Privacy Policy

Ikrafttrædelsesdato:

23/12/2024

I dette dokument:

IntroductionData We Collect and How We Collect It Why We Collect Your DataHow We Share Your DataData transferHow Long We Retain Your DataHow We Protect Your DataUse of Third-Party ProvidersYour rights and choicesData Protection OfficerContact and ComplaintsChildren and Our ServicesChanges to Our Privacy Policy

Previous version, effective from the 4th of October 2024 can be seen here.

Famly respects and cares about your privacy. This Privacy Policy describes the information we collect about you and how we use, process, disclose and protect your information. We also explain your data protection rights.  

Famly ApS, Købmagergade 19, 2. tv, 1150 Copenhagen, Denmark (“Famly”, “we”, “us”, “our”) is the entity responsible for the processing of information in accordance with this Policy. We operate this website and provide the Famly Services, meaning the Famly early childhood service platform and related products, applications and services.

This Privacy Policy applies to you if you: 

  • Interact with the Famly website, www.famly.co (“Website”); 
  • Attend events or webinars we arrange or participate in our surveys; 
  • Receive any marketing or service related communications from us;
  • Are a marketing prospect, who is anyone whose data Famly processes in order to determine customer eligibility;
  • Sign up for and/or attend demo calls;
  • Enter into a contract with us;
  • Provide us with feedback;
  • Communicate with us, such as with our sales and support team;
  • Use the Famly Services as an authorised staff user or authorised end-user (we only engage in limited processing as a controller, see further information below)  

We act as a controller for the personal data collected in accordance with this Policy and ensure that your personal data is processed in accordance with the GDPR, UK GDPR and  Swiss new Federal Act on Data Protection (nFADP) (as may be applicable).

Are you using the Famly Services?
If your organization is a Famly customer, you are called an “authorised staff user” in this Policy. If your child attends a childcare facility that uses the Famly Services, or if you’re a family member of such a child, you’re referred to as an “authorised end-user.” In this role, Famly may handle some of your personal data as a controller under this Policy (see the "Data collected and method of collection" section for details). However, all other data, like children's information, is handled by Famly on behalf of the childcare facility under a separate data processing agreement. This Policy doesn’t cover that data, but you can view a summary of the types of data we process here. For more details, please contact the childcare facility.

Data We Collect and How We Collect It 

The data we collect depends on how you interact with us and use our Website. Most of the information is provided by you directly, but we may also collect some details automatically about how you use the Website. We gathered such data through cookies and similar tracking tools (see our Cookie Policy for more details). We also process your data to provide you access to Famly Services, and in some cases, we may receive information about you from third-party services.

We don’t process any sensitive data.

We collect and process data you provide us with (and data related to that act) when you:
  • Sign up for our newsletters/other marketing related material, demos, webinars, free trials of the Famly Services;
  • Participate in contests/competitions, studies/surveys, events or webinars;
  • Send us a message via our support function or call our support team;
  • Have a call with our sales team;
  • Email us;
  • Want to or have become our customer;
  • Want to or have entered into a partnership with us;
  • Provide us with customer feedback.
In such cases we may process:
  • First name, last name, email, phone number, your role, and the company you work for;
  • When you have given your consent;
  • When you have participated in contests/competitions, studies/surveys;
  • When you have attended events or webinars;
  • When you asked for a demo and attended a demo;
  • Content, which may contain personal data, that you provide via the support function or email;
  • Audio or video recordings which may include your personal data, such as name and image or other personal data revealed during the recording;
  • Your personal image or photo (if visible) during our online webinars/events and other video recordings;
  • Billing information, e.g. your credit or debit card details and billing address if you become our customer (generally this would be the details of the company you work for, i.e. our customer but in some cases this can also be considered your personal information);
  • Your name and content of your feedback, if you give us customer feedback.
We may automatically collect standard data provided by your web browser (from your device), and via necessary cookies. If you have given your consent, we may also collect data from other types of cookies.
In such cases we may process:
  • Your IP address, browser type and version, type of device, geographical location, browser plug-in types, browser language, operating systems and versions, etc.;
  • Which pages you click on our Website, links you click on, what products/services you view, time and date of your visit, how long you stay on our pages, what you do on those pages, etc.;
  • Other data collected through cookies and other tracking technologies (see our Cookie Policy for further information).
We may collect and process your data to give you access to the Famly Services.
In such cases we process:
  • login credentials (email and password) to the Famly Services (i.e. to login to the Famly platform/app) of authorised staff users and authorised end-users, with the sole purpose of providing access
We may collect or receive information about you from third party sources.
Such cases are set out below and cover the data listed:
  • Obtain and use B2B contact details from third party lead generation providers or from publicly available sources;
  • UK only - To process certain data in relation to Tax Free Childcare (UK government scheme) as a payment option for authorised end-users within the Famly Services subject to consent. Then we process the child name, child reference number (provided by HMRC), child 's date of birth, and the payment amount to be taken out of the TFC account and other account balances.
If you are using the Famly Services as an authorised staff user, we may automatically collect anonymised and/or pseudonymised data on how you use the Famly Services.
In such cases we may collect:
  • anonymised or pseudonymised location data (country, timezone), browser information, user ID, usage and activity data of authorised staff users using the Famly Services, unless otherwise specifically stipulated to you by our customer.

