliance data or otherwise using the Platform;
    • if you contact or correspond with us (for example, using any support function made available by us) and we may keep a record of that correspondence (either directly or through our service providers), and
    • when you are wearing a Sani ID in a ward with Sani nudge sensors installed.

Information your employer gives us. Your employer may give us information about you:

    • when creating a user profile for you in order to enable you to access the Platform under the Employer Agreement (whether on a trial or full basis) or to enable us to add you to the platform and similar communications to you. This information may include your name, company email address, company telephone number, job title, level of seniority, department and primary work location;
    • otherwise in the course of your employer’s use of the Platform.
  • Information we receive from other sources. We work closely with third parties (including for example, business partners, other companies within our group, subcontractors and analytics providers) and may receive information about you from them.  Details of third-party providers are set out in the section below entitled “Disclosure of Your Information”.

DATA COLLECTED ABOUT YOU WHILE YOU ARE WEARING THE SANI ID IS ANONYMIZED. THIS IS DONE TO PROTECT YOUR PRIVACY AND IS ENSURED BY NEVER SHARING YOUR NAME, COMPANY EMAIL ADDRESS OR COMPANY TELEPHONE NUMBER IN RELATION TO THE SANI ID WITH ANYONE.

In the case your employer has purchased the service of “Individual Motivation” you are granted the access to view your own hand hygiene compliance data. This is done by connecting your personal information with the data collected by the system. 

Data we collect about your hand hygiene compliance consist of the following but is not related to your personal information until you activate the “Individual Motivation” service. Until then the data is only related to the Sani ID you are wearing while you are in a work area with the Sani nudge system installed. 

A Sani ID in tandem with existing Sani sensors and the implementation of a localized Sani Gateway, is capable of tracking raw user data including accelerometer data, which is used for putting the device to sleep, when it is not in use. Bluetooth data is also collected and tracked, which is activated when a Sani sensor scans a beacon in order to correlate the interaction with the unique ID from the beacon transmitted to the database. Movement data indicates if someone wearing an ID has been active or inactive after 20 seconds.

For Marketing Contacts, we will collect and process personal data which you provide us when you complete an enquiry via a website or register for a trial or otherwise contact us to request information about our products and services.  We will typically obtain contact information such as your name, employer, work email address and work telephone number.  We may also receive further personal data about you which is publicly available, such as your seniority, years of experience and employment history and similar work-related background, from third party service providers who provide contact enrichment and lead generation services to us.  We shall also store and process data relating to your communications with us and your responses to our marketing emails and attendance at our events.

HOW WE USE YOUR PERSONAL DATA AND OUR LEGAL BASIS FOR DOING SO

Please note that we are permitted to collect, use, disclose and/or otherwise process any information other than personal data, including data sets you upload to the Platform or otherwise provide to us, to the fullest extent permitted by the Employer Agreement.

Where we have collected, received or generated personal data from or about you, we may use this for the purposes, and on the legal bases, as set out below.

For Survey Recipients and Client Users

  • Information you give to us. We will use this information to:
    • if you are a Client User, process your application to become a registered user of the Platform and verify your eligibility to use the Platform;
    • carry out our obligations arising from the Employer Agreement. This includes providing your employer with reports on hand hygiene compliance in an anonymized aggregated format. The data will always be aggregated with data from no less than five people and data collected during an entire day. 
    • provide you with information, products and services you request from us. We will not contact you for promotional or marketing purposes, such as to inform you of new products or services that we offer, unless you specifically consent to this at the time you provide your details to us or you expressly request (or provide explicit consent for) us to do so at a later date;
    • contact you for your feedback on our services and to help us evaluate and improve our services, for example by acting on any information you have provided to us;
    • notify you about changes to the Platform and any other services of ours that you use, including informing you about new versions of the Platform and about new features, functionality and service offerings; o
    • deal with any enquiries, correspondence, concerns or complaints you have raised, or that have been raised by or concerning third parties (such as your employer) involving you and any issues caused by your use of the Platform.
  • Information we collect about you. We will use this information:
    • to administer and improve the Platform and other services, including ensuring that content is presented in the most effective manner for you and for your computer;
    • to report to your employer relating to the use of the Platform, as may be required under the Employer Agreement;
    • for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
    • to allow you to participate in interactive features of the Platform, when you choose to do so;
    • as part of our efforts to keep the Platform safe and secure; or
    • to compile reports (which do not personally identify you) of usage of the Platform.
    • To provide you with information about your use of the system
  • Information we receive from other sources. We may combine information from other sources with the information you give to us in an aggregated manner or we collect about you and use this information as specified above.

