Identity and contact
This policy is designed to ensure transparency on all of EasyTranslate’s processing of personal information held on individuals across our organisation. Depending on context, EasyTranslate A/S (Bygmestervej 10, 2400 Copenhagen) acts as the Data Controller or the Data Processor and is hereby responsible for the processing of data collected and stored through our website and other channels. We ensure that your data is processed according to applicable law. For any questions regarding this policy or invoking of any of the rights mentioned in this policy, please send us an email to email@example.com.
How do we comply with the GDPR requirements?
At EasyTranslate, data privacy and security are paramount. We have implemented appropriate safeguards, technical and organisational measures to ensure the security of your data during our processing. This policy outlines which types of data we process, why we process them and which rights you have regarding the processing of your data.
Purpose and legal basis
We only collect information which will enable us to perform the service(s) you have requested in the most efficient way possible. This is why we collect your contact details, professional and financial data, as well as your source files. We use this information to create your platform account, manage your projects, perform the translations and send you invoices.
The legal basis for this processing is GDPR Article 6(1) b meaning our lawful processing is based on performing the agreed services in our Service Agreement with you. In this case we are the Processor and you are the Controller.
What data do you share with us?
We process the following data to deliver our services to you:
- Your contact information - name, surname, company name, address, e-mail, phone number and VAT
- Source files - can contain a variety of personal data, which we recommend you to anonymize
- Information concerning the services you purchase with us to customise and adjust our services to your specific needs
- Your billing information
What data do we collect automatically?
We want to improve our digital services and applications. That’s why we collect some data automatically in the form of cookies, click-stream, and web analytics.
The legal basis for this processing is GDPR Article 6(1) f and in this, we are the Controller. This means that we decide the purposes of the processing. The purpose is listed above. We learn about the services you purchase, your preferences and ultimately customise your experience even further.
Your visit to our website usually results in the collection of the following information:
- The visitor’s IP address
- The date and time of the visit
- The referral URL (the site from which the visitor has come)
- The pages visited on our website
- Information about the browser used (browser type and version, operating system, etc.)
You can find instructions on how to manage browser-specific cookie settings here:
- Internet Explorer: Microsoft support
- Mozilla Firefox: Mozilla support
- Google Chrome: Google support
- Safari: Apple support
- Opera: Opera support
We use third-party cookies to improve our website and to learn about your preferences. You can find the complete list .
If you do not want us to place cookies on your device simply reject the cookie-box, but please note that this will have an effect on the functionality of the site. Please remember to clear your cookie history in the given browser you utilise as described above.
We use different analytical tools on our website to collect information from your user sessions as we want to improve our services to give you the best possible experience. Find the list of web analytic providers .
How do we use your data?
To deliver the language service you ordered
We will use the information we have gathered to get back to you with service propositions based on your quote request. If you choose to accept the quote, we will use your data to deliver the language service you ordered with us. This includes making files available for our production team.
To translate your files
When we have agreed on the delivery terms with you, a translator will be given the source file and translate it to the agreed language within the agreed deadline. If it is possible to anonymise the source file, we encourage you to do so before transferring the file to minimise the flow of personal data (Data Minimisation, GDPR (Art.5, 1. (c)). This could e.g. be if a name is in the header of a letter. If it is not possible to anonymise, we have the technical and organisational security measures in place to handle your personal data safely.
To deliver the best service and experience for you
We will use the information we have gathered about you to customise our services for you and provide the best possible digital experience. This includes optimising our services and websites based on analytical information gathered from you.
To send you newsletters
If you have given your consent to receive direct marketing, the legal basis for this processing is GDPR Article 6(1) (a). We will personalise the direct marketing based on your profile and behavioral information within the EasyTranslate channels, to give you relevant news and offers. The legal basis for this processing is GDPR Article 6(1) (f) where our legitimate interests override your interests or fundamental rights and freedoms.
At any time you can withdraw your consent at www.easytranslate.com/unsubscribe.
