Who we are
As a company, freedom is our most essential value, and we therefore take your privacy and security on the Website seriously. At mindblaze.xyz (the “Website”) we collect and manage user data according to the following Privacy Policy.
This Privacy Policy is effective as of March 23, 2024.
Ownership
The Website is owned and operated by the Danish company:
Mindblaze ApS, Bjergegade 14E, 3000 Helsingør, DK-VAT (CVR): 38875329, e-mail: contact@mindblaze.xyz, phone: +45 40 34 56 40.
Mindblaze ApS is responsible for managing your data. Our responsible data officer is: Izack Stjernberg.
Cookies
When you visit this Website, we use essential cookies only. You can, at any time, delete essential cookies from your computer. How you you do it, depends on your browser.
(A cookie is a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a website’s computers and stored on your computer’s hard drive.)
To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.
The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.
If you leave a comment on the Website you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Hosting
All of our hosting solutions are completely GDPR, PECR and CCPA compliant.
The Website is hosted on a secure server in Iceland, which has some of the toughest privacy laws in the world. This is also where we host our e-mail server.
For newsletters, customer e-mails, and related marketing activities, we integrate with MailChimp, which is hosted in the U.S. MailChimp is considered one of the most secure e-mail marketing solutions it the world. It has certified its compliance to both the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework since 2016, and it continues to do so every year. This ensures that your data is transferred to the U.S. under the strictest security and privacy measures. Read MailChimp’s data processing addendum here.
For surveys, we use BlockSurvey. BlockSurvey is open source, and end-to-end encrypted. It’s based on the Stack blockchain, which is a sustainable blockchain running on top of BitCoin’s blockchain. It’s a completely decentralized and secure system. Your responses to the surveys are between only you and us, and nobody is looking over your shoulder (unless they are actually standing right next to you).
For our facilitation services, we use Mural. An enterprise-grade visual collaboration platforms and fully in compliance with GDPR and CCPA standards. We refer to their privacy policies. Read more about Mural’s privacy statement here.
For video conferences, we use Jitsi, which is an open source platform with a strong focus on privacy. We send our customers anonymous links to the platform, and we cannot track their use of it. Read its privacy policy here.
For our community services, we use Element, which is a decentralized and end-to-end encrypted platform highly focused on privacy and security. It’s fully compliant with GDPR, CCPA and PECR standards. Read its privacy policy here.
For analystics, we use Plausible, which is open-source and privacy focused. It doesn’t use cookies and is fully compliant with GDPR, CCPA and PECR. It’s made and hosted in the EU, and powered by European-owned cloud infrastructure.
Our social media presence is based on the platforms X, LinkedIn, and Facebook, which we link to from our Website. They can see if your visit comes from our Website, but we have no control of their collection of your data and your privacy on their sites, so we take no responsibility for it.
Data Collected
As a general rule, we only collect the information you provide directly to us voluntarily, and we only do it to be able to provide you with our products and services.
For example, we collect information when you subscribe to our newsletter, make a purchase, participate in our workshops, fill out a survey, request customer support, or otherwise communicate with us.
The types of information we may collect include your name, email address, physical address, and other contact or identifying information you choose to provide.
We don’t collect any credit card information, as this is handled by Stripe (see Terms & Conditions).
Any personal information given to us from online surveys, online workshops, community activities etc. is considered strictly confidential.
To deliver our products and services, we may or may not use third-party platforms, services, and plugins. Please note that we take no responsibility for any third-party privacy policies.
We register the following information about you in the following scenarios,
When consenting to our use of cookies: Your ip-address.
Subscribing to our newsletter: Name, e-mail address.
Participating in surveys: Name, e-mail address.
Participating in workshops: Name, e-mail address, billing address, company.
Participating in sessions: Name, e-mail address, billing address, phone number, company.
The purpose of registering and managing the information,
Subscribing to our newsletter: To register your contact information, so we can send you our newsletters and offer you additional products and services as part of our marketing activities.
Participating in surveys: To register your contact information, so we can send your answers to you, manage your contact information in our administration, offer you service in case there is a problem with the delivery, and offer you additional products and services as part of our marketing activities.
Participating in workshops: To register your contact information, so we can deliver the digital products to you, send you information about the product and any eventual certificates, manage your contact information in our administration, offer you service in case there is a problem with the delivery, and offer you additional products and services as part of our marketing activities.