In relation to the above uses, we shall process your personal data on the legal basis that it is necessary for the purposes of our legitimate interests or of your employer’s legitimate interests, including: to enable us to perform our contractual obligations under the Employer Agreement, to improve or optimize our services, to maintain the security of our computer systems, to understand how the Platform is use and to improve the user experience of the Platform, to protect and defend our legal rights, for troubleshooting, and for data analysis, testing and research purposes.  Please note:

  • We will not reveal your identity to your employer other than in exceptional circumstances, as explained further below in the section entitled “Disclosure of Your Information”.
  • Data collected from you and other employees or personnel may be used by us in an aggregated and anonymized form for statistical and benchmarking purposes including enabling comparisons to other organizations within the same industry.

For Marketing Contacts, we will collect and use data to contact you about our news, updates, events, developments, products and services from time to time and for the purposes of entering into discussions with you in connection with your purchase of licenses from us to use or have access to the Platform.  This data is processed by us on the basis that it is necessary for the purposes of our legitimate interests, namely undertaking targeted marketing and business development activities in connection with our business.

DISCLOSURE OF YOUR INFORMATION

We may share your personal data with other companies in our group, where necessary or desirable to do so in the course of the provision of services to you or your employer or in the course of undertaking marketing activities.

We may also share your personal data with selected third parties in accordance with this policy, including:

  • service providers, for example of IT services, business partners, suppliers and/or sub-contractors, for the performance of any contract that we enter into with your employer (such as the Employer Agreement) or in the course of undertaking marketing activities, including the following:
    • Microsoft Azure and Everynet; who provide cloud hosted infrastructure and services used by us to operate the Platform as a hosted solution;
    • Google LLC, , Nexmo, Inc and Gainsight, Inc, and Skilljar, Inc; who provide product tools and functionality used by us in delivery of the Platform and associated services; and
    • HubSpot, New Relic, Cookiebot, Youtube, Help.Saninudge.com, and Marketo, who provide marketing and CRM management and optimize delivery and targeting services.
  • analytics and search engine providers that assist us in the improvement and optimization of our marketing activities and the analysis of data supplied via the Platform for contact enrichment and lead generation purposes, including Google Analytics, LinkedIn and Facebook; and
  • government or other law enforcement agencies, in connection with the investigation of unlawful activities or for other legal reasons (this may include your location information).

We require all our third-party service providers and all other companies within our group to take appropriate and stringent security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.

We may also disclose your personal data to other third parties in the following circumstances:

  • if we sell or buy any business assets or receive investment into our business, we may disclose your personal data to the prospective or actual buyer, seller or investee of such business or assets;
  • if Sani nudge ApS or substantially all of its assets are acquired by a third party, in which case personal data held by us, including your data and data about our customers, suppliers and correspondents will be one of the transferred assets;
  • we may disclose your personal data to our legal advisers if they need to have access to this information in order to advise us on our legal rights and obligations; and
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use or other contracts between us and you or your employer; or to protect the rights, property or safety of us, our customers or others.

If you are wearing a Sani ID, please note that:

  • data collected while you are wearing a Sani ID “Wearable” are collated and conveyed to your employer in an aggregated or otherwise anonymized form.  As such, your anonymity as a Survey Recipient is protected by default. Please also note that we merely report compliance and location data and do not undertake any investigation or assessment into their veracity or legality; 
  • from time to time we may receive a request from your employer to disclose your identity or we may consider it appropriate to disclosure your identity in the absence of such a request.  We will consider this in accordance with our internal policy on revealing anonymity.  Your identity will in general only be disclosed to your employer where it is necessary to do so for reasons of substantial public interest.  This is only likely to occur in exceptional circumstances.  For example, we may consider (based on your or others’ comments) that you or another person identified is experiencing or at risk of physical, mental or emotional harm (including self-harm) and requires support, and that there is a need to protect the well-being of you or another person, and furthermore that we cannot reasonably obtain your consent (for instance if you are away from your workplace and therefore not contactable for a period of time) or where seeking your consent would prejudice the purpose of the disclosure.  By way of further example, we may consider (based on your or others’ comments) that disclosure of your identity to your employer is necessary to prevent or detect an unlawful act (such as fraud or other criminal act), and that we cannot request your consent since this would prejudice the purpose of the disclosure.

Except as explained above, we will not disclose your personal data to any third parties for any other purpose unless we have a legal right or obligation to do so.

INTERNATIONAL DATA TRANSFERS

A number of our service providers are based outside the European Economic Area (“EEA”), predominantly in the United States.  We may transfer your personal data to those services providers in the United States or other countries outside the EEA in order to provide our services via the Platform or (in respect of Marketing Contacts) in order to undertake marketing activities. Data collected about your location or hand hygiene compliance is not managed by services outside EEA. 

We have put in place appropriate measures to ensure that your personal data are treated by those third parties in a way that is consistent with and which respects the EU laws on data protection, including verifying that the recipient is certified under the EU-US Privacy Shield, or in putting in place written contractual agreements to meet EU-approved data protection obligations.  If you require further information about these protective measures, please contact us at help@saninudge.com.