Why We Collect Your Data

We collect and process your data for the reasons listed below. If you are from the European Economic Area (EEA), the UK or Switzerland, we process your data based on the legal bases outlined: 

  • To provide and maintain the Famly Services: we process your personal data to provide a free trial, handle your subscription and other product purchases, deliver our services, manage our business relationship, contact you for administrative reasons and provide you with support related to the business relationship.

    Legal basis: Consent, to perform our contract with you and comply with legal obligations. Where you have not entered into a contract with us, we rely on our legitimate interests to provide our services to you as long as your interests and fundamental rights don’t override those interests.

  • To improve, optimise and/or modify the experience on our Website: we use your personal data to identify you as a visitor, show you materials which will most likely be relevant to you, and understand how you navigate our Website and compile statistics for the use of our Website.

    Legal basis: Consent, comply with legal obligations, our legitimate interests to operate our Website and provide our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights don’t override those interests.

  • To engage in marketing and sales activities: we process your personal data for marketing and sales related purposes. This includes sending you newsletters and other marketing or product related communication, tailoring communication with you to accommodate your area of interests, offering you to participate in contests/competitions or studies/surveys and communicating to you about events and webinars, including managing the events, reaching out to you via phone provided you are a B2B prospect (which may be recorded), and providing you with demos (which may be recorded). 

    Legal basis: Consent. Legitimate interests in promoting our services to relevant customer prospects, provided the recipient’s contact is related to their professional role or business context. Legitimate interests in providing better training to our employees and improving our services.

  • To enter into partnerships: we process your personal data to enter into partnerships with you as our partner. We need to be able to fulfil our obligations under the agreement and administer the relationship with you. 

Legal basis: To perform our contract with you, comply with legal obligations. 

  • For business- and product development: if you are an authorised staff user, we may use data about how you use the Famly Services to improve and develop our services. This includes developing new features, identifying trends, and evaluating our business performance. When we process such usage and activity data, this typically involves counting interactions (e.g. the number of times logged in or the number of times a feature is used). These counts are used to generate benchmarketing data, helping us to improve our services while maintaining privacy. This data does not identify you individually, or we have taken steps to ensure it cannot be attributed to you without additional information, which is kept securely and separate. Where possible and sufficient for our purposes, we aggregate the data. Please note that anonymised data falls outside the scope of the GDPR, UK GDPR, and nFADP.

Legal basis: Legitimate interests to analyse, develop and improve our services for the benefit of both our customer and us as long as it is proportionate and that your interests and fundamental rights don’t override those interests. 

  • To protect the Famly Services: we may monitor the Famly Services to prevent and detect misuse of fraudulent activity on the Famly Services.

Legal basis: Legitimate interests to maintain our services and ensure efficient business operations as long as your interests and fundamental rights don’t override those interests. 

  • To comply with legal obligations and to exercise or defend legal claims: we may process your personal data to comply with legal obligations and requirements, requests from public and governmental authorities, and to protect our operations and rights.

Legal basis: Comply with our legal obligations, for the establishment, exercise or defence of legal claims.  

In certain circumstances, we may collect your personal information on a different legal basis. If we do so, we will explain the processing to you in a supplementary notice. 

