Privacy Policy

1. Introduction and Scope

BREQ ("Company," "we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy informs you as to how we look after your personal data when you visit our website, use our services, or interact with our devices and applications. It also tells you about your privacy rights and how the law protects you.

This Privacy Policy applies to all users of our services, including website visitors, customers, and business partners. By using our services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller and Contact Information

Data Controller: BREQ
Address: SDU Startup Station, Southern Denmark University (SDU), Sønderborg, Denmark
Email: privacy@breq.live
Data Protection Officer: Available upon request

3. Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: Where you have given clear consent for us to process your personal data for specific purposes
• Contract: Where processing is necessary for the performance of a contract with you
• Legal obligation: Where processing is necessary for compliance with legal obligations
• Legitimate interests: Where processing is necessary for our legitimate interests or those of a third party, provided your rights do not override these interests

4. Categories of Personal Data We Collect

4.1 Identity and Contact Data

• Name, email address, postal address, telephone numbers
• Company information and job title
• Account credentials and authentication data

4.2 Technical and Device Data

• IP addresses, browser type and version, operating system
• Device identifiers and hardware specifications
• Temperature, humidity, and environmental sensor readings
• Location data from GPS-enabled devices
• Device performance metrics and diagnostic information

4.3 Usage and Analytics Data

• Website usage patterns, page views, and navigation paths
• Service usage statistics and feature interactions
• System logs and error reports
• Communications metadata

5. How We Collect Your Data

We collect personal data through:

• Direct interactions: When you contact us, register, or provide feedback
• Automated technologies: Through cookies, web beacons, and similar technologies
• IoT devices: From our monitoring equipment and sensors
• Third parties: From analytics providers and business partners

6. Purposes of Data Processing

• Service provision: To provide, maintain, and improve our monitoring services
• Communication: To send service notifications, alerts, and support communications
• Analytics and research: To analyse usage patterns and develop new features
• Legal compliance: To comply with legal obligations and resolve disputes
• Security: To protect against fraud, unauthorised access, and security threats

7. Data Sharing and Third-Party Disclosures

7.1 Service Providers

We may share data with trusted third-party service providers who assist us in cloud hosting, customer support, analytics, and performance monitoring.

7.2 Legal Disclosures

We may disclose your information when required by law or to protect the rights, property, or safety of BREQ, our users, or others.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). Where such transfers occur, we ensure adequate protection through appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

9. Data Retention

• Account data: Duration of account plus 2 years
• Monitoring data: 7 years from collection date
• Communication records: 3 years from last contact
• Legal compliance data: As required by applicable law

10. Data Security Measures

We implement comprehensive security measures including encryption, access controls, secure transmission protocols, staff training, and incident response procedures.

11. Your Rights Under GDPR

• Right of access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data under certain circumstances
• Right to restrict processing: Request limitation of data processing
• Right to data portability: Request transfer of data to another controller
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for consent-based processing
• Right to lodge a complaint: File complaints with supervisory authorities

To exercise these rights, contact us at privacy@breq.live. We will respond within one month of receipt.

12. Cookies and Tracking Technologies

Our website uses essential and performance cookies to ensure functionality and improve user experience. You can manage cookie preferences through your browser settings.

13. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children under 16.

14. Automated Decision-Making and Profiling

We may use automated decision-making for fraud prevention and service optimisation. You have the right to request human intervention, express your point of view, and contest automated decisions.

15. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. The updated policy will be effective upon posting.

16. Governing Law and Jurisdiction

This Privacy Policy is governed by Danish law and the laws of the European Union. Any disputes will be subject to the jurisdiction of Danish courts.

17. Contact Information