We use supporting services provided by third parties. This includes our platform infrastructure, handling of payment transactions and other relevant services. These subprocessors will get access to the data they require to provide their respective services. Please find the complete list of subprocessors, the type of service they provide and an overview of their server locations . We assess our subprocessors before any engagement and make sure that the legal basis for a given data transfer, as well as the appropriate technical and organizational measures for processing your data, are in place.
How long do we store the data?
The data that we collect either directly from our users or from any other source are stored for varying periods of time, corresponding to the given function. This includes data that are processed by subprocessors:
- The client account and all data thereunder can be permanently deleted by the client via the client’s profile settings. The data will be deleted at the latest 2 months after the deletion request.
- Source files delivered by the client, and translations delivered by EasyTranslate can be erased permanently by the client upon conclusion of the order.
- Files on the platform can be automatically deleted after a specific number of days according to an agreement between the client and EasyTranslate.
- Financial data will be stored in accordance with the applicable law.
If you wish to gain access to your data, have them rectified or deleted or make any reservations towards our data processing, you can bring your request forward by sending an email to firstname.lastname@example.org. We will investigate whether or not this is possible according to our legal obligations, and get back to your request as soon as possible and no later than a month after we receive it. Please note that your Account Settings page gives you full control over your data. Simply go to “My Account” and you can see, edit, export, and delete your data, at the click of a button.
You have the right to be informed on which data we have stored that concerns you, where these are collected and what they are being used for. You can be informed about our retention periods, who receives data that concerns you, and the extent to which we disclose or transfer your data.
You can request to gain access to any data processed regarding your person. Access can be limited in cases where it can compromise other people’s privacy, trade secrets or intangible rights.
You have the right to correct any information that is no longer correct or current. If you become aware that any of the data that we store concerning you are incorrect, you have the right to get such information corrected or deleted.
You also have the right to object to our processing of your data or to our disclosure or transfer of your data for marketing purposes. You have the right to receive any data that we are processing regarding your person, this includes data collected directly from you or from other parties. In the event that you put in such a request, your data will be provided for you on a commonly used digital transportable format.
Any matters relating to EasyTranslate's collection and storage of personal information, your rights under the GDPR or this policy can be addressed to email@example.com.
If our collection, storage or processing of your data should raise any concerns with you, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet) at firstname.lastname@example.org or any other supervising authority in your country.
Any individual who suspects that a Personal Data Breach has occurred due to the theft or exposure of personal data must immediately notify EasyTranslate providing a description of what occurred. Notification of the incident can be made at email@example.com.
EasyTranslate will investigate all reported incidents to confirm whether or not a Personal Data Breach has occurred. If a Personal Data Breach is confirmed, EasyTranslate will follow the relevant authorised procedure based on the criticality and quantity of the personal data involved.
Security of the Information
We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised use, disclosure, or access; in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing and misusing of data.
Our platform is hosted at Amazon Web Services (AWS) which provides maximum scalability and security. This means that the client’s and the client’s company’s data, source files and translations are hosted in a secure centralised storage service (S3) with AWS. The data are stored in the EU.
Our Data Processing Agreement (DPA)
If we process personal data on your behalf we ought to enter a Data Protection Agreement (DPA). When you evaluate whether or not we need to enter a DPA you must take into consideration:
- The quantity of the personal data
- The character of the personal data
- The risks of the end user
- If the processing is continuous
For example, if you would like us to translate your website you should consider if there are any personal data in the material, e.g. descriptions of your employees. If there are not, but solely company information, we do not need to form a DPA.
For example, if you continuously have translations made of your employees’ passports, the character of the data is both ‘sensitive’ and continuous and we need to form a DPA.
For example, if you order an interpreter to interpret a business meeting, we do not need to form a DPA, as data will not be processed further, this would simply be covered by the Non Disclosure Agreement (NDA) in place.
If you do though have continuous use of our services and we continuously process personal data we do need to form an official agreement.
Please note that this list is not exhaustive. In doubt, please contact our customer success team or write directly to firstname.lastname@example.org
For the DPA, please contact our customer success team .