How We Share Your Data

We may share your data with third parties in the following situations: 

  • Third-party services providers. We work with such parties to provide and host the Website, manage communications with our customers and anyone who contacts us, facilitate and enhance our sales process, analyse the Website and in some cases the Famly Services, market our Famly Services, process payments and organise events. You can find further information about the third party services providers below in section Use of Third-Party Providers.
  • Business transfers/transactions. We may share and/or transfer your personal data if we become involved in a bankruptcy, merger, acquisition, or any other form of sale of some or all of our assets. This Policy will continue to apply to your information after the information has been transferred to the new entity. 
  • Legal requirements and law enforcement. We may share your personal data if we in good faith believe we need to share it to satisfy applicable law, regulation, legal process or enforceable governmental request, or to protect and defend the rights or property of the company, protect ourselves against liability, fraudulent, abusive or unlawful uses. 
  • With group companies. We may share your personal data with our subsidiaries (Famly ApS is the parent company) in which case we will require them to honor this Policy.

We do not sell or rent your data to marketers or third parties.

We always make sure that there is an agreement in place regarding how our third party providers process the data on our behalf, including that they have appropriate security and organisational measures in place. If data is transferred outside of the EEA, UK or Switzerland, we take further measures before entering into an agreement with such a third party. See more details on that in the Data Transfers section below.

Data Transfers 

Some of our third-party providers process and store the data outside the EEA, UK or Switzerland. When the processing requires a transfer outside of those countries and areas, we will ensure that the transfer is adequately protected in accordance with the GDPR, the UK GDPR and the Swiss new Federal Act on Data Protection (nFADP).

We do not transfer your personal data outside of the EEA, UK or Switzerland, unless we have secured adequate protection of your data in the receiving country. We may rely on one of the following safeguards, as applicable: 

  • The EU - U.S. Data Privacy Framework, UK Extension to the EU - U.S. Data Privacy Framework, Swiss - U.D Data Privacy Framework.
  • Other appropriate safeguards recognised by the GDPR; UK GDPR and/or the nFADP, such as adequacy decisions or binding corporate rules. 
  • Incorporating the Standard Contractual Clauses approved by the European Commission Decision of 4 June 2021 as amended from time to time, the International Data Transfer Agreement (“IDTA”) issued by the Information Commissioner’s Office under Section 119A of the Data Protection Act 2018 (effective from 21 March 2022), and/or the International Data Transfer Addendum (“Addendum”) issued by the Information Commissioner’s Office under Section 119A of the Data Protection Act 2018 (effective from 21 March 2022), or Data Protection Clauses approved by the Swiss Federal Data Protection and Information Commissioner (“FDPIC”).

How Long We Retain Your Data  

We do not keep your data longer than necessary to fulfil the purpose for which it was collected or as required by applicable laws or regulations. Therefore, the retention period may differ. It depends on the type of data and the purpose for which we collect and process it. When we no longer have a valid reason to keep your data, we’ll either delete it or anonymise it so that it doesn’t identify you.

As for our customers, we keep data related to the contractual relationship for the duration of the relationship and 5 years thereafter.

For our newsletter and marketing related material that you subscribe to, we keep your data as long as you subscribe to it or for two years after our most recent contact with you. If you unsubscribe from it, we will keep your data for two years after you unsubscribe, that way we can demonstrate that we have not sent you any marketing material as of the day you unsubscribed.

We keep your data collected through cookies as outlined in the Cookie Policy.

How We Protect Your Data

The security of your personal data is very important to us. We follow generally accepted industry standards to protect the information. We have in place technical and organisational measures to prevent that your personal data in our possession accidentally or illegally gets deleted, released, lost, impaired or gets to the knowledge of any unauthorized persons, abused or in any way processed against the GDPR, UK GDPR and/or nFADP.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. Although we strive to protect your personal data, we cannot ensure or warrant absolute security of the information you transmit to us.

If we become aware of a data breach, we will inform you and the authorities in accordance with applicable law.  

Use of Third-Party Providers  

We, similar to other SaaS businesses, use third parties to help us host our Website, provide our services, facilitate the sale process, communicate with you etc. We select our third party partners very carefully. Your data is only shared with them when strictly necessary. Those third parties only process data on our behalf and may not use it for their own purposes. 

