Dansk

BYGUEST

PRIVACY POLICY

BmyGuest ApS

This Privacy Policy explains how BmyGuest ApS ("We", "Us") processes your personal information.

1. DATA CONTROLLER

The entity responsible for the processing of your personal information is:

BmyGuest ApS
Ordrup Jagtvej 111,
2920 Charlottenlund, Denmark

VAT number: 41415657

[email protected]

+4570605301

BmyGuest is a visitor registration application/service where private and public companies can register and manage their external visitors and guests, and employees and hosts. BmyGuest is a software web application/service and is delivered as a SaaS application (Software as a Service application). BmyGuest also has a native app to be downloaded on App Store and Google Play Store. In order to use BmyGuest, regardless of the role, e.g. as a System Administrator, Receptionist, Host or Visitor, a personal BmyGuest user account is required. More information can be found at the BmyGuest website (www.bmyguest.eu).

2. DESCRIPTION OF THE PROCESSING

User account creation/managing

Categories of personal data

The following types of personal data is collected about you, when you are invited to a meeting, regardless of whether you have a confirmed user account in BmyGuest:

  • Name, email address, telephone number
  • System ID number
  • Company name
  • Photo
  • Creation and confirmation date
  • Host name and the company hosting the meeting
  • Information about the meeting, such as subject, meeting room, meeting owner and other attendees

When you confirm your BmyGuest user account, we may further collect information about:

  • Workplace and job title
  • Photo and LinkedIn URL
  • Account password

When you are created as a host for your company, the following personal data may be processed about you:

  • Name, email address, telephone number
  • System ID number
  • Photo, LinkedIn URL

When you confirm and complete your BmyGuest user account, we process personal data in order for you to login to your user account, see your check-in and visitor history, and to share your personal data with other meeting attendees.

  • Password
  • Workplace and job title
  • Company ID and name
  • Primary location
  • Physical office, including primary location
  • Creation date and confirmation date
  • Information about meetings, such as subject, meeting owner, meeting room and other attendees

Personal data is used in order to create a user account for you in BmyGuest. Once your account is created, we will use personal data to contact you concerning e.g. your account, profile, and meetings, or meeting invitations.

When you are invited to a meeting without having a BmyGuest user account, we will process personal data about you in order to facilitate the meeting between you and the company you are visiting. And we will process personal data about you in relation to you receiving a URL link in an e-mail or text message enabling you to pre-fill you contact details before you visit the company using BmyGuest.

If you are working for a company using BmyGuest, a user account is created for you in order for you to invite guests to your meetings. In relation to this, personal data is processed about you.

Source of the personal data

We collect your personal data from the following source(s):

  • Directly from you
  • An employer or colleague
  • A company you are invited to visit
  • Online sources, e.g. social media that are publicly available or where you have connected BmyGuest with your LinkedIn profile

Legal basis for the processing

We process your personal data on the following legal bases:

  • Article 6.1.f (necessary for the pursuit of legitimate purposes of us), where our legitimate interest is to facilitate, ease and document meetings.

Recipients

We share your personal data with:

  • Your employer or colleague
  • Suppliers and vendors that We work with to assist our company and the service We provide (meaning service providers, technical support, supply services, and financial institutions, etc.)
  • A company you are invited to visit, including the meeting owner, service personnel and other meeting attendees

Data retention

We will retain personal data processed for this purpose for as long as it is necessary. This will be up to 5 years plus the current year counted from your last visit to a company or the last meeting you hosted depending on your user role.

We will retain this personal data for the establishment, exercise or defence of legal claims.

Meeting creation/managing and visitor registration

Categories of personal data

Personal data are processed about you, both when you create a meeting at your company and when you attend a meeting at your company or elsewhere.

The following types of personal data is collected about you, when you create a meeting:

  • Name, email address, telephone number
  • Workplace
  • Photo
  • Your car's License Plate Number
  • Meeting subject and location
  • Start/end date and time
  • Email addresses and other data for the meeting owner and other meeting attendees
  • The host you are visiting
  • Expected time of arrival and check-out
  • Link to LinkedIn profile

When you attend a meeting, you must check-in at the location of the meeting. In order to check-in you may scan the BmyGuest QR code in the company's reception/location, or you may receive a link in an e-mail or in a text message sent by BmyGuest or the receptionist. The receptionist may also register your arrival. In relation to this, personal data is processed about you.

When attending a meeting and checking-in and -out at the company, we may also process personal data about the locations and the real time of check-in and check-out.

Source of the personal data

We collect your personal data from the following source(s):

  • Directly from you
  • An employer or colleague
  • A company you are visiting
  • Online sources, e.g. social media that are publicly available or where you have connected BmyGuest with your LinkedIn profile

Legal basis for the processing

We process your personal data on the following legal bases:

  • Article 6.1.f (necessary for the pursuit of legitimate purposes of us), where our legitimate interest is to facilitate, ease and document meetings and the visitor registration processes.

