Version 1.2, May 2021
At Capture One A/S ("we"/"our"/"us" or Capture One), data protection and confidentiality is a high priority.
Contact information of data controller:
Capture One A/S
Company registration no.: 17 88 96 99
1. Collection and use of personal data
We collect information which you provide directly to us, when you create a customer profile on our website, purchase or use our Software and Services, request e-books or other digital resources, participate in contests and promotions, communicate with us via third-party social media sites, request customer support, send us emails, chat messages, or otherwise interact with us. The types of information we may collect about you include your name, country, physical address, email address, phone number, product information (such as license code, serial number, make and model), language preference, social networking screen names or IDs, and any other information you choose to provide.
When you login to your profile, or access or use our Software or Services, we automatically collect information about you, including:
- Log Information: we log information about your use of our Services, including the type of browser you use, access times, pages viewed, your IP address, and the page you visited before navigating to our website.
- Device information: we collect information about the device (including operating system, graphics card, memory size, device ID and lens usage) and Software you use and the Services, Media Access Control (“MAC”) address and other unique device identifiers, device token, mobile network information, geographic location, and time zone.
- Usage information: we collect information relating to your use and consumption of our Software and Services, including what software versions and functionality you use, how often you use (click) buttons and menu items, execution times for specific operations, user experienced stability of the Software and Services, exceptions and generated error/crash reports.
We may also obtain information from other sources and combine that with information we collect through our Software and Services. For example, if you use our Services through a third-party site or platform, e.g. Facebook or LinkedIn, we may access information about you provided to that site or platform, e.g. your user name and profile information. Our use of your information provided to third-party sites or platforms is subject to authorisation procedures adopted by such third-party site or platform.
We may use information about you for various purposes, including to:
- Authorise and activate license purchases;
- Provide, maintain and improve our Software and Services;
- Develop new Software and Services;
- Provide and deliver the Software and Services you request and send you related information;
- Facilitate communications;
- Respond to your comments, questions and requests and provide customer service and support;
- Send you technical notices, updates, security alerts and support and administrative messages;
- Communicate with you about Software, Services, offers, promotions and events offered by us and business partners, and provide news and information we think will be of interest to you;
- Personalize and improve our Services and provide tailored content or features;
- Monitor and analyze trends, usage and activities in connection with our Software and Services;
- Compile your information with information we get from others to help understand your needs and provide you with better Software and Services; and
- Carry out any other purpose for which the information was collected.
2. Sharing of personal data
- In response to a request for information from public authorities or other third parties if we believe disclosure is in accordance with applicable legal requirements;
- In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company; or
- With your consent or at your direction.
We may share aggregated information or otherwise anonymized information, which cannot reasonably be used to identify you.
Our Services may offer social sharing features and other integrated tools (such as the Facebook “Like” button), which let you share actions you take on our Services with other media, and vice versa. The use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of the entities that provide these features.
Third-party analytics technologies are integrated into our Software and Services, so if you do not want to be subject to these technologies, do not use or access our Software or Services. Our Services may also integrate third-party Application Program Interfaces (“API”s), which allow others to collect and process information about you, including your geolocation information, to provide you with tailored content. You have the ability to control the collection and use of your geolocation information at all times.
3. Legal basis for processing personal data
Our legal bases for the processing of your personal data for the above purposes are:
- Fulfilment of contract for the purchase of products or services (the GDPR art. 6 (1) (b)).
- Fulfilment of contract for the provision of services (the GDPR art. 6 (1) (b)).
- Our legal obligations as data controller (the GDPR art. 6 (1) (c)).
- Consent to newsletter send-out and other direct marketing (the GDPR art. 6 (1) (a)).
- Marketing send-outs without consent based on your previous purchase, where we choose to use this option in the Danish Marketing Practices Act section 10 (2) (the GDPR art. 6 (1) (f)). Legitimate interest in being able to compile statistics, conduct surveys, improve and develop our services and products (the GDPR art. 6 (1) (f)).