We use the following third parties: 

  • Webflow Inc. to design our Website, the Website forms and host our Website. 
  • Salesforces.com Inc. to facilitate our sales process and subscription upgrades. 
  • Outreach Corporation to facilitate our sales process.
  • Gong Inc. to analyse and enhance our sales process, and to record and transcribe videocalls. Gong is synced with Zoom and GoogleMeet.
  • Google Cloud EMEA Limited for emails, GoogleMeet video calls (which may be recorded and/or transcribed for notetaking and training purposes upon explicit consent), and for Google Form to send surveys to customers and those who have accepted to participate in our surveys. 
  • Zoom Communications Inc. for video calls (which may be recorded and/or transcribed for notetaking and training purposes upon explicit consent).
  • Dialpad Inc. for phone calls (which may be recorded and/or transcribed for notetaking and training purposes upon explicit consent).
  • Calendly LLC for scheduling meetings/events.
  • Chili Piper Inc. for scheduling meetings/events. 
  • Planhat AB as our customer success system for customer management. 
  • Intercom Inc., for customer support assistance (chat function), to send out emails to our customers, and to send out surveys and receive customer feedback. 
  • DocuSign Inc. to sign contracts. 
  • Hubspot Ireland Ltd. for our inbound marketing tool. It gathers all information submitted via a form on our Website, maintains our newsletter lists, sends newsletters and other marketing related material and is connected with the user website journey.
  • Lead Eagle (108 Group, LLC) to generate inbound leads in the United States only. This processor does not apply to our EEA, UK or Swiss website visitors. 
  • CircleCo Inc. for offering an online community, events and webinars related to our services. 
  • Mixpanel Inc. to analyse certain limited pseudonymised usage of the Famly Services, provided the Famly Platform is hosted on Amazon Web Services (AWS).   
  • Zapier (Zapier Inc.) is used to send data between different softwares we use. 
  • Stripe Payments Europe Ltd./Stripe Inc., is used to process payments from our customers.
  • GoCardless Ltd. is used to process payments from our customers.
  • HM Revenue and Customers in the UK (HMRC) (applies to the UK market, if authorised users have opted in for using Tax Free Childcare as a payment option in the Famly Services). 

We use certain services for Website analytics, they are connected with cookies, so please see further information in our Cookie Policy. For other third parties used in relation to cookies, please read our Cookie Policy

Your Rights and Choices 

It’s important to us that you are aware of all your data protection rights and opt-in/opt-out choices. You are entitled to the following: 

The right to access - you have the right to request for copies of your personal data. 

The right to rectification - you have the right to request us to correct any information you believe is inaccurate.

The right to erasure - you have the right to request us to erase your personal data, under certain circumstances. 

The right to portability - you have the right to receive your personal data in a structured, commonly used and machine-readable format (as may be applicable)

The right to restrict processing and object processing - you have the right to request that we restrict the processing of your personal data, under certain circumstances, and a similar right to object to processing. Opt out from marketing material, if you have agreed to receive marketing material, you can always opt-out and unsubscribe by clicking the “unsubscribe” button in the last newsletter email you received.

Withdraw your consent - if the processing is based on your consent you have the right to withdraw it at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdraw your consent.

If you make a request to us, we will answer your request as soon as possible and in any event within one month of receiving your request. If the request is very complex we can extend the period by two additional months. We may decline to process your request if it is unreasonably repetitive, requires disproportionate technical effort, jeopardises the privacy of others, would be extremely impractical or for which access is not otherwise required. 

If you have any questions regarding our processing activities or you wish to exercise your rights, you can send us an email: privacy@famly.co

Data Protection Officer

Famly has a Data Protection Officer, who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:

Famly ApS
Attn. Data Protection Officer
Købmagergade 19, 2.
1150 Copenhagen K
Denmark
privacy@famly.co 

With regards to the UK - we are not required to have a UK representative because we have an establishment in the UK, our subsidiary Famly Ltd. 

Contact and Complaints

If you have any questions or comments about this Privacy Policy or concerns about the processing of your personal data, you can contact us by email to privacy@famly.co

You also have the right to lodge a complaint with the appropriate data protection authority. You will find information on how to lodge a complaint with:

Children and Our Services

Our services and website are not directed to children, you can’t use our services if you are under the age of 16.

Changes to Our Privacy Policy

We may update our Privacy Policy from time to time. To stay informed about changes, please check this page periodically. The latest update date will always be listed at the top under "Effective date". For significant changes, we will notify customers with a manager or organisation manager role via email, using the email address provided on the Famly platform, and those that have signed up for our marketing related material using the email address provided when signing up. By continuing to use our Website and Services after these updates, you agree to the revised Privacy Policy.