Recipients

We share your personal data with:

  • Your employer or colleague
  • Suppliers and vendors that We work with to assist our company and the service We provide (meaning service providers, technical support, supply services, and financial institutions, etc.)
  • A company you are invited to visit, including the meeting owner, service personnel and other meeting attendees

Data retention

We will retain personal data processed for this purpose for as long as it is necessary for this purpose.

This will be up to 5 years plus the current year counted from your last visit to a company or the last meeting you hosted depending on your user role.

We will retain this personal data for the establishment, exercise or defence of legal claims.

Notifications

Personal data is processed in order to notify you - as a host - when a visitor is checked in.

If you are attending a meeting as a visitor at a location being evacuated, we will process personal data about you in order to notify and inform you about the evacuation and to help our customer, i.e. the company you are visiting, to ensure that all visitors are notified and evacuated.

If you are attending a meeting as a visitor and you get informative messages during your visit, we will process personal data about you in order to notify and inform you.

Notifications are sent to you by text message or by email.

Categories of personal data

The following types of personal data is collected about you, when notifications are sent:

  • Name
  • Phone number
  • Company name
  • Location of where the check-in has taken place
  • Confirmation that you have left the premises/location in case of evacuation

Source of the personal data

We collect your personal data from the following source(s):

  • Directly from you
  • An employer or colleague
  • A company you are visiting

Legal basis for the processing

We process your personal data on the following legal bases:

  • Article 6.1.f (necessary for the pursuit of legitimate purposes of us), where our legitimate interest is to facilitate, ease and document meetings and the visitor registration processes, and to optimize evacuation procedures at the companies using BmyGuest.

Recipients

We share your personal data with:

  • A company you are visiting
  • The host you are visiting
  • Suppliers and vendors that We work with to assist our company and the service We provide (meaning service providers, technical support, supply services, and financial institutions, etc.)

Data retention

We will retain personal data processed for this purpose for as long as it is necessary for this purpose.

This will be up to 5 years plus the current year counted from your last visit to a company or the last meeting you hosted depending on your user role.

We will retain this personal data for the establishment, exercise or defence of legal claims.

Marketing and user optimization

Personal data is used for marketing-related purposes, including to market our service directly to you by email, text message or phone.

Further, personal data is collected when you use our application and service. We use information about your use of the application and service to optimize the user experience and to keep you signed into the application.

See also our cookie-policy for more information about our cookies (see www.bmyguest.eu).

We may also collect personal data about you, if you consent to receiving marketing material, such as newsletter, from a company, which you have visited.

Categories of personal data

The following types of personal data are processed about you, when you use our service:

  • Name, email address, telephone number
  • Workplace and job title
  • The companies and hosts you have visited
  • Date and time of meetings
  • Your use of the application and service, including the pages you have visited in the service, the features you have used and activated in the application, and any potential system errors that may occur

Source of the personal data

We collect your personal data from the following source(s):

  • Directly from you

Legal basis for the processing

We process your personal data on the following legal bases:

  • Article 6.1.a (consent)
  • Article 6.1.f (necessary for the pursuit of legitimate purposes of us), where our legitimate interest is to provide you with a service that works optimally.

Recipients

We share your personal data with:

  • Suppliers and vendors that We work with to assist our company, our marketing activities, and the service We provide (meaning service providers, technical support, supply services, and financial institutions, etc.)
  • Companies, which you have visited and where you have consented to receiving marketing material.

Data retention

As this data is processed in relation to other purposes, we will retain this personal data processed for up to 5 years plus the current year counted from your last visit to a company or the last meeting you hosted depending on your user role. We will retain this personal data for the establishment, exercise or defence of legal claims.

We will, however, only retain personal data processed about your use of the application and service for up to 1 year.

Support

Personal data is processed when you send us a support request, or our application or service is malfunctioning.

In order to identify the malfunction, handle the problem and contact you about the matter, we will process personal data about you.

Categories of personal data

The following personal data is processed about you:

  • Name, email address, telephone number
  • Workplace
  • Screenshots showing the malfunction

Source of the personal data

We collect your personal data from the following source(s):

  • Directly from you
  • An employer

Legal basis for the processing

We process your personal data on the following legal bases:

  • Article 6.1.b (necessary for the performance of the contract between you and Us)
  • Article 6.1.f (necessary for the pursuit of legitimate purposes of us), where our legitimate interest is to provide you with a service that works optimally.

Recipients

We share your personal data with:

  • Suppliers and vendors that We work with to assist our company and the service We provide (meaning service providers, technical support, supply services, and financial institutions, etc.)

