Privacy Policy

Version 3 - April 2022

Previous Versions
Version 1 - May 2018
Version 2 - September 2021

This document has been superseded by Privacy Policy as of April 2022

The purposes of the processing
We provide an online payable service to companies. Typically, it is the relevant employees of our customers that use the service.

The overall objective is to make communicating business processes in IT systems easier by recording the work tasks and explanations digitally so other employees can perform the same tasks by learning from the created material.

As part of the service, we offer an array of communication tools such as presentation techniques and translations into different languages.

We continually improve and change the functionalities and features based on the use to provide the agreed service level.

The lawful basis for the processing
As we are located in the EU, the General Data Protection Regulation (GDPR) applies to the collection of personal data irrespective of where the data subject is located.
The basis for our collection and processing are:

• Article 6(1b) of the General Data Protection Regulation (processing is necessary for the performance of a contract)

The categories of personal data collected
The personal data we collect fall under Article 6 of the GDPR.

a) Account information
We collect personal account information such as username, device, log in information, telephone number and e-mail.

We also collect the personal data the user continually produces when using the system by capturing work processes in IT systems, producing verbal explanations, creating multi-format learning materials in any language and publishing the material on a 24/7 accessible learning portal that other employees of the customer can access.

b) Developing the service
We collect technical data from the devices being used such as browser used, IP address, network location and time zone. We also collect data on the usage of the e-learning content as well as information on how the service is being used such as in-app experiences, when users start and stop the application and what application features are being used.

c) Security
We use the IP-addresses to detect threats, both proactively and retroactively.

d) Data subject requests
Finally, we also process relevant personal data in connection with possible data subject requests in accordance with Chapter III in the GDPR. This might entail processing personal data to identify and/or authenticate the data subject making the request.

The recipients or categories of recipients of the personal data
Recipients of personal data might include but is not in all cases limited to IT service providers (data processors), public authorities (to the extent we are obligated) and support staff in subsidiaries.

The details of transfers of the personal data to any third countries or international organizations
We transfer personal data to third countries outside EU/EEA that the EU Commission has determined has an adequate level of data protection. In cases of transfer to third countries that do not have an adequate level of data protection we use the EU approved standard contractual clauses to ensure an adequate level of data protection. By request we will provide you with a copy.

The retention periods for the personal data
When a user or company requests an account deletion by contacting us at, a deletion and anonymization process is activated.

The process includes assessing if we are obligated to store some or all the personal data for a longer period of time according to the GDPR and the applicable local, state or federal laws. If we are not obligated to store the personal data and we have no other lawful grounds for further processing, we delete or anonymize the personal data. If the user is inactive for 24 months, the deletion and anonymization process is activated.

The source of the personal data
The personal data have been obtained during the onboarding process in the system and your continued use.

The details of whether individuals are under a statutory or contractual obligation to provide the personal data
If you do not wish to provide us with the personal data, we need to fulfil the purposes, we are not able to provide you with the full services or functions of the system.

The details of the existence of automated decision-making, including profiling
We do not base any automated decision-making, including profiling, referred to in Article 22(1) and (4) of the General Data Protection Regulation on personal data from users. Thus, no decision is based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects concerning the user.

The rights available to individuals in respect of the processing
As we are bound by the GDPR due to our location you have the following rights:

  • Your right of withdrawal of consent – as the processing is not based on your consent this right is not relevant regarding ClickLearn Studio.
  • Your right of access - You have the right to ask us for copies of your personal information.
  • Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the information you gave us to another organization, or to you, in certain circumstances.
  • Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.

The rights are limited in scope and application. Moreover, the rights are applied on a case-by-case basis to each data subject request.

You are not required to pay any charge for exercising your rights.

If you make a request, we must provide information on action taken without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. In that case, we will inform of any such extension within one month of receipt of the request, together with the reasons for the delay.

Please contact us if you wish to make a request. When you make the request, please specify your request as best you can. This will help us process your request more quickly.

The right to lodge a complaint with a supervisory authority
You can lodge a complaint with your local Supervisory Authority in the EU by going to the website of the European Data Protection Board and find the contact information.

If you live outside the EU, please contact the Danish Data Protection Agency:

Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
Tel. +45 33 1932 00

The name and contact details of the organization (data controller)
As ClickLearn is the data processor for the customer (your employer) ClickLearn is not the data controller. However, ClickLearn have entered into a data processing agreement with the customer. In line with the terms of the data processing agreement we are to some extent obligated to assist the data controller regarding data subject rights. Consequently, you can contact us directly and we will within the boundaries of our obligations assist you through the customer.

Alternatively, you can contact customer (your employer) directly and they will handle the request in coordination with us.

CLICKLEARN ApS | Sjæleboderne 2, 1. th. | 1122 Copenhagen K | Business registration number: 33075731| Tel. +45 88 77 47 35|

We may change the privacy notice from time to time including if we change the purpose of the processing. If we do, we will inform you in the service or via e-mail. The applicable privacy notice will always be available in the service.