Privacy Policy
Your privacy is important to Mileage Book A/S. We have developed this Privacy Policy about the protection of personal information to inform you about how we collect, use, disclose, transfer, and store your personal information.
Please read the Privacy Policy to learn about our personal information protection practices. If you have any questions, you can contact us by email at gdpr@mileagebook.com or call us at +45 70 25 11 00.
Mileage Book A/S
Godthåbsvej 4, 1., th.
8600 Silkeborg
Denmark
Company VAT Number. 36056924
1. PERSONAL INFORMATION
"Personal Information" refers to information about your personal identity. When you have a Mileage Book account, we collect various personal information depending on the subscription type.
1.1 Purpose of processing personal data
The purpose of processing personal data is to deliver Mileage Book's service and meet your needs for registration, management, and administration of current and former employees' mileage logs, pool cars, expenses, and corporate card transactions as well as fleet management of your vehicles and equipment.
The processing of personal data is also used in connection with purchases and deliveries, support and improvements, marketing, and recruitment.
1.2 Processing in the Mileage Book system includes the following types of common personal data
Fleet management includes processing the following types of common personal data:
- Name
- Email address
- Visited addresses
- GPS coordinates
Module for handling insurance claims (Optional) includes processing of the following types of common personal information from you, counterpart, witnesses and possibly others involved:
- Name
- Email address
- Phone number
- Registration number
- Private address
Pool cars include processing the following types of common personal data:
- Name
- Home address (if the Danish tax rule "25 times rule" applies)
- Email address
- Visited addresses
- GPS coordinates
Mileage logs include processing the following types of common personal data:
- Name
- Home address
- Registration number
- Email address
- Visited addresses
- GPS coordinates
Expense management includes processing the following types of common personal data:
- Name
- Email address
1.3. Processing of personal data in Communication
- When purchasing a single-user subscription, we immediately send a receipt for the purchase after payment. Payments through Apple are excluded from this.
- Upon expiration of a subscription, we send an email notifying you that your subscription will be renewed. Payments through Apple are excluded from this.
- When creating an account, we may send emails about the functionality of the different subscriptions.
- When creating an account and using our services, we may make calls as part of quality assurance of our product and optimization of our customer and product service.
- For major updates of Mileage Book, we may send an email containing offers and/or a description of the changes.
- In the event of changes in terms and conditions, privacy policy, or other policies at Mileage Book A/S, we may send an email to notify you of these changes.
1.4. Processing of personal data in Customer Service
When you communicate with our customer service representatives by email, phone, or in person, we may collect personal information relevant to the situation, such as your name, mailing address, phone number, email address, company name, and company registration number, as well as information about support or service needs. We use this information to provide customer and product service.
1.5. Processing of personal data in Purchases via mileagebook.com
- When purchasing a subscription or a Mileage Book product from Mileage Book A/S, the payment is made through the payment solution Nets Easy, which stores payment card information. Payment by credit card via Nets Easy is done through a Nets approved and PCI-certified payment solution.
- The Nets Easy payment solution uses SSL encryption in communication with Nets. Likewise, SSL encryption is used in communication between customers and the server where Nets Easy is located. This means that all information transmitted over the internet is encrypted with a security certificate, making it impossible for unauthorized persons to intercept information about your credit card.
1.6. Processing of personal data for Companies
- The company name is used to communicate personally with the company.
- The company registration number is used in some countries to receive our service without having to pay VAT.
- Information about the company contact person is used for communication cf. section 1.3.
- The company name and company address can also be used on exported reports.
2. GPS DATA
The Mileage Book app collects GPS coordinates in the background when the user has started a trip. Mileage Book's GPS devices also collect GPS coordinates. If GPS data is used to log mileage in a private car, GPS data is only visible to the approver and administrator when you have actively submitted the mileage log for approval.
A schedule can also limit when GPS data should be collected.
2.1. Data types and purposes
GPS coordinates via the App on your phone:
- GPS coordinates collected in the background when you start a trip in the app.
- At the start and end positions, the app uses internet services to find the start and end addresses.
- GPS points are stored on our servers and allow the driven route to be drawn on a map and visited addresses to be marked on a map.
- The GPS coordinates are used to calculate the distance of the driven route.
- GPS data can be limited by a schedule, both via the app and website.
GPS coordinates via a GPS device installed in the vehicle:
- GPS coordinates are collected as soon as a trip starts.
- At the start and end positions, internet services are used to find the start and end addresses.
- GPS points are stored on our servers and allow the driven route to be drawn on a map and visited addresses to be marked on a map.
- The GPS coordinates are used to calculate the distance of the driven route.
- GPS data can be limited by a schedule and other settings that limit the display on the map.
2.2. Access and collection of data
Access to GPS data and the phone's pictures only occurs after prior acceptance from the user or the company that has purchased access to Mileage Book. This initially occurs with the acceptance of Mileage Book's subscription terms when creating an account or by signing a collaboration agreement and data processing agreement. When using the app, the user must again actively confirm Mileage Book's access to and collection of location data and the use of the camera.
