Privacy Policy

Effective Date: 07.12.2024

RESA ApS (“RESA,” “we,” “our,” or “us”) is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and applicable Danish privacy laws. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our mobile application, website, and related services (collectively, the “Services”).

If you have any questions about this Privacy Policy or your personal data, please contact us at tobias@resaapp.com.

1. Data Controller

RESA ApS is the data controller responsible for the processing of your personal data.

Address: Nørre Allé 37, 2. sal. th 8000 Aarhus C

Email: tobias@resaapp.com

CVR: 41365609

2. What Data We Collect

We collect the following types of personal data:

2.1 Data You Provide to Us

Account Information: Name, email address, phone number, and payment details.

Profile Information: Content, preferences, and fitness data you choose to provide.

2.2 Data We Collect Automatically

Device Information: IP address, device type, browser type, operating system.

Usage Data: Interaction logs, navigation paths, and time spent on the Services.

Cookies and Tracking: We use cookies and similar technologies. Please refer to our Cookie Policy for details.

2.3 Data from Third Parties

• Payment processors may share transaction details with us (excluding full payment card details).

• Social media accounts, if linked, may share basic profile data.

3. Why We Collect Your Data

We process your personal data for the following purposes:

Provision of Services: To create and manage your account, process payments, and deliver content.

Personalization: To tailor recommendations and enhance your user experience.

Legal Compliance: To comply with our legal obligations, including tax and accounting regulations.

Marketing: To send promotional communications (with your consent).

Security: To protect your account and prevent fraudulent activity.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Performance of a Contract: For providing and managing your account and Services.

Consent: For marketing and non-essential cookies (you can withdraw consent at any time).

Legitimate Interests: For improving the Services and ensuring their security.

Legal Obligation: For compliance with applicable laws and regulations.

5. Sharing Your Data

We only share your data with:

Service Providers: For payment processing, analytics, and technical support.

Legal Authorities: If required by law or to protect our rights.

Other Users: Limited to profile information visible to Creators and other users (if applicable).

We do not sell your data to third parties.

6. International Data Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses (SCCs) approved by the European Commission.

Adequacy Decisions for countries with sufficient data protection laws.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

Account Data: Stored until you delete your account.

Transaction Records: Retained for 5 years to comply with Danish accounting laws.

Marketing Preferences: Stored until you withdraw your consent.

When your data is no longer needed, it will be securely deleted or anonymized.

8. Your Rights

Under GDPR, you have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.

Correction: Request corrections to inaccurate or incomplete data.

Erasure: Request deletion of your personal data (subject to legal requirements).

Restriction: Request limited processing of your data under certain conditions.

Data Portability: Receive your data in a structured, machine-readable format.

Objection: Object to data processing for direct marketing or legitimate interests.

Withdraw Consent: Revoke consent for processing where consent is the legal basis.

To exercise your rights, please contact us at privacy@resaapp.com. We will respond within 30 days.

9. Security Measures

We implement industry-standard security measures to protect your data, including encryption, access controls, and regular security audits. However, no system is entirely secure, and we cannot guarantee absolute security.

10. Cookies and Tracking Technologies

We use cookies to enhance your experience. For detailed information about the cookies we use and how you can manage your preferences, please refer to our Cookie Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be communicated via email or through the Services. Your continued use of the Services after changes are made constitutes acceptance of the updated policy.

12. Complaints

If you believe we have violated your privacy rights, you may contact us at privacy@resaapp.com or file a complaint with the Danish Data Protection Agency (Datatilsynet):

Datatilsynet

Borgergade 28, 5., 1300 København K

Phone: +45 33 19 32 00

Email: dt@datatilsynet.dk

If you have any questions or concerns about this Privacy Policy, please contact us at tobias@resaapp.com.