Last updated July 2020
- Spiir has two services: The Spiir App and Spiir Web.
- Spiir processes your information to deliver a good app and web service to you. The information is processed in accordance with the current regulations.
1. In General
1.2 Data processed by Spiir’s Services will be processed in accordance with applicable legislation and the valid guidelines issued by the Danish Data Protection Agency.
- Spiir is the data controller regarding the personal data, you allow us to use, or which we collect and store, when you are using Spiir Services. This means that Spiir is responsible for abiding by the rules of the privacy legislation, when we process your personal data
2. Data Controller
2.1 Spiir is the data controller of personal data used in connection with the following activities and services on the Services:
- User Profile
- Spending Overview
- Spending Targets
- Receipt Service
- Account Overview
- Budget Service
- Assistant Service
- Spiir Treats
- Quiz Service
- Benchmarking and statistics
- Internal app payments
3. What processing is performed?
- When you create a profile in the app or on web, you must enter your email and a password as a minimum.
- Spiir needs your information to identify you and to provide its services and customer service to you.
- Spiir also uses your information to contact you regarding new features in our products and to get your feedback on our Services, and in some instances, we may use your answers to questionnaires for marketing.
3.1 User Profile
When creating a profile at Spiir, you must enter your email and password.
In addition, Spiir collects, depending on the services you use, other information you provide to Spiir. This can be, for example, your civil personal registration number, address, your phone number, number of people in your household, age and gender, as well as other data. Spiir collects this information only if you provide it to Spiir, which is voluntary, but for some functions some of this information is required.
If you use Spiirs App, technical id of your mobile device is also registered.
If you answer questionnaires within Spiir Services, your answers will in some instances be associated with your user profile.
Spiir collects your personal data to register and identify you as a user and to provide Spiir’s Services to you. Spiir will also collect the personal data to be able to contact you if it is necessary to confirm your information, answer your questions, and provide customer service to you. The collected information can further be used by Spiir in order to request your experience with using the Services. If you have consented to this Spiir will also use your information to send out information on new features in Spiir Services and other marketing material.
Your answer to questionnaires from Spiir will be used for improving the Spiir Services, or for the marketing of such improvements, as well as for Spiir Treats (see section 3.4.)
Finally, Spiir collects your personal data in order to pursue available legal remedies and limit liability in case of any disputes.
3.1.3 Legal basis
Spiir’s legal basis to process said personal data is, that the processing of the data is required for Spiir to provide its Services to you (GDPR art. 6, sect. 1, lit. b).
Some information is processed by Spiir due to Spiir having a legitimate interest in such processing. Among others Spiir has a legitimate interest in contacting you to get your feedback on the Spiir Services, and also Spiir has a legitimate interest in sending you marketing materials, if you have consented to this.
3.1.4 If you do not wish to be contacted directly
If you do not wish for Spiir to use your information to contact you directly in order to obtain your feedback on the Spiir Services, you may either click “unsubscribe” in such email, or change the settings in Spiir App. You may also always withdraw your consent to receive marketing materials within Spiir Services, or by clicking “unsubscribe in such emails.
- Spiir collects data from your bank to provide our various services to you.
- You must consent to Spiir’s processing of your username and the PIN to your online bank for Spiir to provide its services to you.
- If you do not consent, certain features in Spiir’s services will be inaccessible to you.
3.2 Account information via financial institution
When you add a bank account to Spiir using the "Add Accounts" feature, you must enter your username to your online bank and your service code or online bank PIN. In some cases, depending on your financial institution, this may be other information – however, it is always the same information your bank requires for you to log in.
Only information about account name, balances and transactions is retrieved.
Spiir asks for your username and code to retrieve information about your accounts, balances and transactions with your bank so that Spiir can provide an overview of your spending and deliver Spiir’s other services to you.
Entering your username for your online bank is thus a prerequisite for making automated use of Spiir's Account Overview, Budget Service, Assistant Service, Quiz Service, Internal app payments, and Spiir Treats.
Spiir collects your data for the following purposes:
- Account Overview: Spiir's Account Overview gives you a complete overview of your spending and transactions.
