Skip to main content

Privacy Policy for Bekey

1. Protection of Your Privacy 

Bekey A/S (“Bekey,” “we,” “us,” or “our”) takes the processing of personal data about you seriously. We ensure fair and transparent processing of personal data about you in accordance with applicable law. 

We have therefore prepared this privacy policy to inform you about how we process personal data about you when you use our apps.

2. Data Controller and Contact Information

Bekey is the data controller for the personal data we process about you. 

Bekey A/S
CVR no. 27507980
Gladsaxe Møllevej 28
2860 Søborg
Email address: GDPR@bekey.dk
Phone number: +45 43 43 99 90

If you have any questions about our processing of personal data, you are welcome to contact us at GDPR@bekey.dk.

3. Personal Data and Processing Purposes

We process, among other things, the following personal data about you:

  • Account Details (Name, Email addresses, Phone number, User ID, Username)

We gather various information to enhance your app experience and safeguard your account:

Name, Email Address, and Phone Number
Your email address is gathered for logging in. Adding your name in the app is optional and serves solely as a personal identifier. For accounts administered by organisations, they serve as the identifier for the name field. When you provide your phone number within the app, it is transmitted to our backend system hosted at https://me.bekey.dk (redirecting to https://admin.bekey.dk/#/), which integrates with a service provided by inMobile. This integration enables the delivery of validation codes via text messages. These codes are used to verify your identity during password recovery. For details on inMobile’s data processing, please consult their privacy policy (in Danish): inMobile Privacy Policy.

User ID and Username
We collect a unique User ID for each user for identification purposes. Your username is also collected and utilised during the login process.

This consolidated section ensures transparency about the data we collect regarding your account and its usage within the app.

  • Access Logs (UserID, Location, Time):

When users interact with any Bekey device, such as a SmartRelay, SmartLock, or SmartKeyBox, their User ID along with a timestamp is logged to maintain an access log. In addition to User ID and timestamp, we also collect location data, including longitude and latitude coordinates. 

The access log serves security and operational purposes, such as monitoring device usage, detecting unauthorised access attempts, and troubleshooting technical issues. The inclusion of location data helps us do fraud detection, further enhance security measures and improve operational efficiency.

Upon users leaving Bekey services or requesting deletion of their data, their User ID in the access log will be replaced with an anonymized identifier to safeguard their privacy. Similarly, location data will be anonymized to protect user privacy while allowing for historical data analysis and system maintenance.

  • Technical data (device type, device ID, operating system, app version, bluetooth settings, preference settings for language)

We register various key information about your mobile device for various purposes. Information related to your device’s operating system, device type, device ID and app version are logged for the purpose of providing efficient customer support, if needed.

The Bekey app will constantly monitor if your device’s bluetooth connection is active due to its essentiality for the applications primary functionalities, while language preference settings are collected for the purpose of defining which of the available languages is used in the Bekey app.

  • User data (private contacts)
When using our Netkey web service embedded within our Bekey app, we access information from your private contact lists, so you can easily search and use this information to create users, with whom you want to share key access with.
First name, Last name, Phone number and Email Address
We collect this information with https://me.bekey.dk before processing the data in our backend service, in order for you to create other users. Making use of our Netkey web service demands specific permissions, granted by an administrator. You can always delete users that you create, within this service. You cannot delete your own user, but will have to ask your administrator to do so.

Rest assured, none of the gathered information is sold or given to external or third-party businesses.

4. Security of Personal Data:

Ensuring the security of personal data is paramount to Bekey. We employ robust measures and processes to safeguard your information from unauthorised access, alterations, and disruptions, while ensuring its availability when needed. Our approach includes:

Identity Management
Our system securely manages user identities, ensuring authorised access and protecting sensitive information.

Secure Software Development and Security Testing
We prioritise secure software development practices and conduct thorough security testing to identify and address vulnerabilities.

Encryption
All Bluetooth communication is secured with 128-bit encryption, enhancing the privacy of data during transmission.

Network Security
Our network traffic is transmitted over HTTPS (TLS 1.2), adding an additional layer of protection against unauthorised interception.

Security Monitoring and Incident Management
We maintain a robust incident management process, including 24/7 monitoring and a dedicated response team, to swiftly identify, address, and learn from any potential disruptions.

Safety Training and Knowledge Sharing
Our employees undergo training in online security and GDPR compliance to ensure they are equipped with the necessary skills and knowledge to protect user data.

Security Requirements and Oversight
We enforce security requirements and conduct regular audits and penetration tests to ensure compliance and identify areas for improvement.

These security measures are continuously evaluated and refined based on a risk-based approach to ensure that personal data remains adequately protected over time.

5. Retention of Your Data

We store your personal data for as long as you have an agreement with us for digital lock openings.

Your personal data is deleted no later than 30 days after you have requested it, unless there are special reasons to keep the information for a longer period.

You have the right to request the deletion of your personal information from our database, and can do so by reaching out to us on GDPR@bekey.dk. Please note that some data may be retained for legal or regulatory compliance purposes. We will notify the user once their data has been successfully deleted from our systems.

6. Your Rights

As a data subject, you have a number of rights that you can exercise by contacting Bekey as the data controller. The request must be made to:

CVR-nr. 27507980
Bekey A/S
Gladsaxe Møllevej 28
2860 Søborg
E-mail: GDPR@bekey.dk
Phone number: +45 43 43 99 90

Right to Access
You have the right to access the personal data we process about you, as well as a number of additional information. However, access to insight must not infringe on the rights and freedoms of others.

Right to Rectification
You have the right to have inaccurate information about yourself corrected, and considering the purposes of the processing, you have the right to have incomplete personal data completed.

Right to Erasure
In certain cases, you have the right to have information about you deleted before the time of our usual general deletion occurs.

Right to Restriction of Processing
In certain cases, you have the right to have the processing of personal data about you restricted. If you have the right to have processing restricted, we may in the future only process the information – except for storage – with your consent or for the purpose of establishing, asserting, or defending legal claims, or to protect a person or important societal interests.

Right to Data Portability
If our processing of personal data about you is based on consent or a contract, and the processing is carried out automatically, you have the right to data portability. This right entails that you have the right to receive the personal data we process about you in a structured, commonly used, and machine-readable format that you have the right to transmit to another service provider.

Right to Object
In certain cases, you have the right to object to our otherwise lawful processing of personal data about you. You may also object to the processing of information about you for direct marketing purposes.

Withdrawal of Consent(s)
In the event that our processing of personal data about you is based on your consent, you have the right to withdraw the consent to Bekey’s processing of personal data about you at any time.

If you withdraw your consent, Bekey will cease processing the personal data about you for which you have withdrawn your consent. Your withdrawal of consent does not affect the legality of the processing of personal data about you that Bekey has carried out until your withdrawal of consent.

You can withdraw consent to the processing of cookies by deleting cookies and by setting the preferences to not set or read cookies and other tracking mechanisms.

7. Complaint

If you wish to complain about Bekey’s processing of your personal data, you have the right to lodge a complaint with the Danish Data Protection Agency, which can be contacted via the following options:

Danish Data Protection Agency
Carl Jacobsens Vej 35, 2500 Valby
Email: dt@datatilsynet.dk
Phone number: +45 33 19 32 00
Website: www.datatilsynet.dk

Changes in this Privacy Notice

At Bekey we continuously work to improve our services. The information presented in this privacy notice is subject to change in the event of changes in the law, services we provide or in our own data processing practices. If changes are made that can affect your privacy or rights, you will be notified by this in the app.

Version 1.0, 07.05.2024