Participating in sessions: To register your contact information, so we can deliver the digital service to you, send you information about the product and any eventual certificates, manage your contact information in our administration, offer you service in case there is a problem with the delivery, and offer you additional products and services as part of our marketing activities.
Legal foundation for our collection and management of your personal information:
When we collect and manage your personal information it always happens according to the current legislation regarding data protection and privacy policies. As a Danish company residing in the European Union, we are fully GDPR compliant.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Comments
When visitors leave comments on the Website, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
In addition, we collect anonymous data from every visitor of the Website to monitor traffic and fix bugs. For example, we collect information like web requests, the data sent in response to such requests, the Internet Protocol address, the browser type, the browser language, and a timestamp for the request.
Use of the Data
We only use your personal information to provide you the Website products and services, to communicate with you about the Website or the services, and to manage you as our customer.
We employ industry standard techniques to protect against unauthorized access of data about you that we store, including personal information.
Furthermore, we do not share personal information you have provided to us without your consent, unless:
Doing so is appropriate to carry out your own request.
We believe it’s needed to enforce our legal agreements or that is legally required.
We believe it’s needed to detect, prevent or address fraud, security or technical issues.
Sharing of Data
Your personal information is shared with relevant employees involved in delivering our digital products and providing any services related to them (such as support). It may also be shared with relevant accounting and technical personnel, including third-party accountants and technicians. In case of the latter, it will be done only if absolutely necessary, and if so, with strict confidentiality.
As a rule, we don’t share your personal information with third parties, and we don’t sell your data. However, aggregated, anonymized data may be periodically transmitted to external services to help us improve the Website.
To give you the option of sharing our content of the Website and our newsletters on social media, such as X and LinkedIn, we use social buttons. Your use of these third party services is entirely optional, but you should know that they are able to track your visit to our Website because of these social buttons. If you are against such tracking, we recommend that you use a browser extension that prevents them from doing so.
We are not responsible for the privacy policies and/or practices of any third party services, and you are responsible for reading and understanding those third party services’ privacy policies.
Opt-Out, Communication Preferences
You may modify your communication preferences and/or opt-out from specific communications at any time. Please specify and adjust your preferences, and contact us if you need help.
Security
We take reasonable steps to protect personally identifiable information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. But, you should keep in mind that no Internet transmission is ever completely secure or error-free. In particular, email sent to or from the Website may not be secure.
General deletion policy
We keep your personal information for a maximum period of 5 (five) years counting from when you have last interacted with us. This includes opening a newsletter (including campaign related newsletters), responding to a survey, making a purchase, commenting on a thread in our online community, or otherwise interacting and communicating with us with direct relation to the information, products and services of the Website.
Your rights
You have a number of rights under the Data Protection Regulation and the IMI Regulation in relation to our processing your personal data. If you want to make use of your rights, please e-mail us: contact@mindblaze.xyz.
Right to information (right of access)
You have the right to access the information we process about you and certain supplementary information.
Right to rectification (correction)
You have the right to have incorrect information about yourself corrected.
Right to transmission (data portability)
You have the right to receive your personal data in a machine-readable format and send it to another controller.
Right to deletion
In very special cases, you have the right to have your personal data deleted before the deadlines set in our general deletion policy.
Right to restrict processing
In certain situations, you have the right to have the processing of your personal data restricted. If the processing of your personal data is restricted, we may only process your information – apart from for storage purposes – with your consent, or for the purpose that legal claims can be established, asserted or defended, or to protect a person or important public interests.
Right to object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data.
About Children
The Website is not intended for children under the age of 18. We do not knowingly collect personally identifiable information via the Website from visitors in this age group.
Changes to the Privacy Policy
We may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used.
If we make major changes in the way we collect or use information, we will notify you by posting an announcement on the Website or emailing you.
Complaints
If you wish to file a complaint about this Privacy Policy, you are welcome to do so to The Danish Data Protection Agency: https://www.datatilsynet.dk/english/
Governing Law
This Privacy Policy, and any dispute or claim arising out of, or related to them, shall be governed by and construed in accordance with the internal laws of Denmark without giving effect to any choice or conflict of law provision or rule.
Any legal suit, action or proceeding arising out of, or related to, this Privacy Policy or the Website shall be instituted exclusively in the federal courts of Denmark in the language of Danish.