- Budget Service: Spiir's Budget Service gives you access to set up spending targets and gives you an overview of your spending relative to your budget (Web only).
- Assistant Service: Spiir's Assistant Service monitors your spending and transactions on your behalf so that you are updated at all times and have an overview of the movements in your accounts. You will be able to enable notifications, which will notify you when changes occur in your spending.
- Quiz Service: Spiir’s Quiz Service lets you test your knowledge of your own spending.
- Spending Service: Spiir’s Spending Service lets you categorize your various spending items.
- Internal app payments: Based on the accounts you have added to Spiir, upon your request, Spiir will initiate payments to your own accounts within the app.
- Spiir Treats: Based on your information about your spending Spiir Treats in some instances provides you with information on special offers targeted you. This requires your specific consent.
- Benchmarking: Using your spending data Spiir calculates statistics and performs benchmarking. Spiir ensures your personal data’s anonymity, so that statistical data does not contain personal information and thus cannot be traced back to you. The statistics make it possible for you as Spiir user to compare your own spending to a particular group in society.
3.2.3 Legal basis
You can consent to Spiir using your username or other log in information for your online bank so that Spiir can retrieve data about your accounts, balances, and transactions. (GDPR art. 6, sect. 1, lit a.)
By your consent, you confirm that Spiir may use your account data as described in section 3.2.2.
3.2.4 If you do not consent
If you do not consent to Spiir using your account information to access your account information, you will not be able to use certain features in Spiir’s Services, including account Overview, Quiz Service, Assistant Service, Budget Service, Spiir Treats, etc. However, you may be able to manually upload your data, see below.
- On the Web service your transaction information may be uploaded manually.
- By supplying your transaction information, you can use Spiir's various services on both App and Web – subject to certain restrictions.
3.3 Account Information - Manual Upload - Only Web
You can manually upload your transaction data to Spiir via the Web.
Once you have manually uploaded your transaction data, you have the option to use Spiir's various services. For manual upload, there may be restrictions to the services:
Account Overview: Spiir's Account Overview provides you with an overview of your spending and transactions.
Budget Service: Spiir's Budget Service lets you set spending targets and gives you an overview of your spending relative to your budget (Web only).
Assistant Service: Spiir’s Assistant Service monitors your spending and transactions on your behalf so that you are updated at all times and have an overview of the movements in your accounts. You will be able to enable notifications, which will notify you when changes occur in your spending.
Quiz Service: Spiir’s Quiz Service lets you test your knowledge of your own spending.
Spending Service: Spiir’s Spending Service lets you categorize your various spending items.
Internal app payments: Based on the accounts you have added to Spiir, upon your request, Spiir will initiate payments to your own accounts within the app.
Spiir Treats: Based on your information about your spending Spiir Treats in some instances provides you with information on special offers targeted you. This requires your specific consent.
Benchmarking: Using your spending data Spiir calculates statistics and performs benchmarking. Spiir ensures your personal data’s anonymity, so that statistical data does not contain personal information and thus cannot be traced back to you. The statistics make it possible for you as Spiir user to compare your own spending to a particular group in society.
3.3.3 Legal basis
When you manually upload your account information, you also consent to Spiir using your account information in accordance with section 3.3.2. (GDPR art. 6., sect. 1, lit. a)
3.3.4 If you do not consent
When manually uploading your account information, if you do not consent to Spiir using said data, you will not be able to use certain features of Spiir’s Services, including Account Overview, Quiz Service, Assistant Service, Budget Service, Spiir Treats, etc.
- With your consent, Spiir can send you great offers based on your profile and/or overall spending information.
- Spiir processes some of your information on an overall level to provide you with great offers.
- The purpose of processing your data is to be able to target relevant offers to you.
3.4 Offer Service
3.4.1 General offers
188.8.131.52 In general
When using Spiir Services, you have the possibility of using select offers from Spiir’s cooperation partners. These offers are generally available to all Spiir users, though certain offers are only available in specific countries.
If you make use of a general offer from one of our cooperation partners via Spiir we confirm to such partner that you are a user of Spiir, by forwarding a unique pseudonym, which is only related to the cooperation partner.