Data retention

We will retain personal data processed for this purpose for as long as it is necessary for this purpose.

This will be up to 5 years plus the current year counted from your support request was made, or our application and service malfunctioned.

We will retain this personal data for the establishment, exercise or defence of legal claims.

Managing customers

In relation to this purpose, we will process information about you, if you are employed by one of our customers or have another relation to these. We collect personal data when you act on behalf of your employer/our customer, e.g. when entering into contracts and general contact.

Additionally, we process your personal data for customer management, e.g. invoicing and customer communication.

Categories of personal data

The following types of personal data is collected about you, as part of our business relationship with a company:

  • Name, email address, telephone number
  • Workplace and job title
  • Company name, address and VAT number
  • Signature
  • Invoicing details e.g. invoice email address, contact person and P.O. number

Source of the personal data

We collect your personal data from the following source(s):

  • Directly from you
  • An employer or colleague

Legal basis for the processing

We process your personal data on the following legal bases:

  • Article 6.1.b (necessary for the performance of the contract between you and Us)
  • Article 6.1.f (necessary for the pursuit of legitimate purposes of us), where our legitimate interest is to communicate with you and to deliver our services to you.

Recipients

We share your personal data with:

  • Suppliers and vendors that We work with to assist our company and the service We provide (meaning service providers, technical support, supply services, and financial institutions, etc.)

Data retention

We will retain personal data processed for this purpose for as long as it is necessary for this purpose.

This will be up to 5 years plus the current year counted from termination of the business relationship with your company. We will retain this personal data for the establishment, exercise or defence of legal claims.

Registration for contact tracing

We process personal information about you, if you choose to register when visiting e.g. restaurants, cinemas, conference centers, sport facilities, hotels, nursing homes, hospitals, and the like.

The purpose of the processing is to enable contract tracing, i.e. making it possible to inform you, if you may potentially have been in contact with someone infected with COVID-19.

Categories of personal data

The following types of personal data is collected about you, as part of your registration at one of the companies using BmyGuest for contact tracing:

  • Name, email address, telephone number
  • The companies visited
  • Date and time of visit (check in and out)

Source of the personal data

We collect your personal data from the following source(s):

  • Directly from you
  • An employer at the company, you have visited.
  • A third-party software application used at the company you have visited.

Legal basis for the processing

We process your personal data on the following legal bases:

  • Article 6.1.f (necessary for the pursuit of legitimate purposes of us), where our legitimate interest is to facilitate, ease and document the visitor registration processes, and to optimize contact tracing procedures pertaining to COVID-19.

Recipients

We share your personal data with:

  • Relevant authorities
  • The company you have visited
  • Suppliers and vendors that We work with to assist our company and the service We provide (meaning service providers, technical support, supply services, etc.)

Data retention

We will retain personal data processed for this purpose for as long as it is necessary.

This will be up to 4 weeks from your last visit at a company using BmyGuest for contact tracing.

3. TRANSFERS TO COUNTRIES OUTSIDE THE EU/EEA

In some cases, we will be transferring personal data to countries outside the EU/EEA.

Such transfers will take place on the basis of the following legal basis:

  • a) The country/countries has/have been deemed by the Commission of the European Union to have an adequate level of protection of personal data.
  • b) The country/countries has/have not been deemed by the Commission of the European Union to have an adequate level of protection of personal data. We will provide appropriate safeguards for the transfer:
    • through the use of "Model Contracts for the Transfer of Personal Data to Third Countries", as published by the Commission of the European Union, or any other contractual agreement approved by the competent authorities. You may obtain a copy of the contract/agreement by contacting Us at [email protected].

4. MANDATORY INFORMATION

The personal data and information, which we request, when creating a user, are generally mandatory, and a prerequisite for you to use BmyGuest application and create a BmyGuest user account. The consequence of not providing the information imply that you cannot use the BmyGuest application and service.

5. YOUR RIGHTS

You have the following rights:

  • You have the right to request access to, rectification or erasure of your personal data.
  • You also have the right to have the processing of your personal data restricted.
  • If processing of your personal information is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent. You may withdraw your consent by sending us an email.
  • You have the right to receive your personal information in a structured, commonly used and machine-readable format (data portability).
  • You may always lodge a complaint with a data protection supervisory authority, e.g. The Danish Data Protection Agency.

Furthermore, you have the right to object to processing of your personal data as follows.

  • If processing of your personal data is based on article 6(1)(e) or article 6(1)(f), see above regarding legal basis, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data.
  • Where your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data about you for such marketing.

You can take steps to exercise your rights by sending an email to [email protected] or calling +4570605301.

There may be conditions or limitations on these rights. It is therefore not certain for example you have the right of data portability in the specific case - this depends on the specific circumstances of the processing activity.

Last updated: 08-04-2025