2.3. Sharing of data
Mileage Book A/S does not share data with third parties, except for the sub processors Mileage Book A/S use to operate Mileage Book.
2.4. Limitation of data in relation to reason and use
The collection and use of GPS data from the GPS device or app and access to the phone's pictures occur as a prerequisite for the app's primary functions – namely to register travel data based on continuously collected GPS coordinates and to register expenses in the system based on photographed receipts.
Data processing is exclusively limited to this purpose and is therefore never used in other contexts.
2.5. Encryption of data
All information collected via Mileage Book's website and app is stored on Mileage Book's servers, which are hosted by Microsoft Azure. The communication between the Mileage Book site and server, as well as the communication between the Mileage Book app and server, occurs via a secure SSL-encrypted connection.
3. RIGHTS
When we process information about you, you have a number of rights regarding Mileage Book.
3.1. Right of access
You have the right to see the personal data Mileage Book processes about you and to obtain a number of pieces of information about the processing. Additionally, you have the right to obtain a number of pieces of information about how Mileage Book processes your personal data, including:
- the purpose of the processing.
- who Mileage Book shares your personal data with.
- information about the period your personal data is stored.
- where your personal data comes from.
You can log into Mileage Book's platform at any time to view, correct, and update the information we store about you.
Alternatively, you can contact Mileage Book's support at support@mileagebook.com, who can provide insight into a number of pieces of information about the personal data we process about you.
3.2. Right to rectification
You have the right to have incorrect personal data about you corrected. You also have the right for Mileage Book to make incomplete personal data about you complete.
If you and Mileage Book disagree about whether the personal data is incorrect, Mileage Book must note that you believe that information about you is incorrect. Mileage Book is also obliged to notify those to whom the incorrect or incomplete personal data may have been disclosed.
You can log into Mileage Book's platform at any time to view, correct, and update the information we store about you.
Alternatively, you can contact Mileage Book's support at support@mileagebook.com. Our support department can assist you with how to edit and update your personal data.
3.3. Right to erasure
As a general rule, you have the right for Mileage Book to delete your personal data if one of several conditions mentioned in the General Data Protection Regulation (GDPR) is met.
Conditions for deletion may include:
- Mileage Book's purpose for processing your personal data is no longer relevant.
- Mileage Book only processes your personal data based on consent, which you have now withdrawn.
- The processing of your personal data is unlawful.
If Mileage Book is obliged to delete your personal data, we are also obliged to notify third parties to whom your data has been disclosed.
You always have access to delete your data. Mileage Book stores your personal data for 3 months after the subscription's termination – unless we deem it necessary to retain them longer for accounting or legal reasons.
If you have either our Business or Enterprise subscription, your data will be stored according to the accounting law. See more about our deletion policies in the data processing agreement.
If you have a FREE account, we will delete your account, including your personal data, after 12 months of inactivity.
Job applications are stored for a maximum of 3 months.
3.4. Right to restriction of processing
You have the right to have the processing of your personal data restricted if one of several conditions is met. Conditions include:
- You do not believe that the personal data Mileage Book processes about you are correct.
- You believe that Mileage Book is processing your data, but you do not want them deleted. Instead, you request restricted processing.
- You have exercised your right to object to Mileage Book's processing of your personal data.
You control any restriction of Mileage Book's processing of your personal data, as you have control over all user rights.
3.5. Right to data portability
First and foremost, you have the right to receive the personal data about you that you have provided to Mileage Book. The personal data must be sent to you in a readable format.
You also have the right to request that your personal data be transferred from Mileage Book to another data controller if it is technically possible and if two conditions are met:
- The processing of your data is automated and based on your consent or is necessary to fulfill a contract.
- You have provided the data Mileage Book processes.
At any time, you can export all your registered trips and mileage logs in Mileage Book's system.
3.6. Right to object
Even if the processing of your personal data is lawful, you have the right to object to it.
When Mileage Book receives your objection, we will consider whether your objection is justified. For example, you may present "significant reasons" against the processing of your personal data. In such cases, Mileage Book must reconsider whether the processing of your data is necessary.
3.7. Right not to be subject to an automated decision
You have the right not to be subject to a decision based solely on automated processing, including profiling.
Automated processing or decision-making means that no physical person is involved.
You have the right for decisions that significantly affect you (e.g., legal effects) not to be based solely on automated processing.
4. DATA PROCESSING AGREEMENT
The General Data Protection Regulation (GDPR) stipulates that there must be a data processing agreement between your company and Mileage Book. Your company is the data controller in relation to the personal data that we process on behalf of your company. The data processing agreement is instructions to us on how we should process your and other customers' and partners' personal data, cf. Mileage Book Data Processing Agreement.
5. COOKIES
A cookie is a small text file stored on your computer or similar device to recognize it. There is no personal information stored in our cookies, and they cannot contain viruses, cf. Mileage Book cookie policy.