184.108.40.206 Purpose and legal basis
The purpose of forwarding a pseudonym to our cooperation partner, is to ensure, that you are a user of Spiir and therefore is qualified for the offer (GDPR art. 6, sect. 1, lit. b), and to ensure correct settlement of accounts between Spiir and the cooperation partner. (GDPR art. 6, sect. 1, lit. f).
3.4.2 Targeted offers
220.127.116.11 In General
With your consent Spiir may on Web, in App, through email or push messages provide you with relevant and targeted offers, based on your spending information, and possibly your location.
Spiir never grants access to your information to the offers, besides forwarding of a unique pseudonym to confirm, that you are a user of Spiir. If Spiir wish to forward further information to the offerors, you will be asked for specific consent regarding this.
If you consent in Spiir using your information for Spiir Treats, Spiir process the following data:
- Email address or technical id on your mobile device.
- Profile information (personal information)
- Spending information
- Geolocation information
- Unique ID
18.104.22.168 Purpose and legal basis
The purpose of processing your profile information and your spending information is to target offers to you (GDPR art. 6, sect. 1, lit. a). Using your geolocation information is for targeting offers to you requires your specific consent (GDPR art. 6, sect. 1, lit. a). Information on your email address or technical id of your mobile device is processed in order to send the targeted offers to you (GDPR art. 6, sect. 1, lit. a.)
The purpose of forwarding a unique ID (pseudonym) to our cooperation partner, is to ensure, that you are a user of Spiir and therefore is qualified for the offer (GDPR art. 6, sect. 1, lit. b), and to ensure correct settlement of accounts between Spiir and the cooperation partner. (GDPR art. 6, sect. 1, lit. f).
22.214.171.124 If you do not consent
If you do not consent in Spiir processing information on your spending, you cannot make use of Spiirs targeted offers. Neither will you be able to use the targeted offers if you do not consent in Spiir sending such offers to either your email address or as push messages on your mobile device.
If you do not consent in Spiir processing your geolocation information for targeting offers to you, you will not be able to receive offers based on your location, but instead general offers based on your user profile information and your spending information.
If you do not want to provide relevant consents, and hence cannot use Spiirs targeted offers, you may instead use the offers by finding them yourself in Spiir App.
- You can use Spiir's Voucher Service to save receipts and documents and associate them with transactions.
- Spiir processes your receipts and documents and information provided on these.
- The processing is performed for you to be able to find them again.
3.5 Voucher Service
3.5.1 In general
You can upload electronic copies of your receipts via the Web and the App.
Spiir stores these so you can always retrieve receipts and, to the extent possible, Spiir will make your receipts searchable.
You can attach receipts to certain transactions to improve your overview.
In the Receipt Service, the electronic copies of your receipts are processed.
When the receipt is made searchable, the data on the receipt is processed.
The purpose of the processing is to enable you to retrieve your receipts and associate them with payment transactions.
3.5.4 Legal basis
The processing is required for Spiir to provide its Receipt Service. (GDPR art. 6, sect. 1, lit. b.)
- Spiir registers several technical data when you use Spiir’s Services and other services.
- The purpose of the collection is to optimize Spiir’s Services and track any potential abuse.
3.6 Technical Information
3.6.1 In general
Spiir registers several technical data when you use Spiir’s Services.
Spiir registers your IP address, operating system, and device information when using Spiir’s Services, and browser information and settings when using the Web. Further Spiir registers how you use Spiir’s Services.
Spiir collects the technical data for the purpose of making technical improvements and optimization of its Services and services, and in order to use this information for marketing.
In addition, IP address, device information, and browser information is collected by Spiir to track any illegal activities and track abuse of its Services.
3.6.4 Legal basis
Spiir has a legitimate interest in obtaining your technical information in order to improve and optimize its Services and to prevent and pursue abuse of its Services. (GDPR art. 6, sect. 1, lit. f.)
Also, Spiirs use of information on the use of its Services for marketing purposes is a legitimate interest (GDPR art. 6., sect. 1, lit. f.)
- Cookies, etc. are used for various purposes. Some are required, others help remember your preferences, and others are used for analytical purposes. Some are used for marketing purposes.