SECURITY OF INFORMATION

You will not ordinarily require a username or password to gain access to or complete a survey or otherwise provide us with information via the Platform. Where we have given you a username, password and/or security information which enables you to access particular features of the Platform (for example, as an administrator or senior manager of your employer), you are responsible for keeping these access credentials confidential. You must not share these details with anyone or store them in a way that may allow a third party to access them. Please see the Terms of Use for more details on not sharing your access credential with third parties and how doing so may affect your ability to use the Platform:  https://saninudge.com/term-of-use/

We maintain appropriate technical and organizational measures to ensure that an appropriate level of security in respect of all personal data we process. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Platform and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features which are appropriate to the type of personal data you have provided to try to prevent unauthorized access or inadvertent disclosure, which may include two factor authentication and end-to-end encryption.

YOUR CONSENT

Where consent is required for our use of your personal data, by ticking the appropriate consent box or otherwise communicating your consent to us (whether by phone, email or other means), you consent to our use of that personal data as set out in this policy. If you disclose someone else’s personal data to us, you confirm that you have their consent to disclose this to us and for us to use and disclose it in accordance with this policy.

RETAINING YOUR INFORMATION

We will not store your personal data for longer than is reasonably necessary to use it in accordance with this policy or with our legal rights and obligations. For the avoidance of doubt, aggregated and anonymized data and any information other than personal data can be stored indefinitely.

Specifically:

  • For Survey Recipients and Client Users: we will retain your personal data for a period of 5 years or until six months after our relationship with your employer has ended (whichever is sooner). After this period, your personal data will be anonymized or deleted.
  • For Marketing Contacts: we will retain your personal data for a period for so long as necessary to continue to provide you with updates or other marketing emails or other communications in circumstances in which you have consented (where necessary) or else not unsubscribed to receiving such communications and in which we have a continued legitimate interest in undertaking that marketing.

YOUR RIGHTS  

You have the following rights in regard to your personal information:

  • Access. You have the right to access information about the personal data we hold about you. We reserve the right to charge a reasonable fee in response to unreasonable or repetitive requests, or requests for further copies of the same information.
  • Right to object to processing.  You have the right to object to processing of your personal data where that processing is being undertaken by us on the basis of our (or a third party’s) legitimate interest.  In such a case we are required to cease processing your data unless we can demonstrate compelling grounds which override your objection.  You also have the right to object at any time to the processing by us of your personal data for direct marketing purposes.
  • Rectification. You have the right to request that we rectify any inaccurate personal data that we hold about you.
  • Erasure. You have the right to request that we erase any personal data that we hold about you, based on one of a number of grounds, including the withdrawal of your consent (where our processing of that data is undertaken on the basis of your consent), or if your object to our continued processing (as mentioned above).  This right does not extend to information which is not personal data. Please also note that it is likely to be necessary for us to retain your personal data for the purposes of assessing and verifying data that is submitted and/or held on the Platform, and your rights under applicable law to request erasure may be limited accordingly. We also reserve the right to retain your personal data in an anonymized form for statistical and benchmarking purposes.
  • Request to restriction of processing. This enables you to ask us to restrict the processing of your personal data in certain circumstances, for example if you want us to establish its accuracy or the reason for processing it.
  • Portability. You have the right to obtain copies of your personal data to enable you to reuse your personal data across different services and with different companies. You may also request that your personal data is transmitted directly to another organization where this is technically feasible using our data processing systems.
  • Change of preferences. You can change your data processing preferences at any time. For example, if you have given your consent to direct marketing, but have changed your mind, you have the ability to opt out of receiving marketing communications by emailing us at help@saninudge.com or clicking the relevant link in any communication you receive.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Please note that if you exercise any of the above rights to require us to restrict or cease processing or to delete personal data, and this type of processing is required in order to facilitate your use of the Platform, you will no longer be able to use the Platform following the date on which we action your request.  This does not include your right to object to direct marketing which can be exercised at any time without restriction. Please allow at least 5 working days for your request to be actioned.

Save as set out above, your rights detailed above can be exercised free of charge in accordance with applicable data protection laws. Please contact your employer directly if you would like to exercise any of these rights (other than a change to your marketing preferences, which should be notified directly to us as described above).

If for any reason you are not happy with the way that we have handled your personal data, you also have the right to make a complaint to the relevant supervisory authority in your country.  In the UK, the relevant authority is the Information Commissioner’s Office.

COOKIES  

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy at https://saninudge.com/cookie-policy.

CHANGES TO OUR PRIVACY POLICY  

Any changes we may make to our privacy policy will be posted on this page and where appropriate may be notified to you by e-mail or advised to you on next log in to the Platform. Continued use of the Platform will signify that you agree to any such changes.

HOW TO CONTACT US

We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this Privacy Policy. You can contact our DPO by emailing help@saninudge.com 

We are committed to resolving any privacy concerns you have. However, if you feel we have not addressed your specific concern, you have the right to make a complaint at any time to the relevant supervisory authority in your country responsible for data protection issues.