- Legitimate interest in being able to send out service messages (the GDPR art. 6 (1) (f)).
- Legitimate interest in being able to facilitate communications and respond to your comments questions and requests (the GDPR art. 6 (1) (f)).
- Legitimate interest in being able to send out customer satisfaction surveys (the GDPR art. 6 (1) (f)).
- Legitimate interest in being able to establish, exercise or defence legal claims (the GDPR art. 6 (1) (f) and the GDPR art. 9 (2) (f)).
- Legitimate interest in being able to collect, and administrate your data, also based on your click behaviour in relation to marketing send outs and via cookies on our website (the GDPR art. 6 (1) (f)).
- Legitimate interest in being able to personalize and improve our Services and provide tailored content or features for marketing purposes (the GDPR art. 6 (1) (f)).
4. Use of sub-processors
We use the following sub-suppliers to collect, store, process and display the collected information:
- Telerik Analytics
- Microsoft (Office 365 and Azure)
- Phase One
The sub-suppliers will not review, share, distribute, or reference any collected information. All sub-suppliers have implemented security measures to protect against unauthorized access, loss, use or alteration of the information. Data processing agreement have been entered into with all sub-suppliers.
5. Transfer to third countries
Your personal data will be available to the appropriate Capture One staff and business partners within the EU and around the world when relevant. Your personal data will be accessible to appropriate Capture One staff in the EU, as well as in Australia, Japan, USA, and Israel. If your personal data is transferred to data processors or data controllers located in countries outside the EU/EEA which do not have an adequate level of protection, such transfer will be safeguarded by the Commission’s standard contractual clauses. The required technical and organisational security measures have been ensured when transferring personal data to third countries.
6. Deletion of personal data
We will delete your personal data when we no longer need to process them in relation to one or more of the purposes set out above. Generally, we will store data for no longer than 2 years from your last activity. However, the data may be processed and stored for a longer period in anonymized form in order for us to improve the Software and Services.
We have implemented security measures to ensure that our internal procedures meet our high security policy standards. Accordingly, we strive to protect the quality and integrity of your information.
9. Your rights
You are at any time entitled to receive information of your personal data processed by us, however, with certain regulatory exceptions. You also have the right to object to the collection and further processing of your personal data. Furthermore, you have the right to have your personal data rectified, erased or blocked. Moreover, you have the right to receive information about you that you have provided to us, and the right to have this information transmitted to another data controller (data portability).
10. Withdrawal of consent
You may, at any time, withdraw any consent given, and we will, accordingly, cease processing of your personal data. For the avoidance of doubt, withdrawal of your consent will limit or exclude your access to our Software and Services. If you wish to withdraw your consent, please contact us at email@example.com.
11. Links to other websites
Our website may contain links to other websites or to integrated sites. We are not responsible for the contents of the websites of other companies or for the practices of such companies regarding the collection of personal data. When you visit other websites, you should read the owners' policies on the protection of personal data and other relevant policies.
12. Amendment of data
If you want us to update, amend or delete the personal data that we have recorded about you, wish to get access to the data being processed about you, or if you have any questions concerning the above guidelines, you may contact us at firstname.lastname@example.org. You can update and amend your own personal data by logging into your account and changing your information.
If you wish to appeal against the processing of your personal data, please contact us at email@example.com. You may also contact the Data Protection Agency, Borgergade 28, 5., 1300 Copenhagen K.
14. Additional terms regarding Capture One Live
Capture One Live (COL) is a cloud-based application enabling photographers to share photos with other people via the internet, so that they can access and rate them remotely.
When using COL you will be acting as data controller with respect to any photos that you upload including personal data and/or any other personal information you process as part of your use of COL, whereas Capture One will be acting as data processor in this context. A data processor agreement is therefore entered into between you and Capture One as part of your subscription agreement regarding COL.
When using COL you, as data controller, must make sure that your processing of personal information as part of your use of COL, i.e. in particular the photos that you upload and share with third parties, is lawful, that there is a legal basis for the processing and that the data subjects are informed about their rights, cf. the GDPR.