- You can always delete or block cookies, but the use of Spiir’s services may be restricted by doing so.
3.7 Cookies etc.
3.7.1 In general
The cookies, etc., which Spiir uses on its Services have various purposes.
On the Web:
- Required cookies. These are cookies that are necessary for you to use the Web, for example, to remember that you are logged in to the Web.
- Preference cookies. These are cookies that remember your settings, for example, your login may be remembered if you have requested this.
- Analytical cookies. These are cookies that are used to measure and analyse how the Web is used.
- Widgets. On the Web, so-called widgets from Facebook and Twitter are used, so Spiir can display the latest Spiir activities from Facebook and/or Twitter. If you are logged into Facebook or Twitter, the overview is personal.
In the App:
- Required tracking identifiers. These are used to distinguish between different mobile devices and to send push messages.
- Analytical tracking identifiers. These are used to analyse how the App is used and to optimize the App.
- Marketing tracking identifiers. These are used to measure and enhance the effect of Spiir's marketing for Spiir’s Services.
3.7.3 Withdrawal of consent/deletion of cookies
3.7.4 If you do not accept cookies, etc.
In the App, it is not possible to delete or deselect the use of tracking identifiers. Therefore, if you do not accept the use of tracking identifiers, please do not use the App and uninstall it.
- If Spiir is to provide support for you, Spiir may process personal data so we can help you.
- Spiirs support can only access your transactions if you give explicit consent to it. The consent can always be recalled and expires after 7 days.
3.8.1 In general
Based on your inquiry, Spiir provides support in connection with your use of Spiir’s Services.
When providing support, Spiir may access limited personal data that is registered about you. However, only data that is required will be accessed. Spiir will only access your transaction data with your prior consent.
When you contact Spiir support, Spiir's employees can access limited data about you as a user:
- Your email address
- Names of the banks and accounts you have added to Spiir
- Information about which features in Spiir you use and to what extent
- Logs of events, such as when you have logged on or if errors have occurred during the use of Spiirs Services, etc.
Spiir’s employees cannot access your detailed information such as your accounts’ balances, your transaction information, and your receipt, unless you give your explicit consent.
The purpose of Spiir's access to your information is to provide support and resolve any challenges you may have encountered using Spiir’s Services.
3.8.4 Legal basis
Spiir accesses your information in connection with support to meet your need for assistance. (GDPR, art. 6, sect. 1, lit. a.)
Spiir will only access your detailed data in connection with support, if you on Spiir’s request or your own accord explicitly consent hereto. (GDPR art. 6, sect. 1, lit. a.)
3.8.5 Withdrawal of consent
You may withdraw your consent at any time for Spiir to access your detailed data. After this, Spiir's support cannot access such data for support purposes. Your consent will automatically expire after 7 days.
3.8.6 If you do not consent
If you do not consent to Spiir accessing your detailed data when providing support, there may be issues that Spiir cannot provide support for.
- Spiir only transfers your personal data with your consent, or where it is statutory, or to process legal claims.
- You can allow others, such as your spouse or partner, to see your information in Spiir. You can always change this again.
4. Recipients/data disclosure
4.1 The personal data held by Spiir will not be disclosed to third parties without your consent, unless Spiir under applicable legislation is required to disclose the data, or if disclosure is required for Spiir to protect itself or to enforce legal claims, or as specified in these terms.
4.2 You can give other Spiir users access to view your information in Spiir. This may for example be a spouse or partner. If you choose to do this, you simultaneously agree that Spiir, in order to comply with this agreement with you, may disclose your information to the person concerned. You can always change this on the Web and in the App.
4.3 If you use an offer through Spiir Treats, a unique ID (pseudonym) is forwarded to the offeror.
- Spiir stores your personal information as long as you are a user of Spiir. However, if it is statutory or needed to handle legal claims, personal data is stored for a longer period.
- Spiir can anonymize your information instead of deleting it.
5. Storage Period
5.1 Spiir stores your personal data until you delete your Spiir user. However, Spiir may store data for a longer period, if required to comply with legal requirements or to protect Spiir's legal interests.
5.2 In some cases, instead of deleting your personal data, Spiir will anonymize these so that the data can no longer be attributed to you.
- You have several rights when Spiir processes your personal data.
- You are entitled to insight into how Spiir's processes your personal data.
- You have the right to have incorrect information corrected.
- You are entitled to delete your information in some cases, and you can always delete your profile.
- You have the right to so-called data portability.
- You can always object to Spiir's processing of your personal data.
- You always have the right to object with Spiir's use of your personal data for direct marketing.
6. Privacy Rights
6.1 At any time, you have the right to know what personal data Spiir processes about you, the purpose of the processing, where Spiir has obtained your personal data, and the identity of any recipient of your personal information.
6.2 At any time, you have the right to rectify incorrect or misleading personal data that Spiir is processing about you. You can correct personal information, such as your name, email address, etc. via your personal profile. Spiir would like to hear from you if we can help you correct your information.
6.3 In certain cases, you may require that the data Spiir processes about you is deleted. At any time, if you do not want to use Spiir’s Services anymore, you can delete your personal profile via the Web or via the App. All the data registered with your profile will then be deleted or anonymized and will not be recoverable.
6.4 At any time, you are entitled to receive the personal data you have provided to Spiir in a commonly used and machine-readable format. You can always retrieve your personal data via the Web.
6.5 You may at any time object to Spiir's processing of your personal data due to your particular circumstances.
6.6 At any time, you may object to Spiir's use of your personal data for direct marketing purposes. Spiir will then discontinue such use.
- Spiir may transfer your data to certain data processors in countries outside the EU.
7. Transfer of personal data outside the EU
7.1 Spiir uses certain data processors located outside the EU. Below are the entities and legal bases for the transfer.
|Apple, Inc.||USA||Standard Contractual Clauses|
|Slack Technologies, Inc.||USA||Privacy Shield|
|The Rocket Science Group LLC.||USA||Privacy Shield|
|SendGrid, Inc.||USA||Privacy Shield|
|Google, Inc.||USA||Privacy Shield|
|Branch Metrics, Inc.||USA||Privacy Shield|
|Functional Software, Inc.||USA||Privacy Shield|
|Help Scout, Inc.||USA||Privacy Shield|
|Wildbit, LLC||USA||Privacy Shield|
7.2 Upon request, Spiir may refer you to where you can obtain a copy of the applicable legal transfer basis.
- Spiir handles your data confidentially. However, data can be accessed if necessary to resolve technical issues or to provide support to you, and Spiir asks for permission.
8.1 Spiir always handles your personal data confidentially. Appointed employees with Spiir have the authority to access data where it is necessary to solve operational or technical issues. In connection with support for you, Spiir employees may, with your consent, access your transaction data. All Spiir's employees are subject to strict confidentiality requirements when processing personal data.
You can always withdraw all or some of your consents to Spiir.
9. Withdrawal of consent
9.1 At any time, you can withdraw your consent on the Web or in the App by deleting your profile at Spiir or by contacting Spiir.
9.2 If you withdraw one or more of your consent(s) you may no longer be able to use Spiir’s Services in whole or in part.
10. Changes to the policy
10.1 Spiir reserves the right to change this policy at any time without prior notice. Changes to the policy will come into effect upon publication of the policy in Spiir’s Services.
Spiir also informs you of changes to the policy by contacting you at the email address you provided when setting up your profile, as a message in Spiir App or by push message.
11. Data Protection Officer
11.1 Spiir has appointed a data protection officer who advises Spiir regarding the processing of personal data and can guide you on how to exercise your rights. You can contact Spiir’s Data Protection Officer by contacting Spiir A/S, Att .: DPO, Mejlgade 48b, 2. th., DK-8000 Aarhus C, Denmark or firstname.lastname@example.org.
- If you want to complain about Spiir's personal data processing you may contact Spiir directly or contact the Danish Data Protection Agency (Datatilsynet).
12.2 If you wish to file a complaint regarding the processing of your personal data, we would love to hear from you. Spiir’s contact information can be found in section. 11.1. You can also file a complaint with Datatilsynet, Borgergade 28, 5. 1300 København K, Denmark or www.datatilsynet.dk, or your national competent authority.