Privacy policy

Privatlivspolitik

Datenschutzrichtlinie

Política de privacidad

Integritetspolicy

Code of Conduct
Code of Conduct
Code of Conduct
Code of Conduct
Code of Conduct

Legal

Coach Website Terms of Use
Lenus Academy Terms of Use
Imprint
Virksomhedsoplysninger
Impressum
Información de la empresa
Företagsinformation
Privacy Policy
Privatlivspolitik
Datenschutzrichtlinie
Política de privacidad
Integritetspolicy
Responsible Disclosure
Terms & Conditions
Terms & Conditions
Terms & Conditions
Terms & Conditions
Terms & Conditions

1. Introduction

In this privacy policy, you can learn more about how Lenus eHealth ApS and affiliated companies Lenus eHealth Inc., LPS eHealth Software AB, LPS eHealth Software GmbH and LPS eHealth Software Limited (collectively "Lenus", "we", "us", "our") process your personal data.

This policy applies to the Lenus application, the Zenfit application, and the Zenfit - for clients application, made available through the Apple App Store and the Google Play Store, the Lenus website located at https://lenusehealth.com/, and the Zenfit website located at https://www.zenfit.io/.

For our privacy notice to California residents, please see point 14. 

2. Data Controller

The Lenus entity acting as controller may vary depending on the purpose of the processing. Below, you can find information on the processing of your personal data in the following situations: 

  • when you visit our website or use our app (cookies and similar tracking technologies),
  • when you communicate with us,
  • when you visit our social media platforms,
  • when you partner up with us (coaches), 
  • when you are or represent a supplier, vendor or other third party, and 
  • when you apply for a job with us.

Below, you can read more about the various purposes of our processing of your personal data in the different situations. You can also see which data we process, what the legal basis for our processing is, for how long we store the personal data and who we share it with. 

Further, in the section Your rights etc. you can read about your rights and how to contact us.

To read about how your coach (who has partnered up with us) processes your personal data, please have a look at the coach's website or contact them.

3. When you visit our website or use our app 

  1. When you visit our website or use the Lenus app, we use cookies and similar tracking technologies to collect data about your visits and use, including:
  • Internet Protocol (IP) addresses,
  • device or mobile IDs and/or device model and type,
  • app profile username and password,
  • browser information, operating system information, and/or language preferences,
  • the location and the preceding and succeeding websites you have visited, including which pages/part/icons on the website you interacted with,
  • applications you click on and how often, and
  • the pages of our website you visit, and how long you spend on each page.

Further, we may conduct surveys in our app to gain feedback on certain app features or app functionality. 

The above data may contain personal data. The controller is Lenus eHealth ApS. We collect the data on your use of our services in order to ensure a stable, secure and user-friendly experience on our website and in our app, as well as to keep statistics about our website visitors and app users. In some cases, data is processed in order to target marketing based on the web browser or in-app behaviour. 

Lastly, as a client to one of our coaches, our app enable you to: 

  • record a fitness activity, for example a run. You must first allow the app to access your location. Then the app will access your location data from the moment you start recording the activity until the moment you stop the recording. To ensure that your full activity is recorded, we need to continue to access the location data if the app is in the background during the activity. You can remove the permission at any time by adjusting your device settings. This processing will enable a history of your fitness activities, including (where eligible) duration, distance, speed, activity type and heart rate, as well as an overview of your fitness progression. 
  • import your history of fitness activities from Apple Health or Google Fit. You must first allow the app to access your data from these sources. You can remove the permission at any time by adjusting your app settings.
  • join a group chat moderated by the coach, where their participating clients may ask questions, talk about their fitness progress, share ideas and more. The coach must first invite you to join a group, and you must actively accept the invite before you can view and participate in the group. When you have accepted the invite, your profile picture, name and any content you post becomes visible to other group members. You can leave the group at any time. Your contributions in the group must follow the Acceptable Use Restrictions articulated in your coach's Terms of Use.

Please be aware that Lenus is merely the data processor for the above location-based data and social group functionality. Therefore, please refer to your coach as the data controller for more information. 

The legal bases for our processing are:

  • for necessary (technical) cookies and similar technologies: Article 6(1)(f) of the GDPR, as we are pursuing our legitimate interest in ensuring functionality and security of our website, and 
  • for other cookies and similar technologies: Article 6(1)(a) of the GDPR, as you have given your consent, e.g. to targeted marketing.
  1. Personal data contained in cookies will be deleted in accordance with the lifetime/period for each specific cookie. We disclose information to any third-party service providers that you have allowed to place cookies when you use the website, and we share your information with our group companies. 
  2. You can read more about our cookies and other similar tracking technologies, including their lifetime and disclosure to third parties, in our Cookie Policy using the cookies widget in the lower left corner of your browser.

4. When you communicate with us

  1. When you, as a coach or client to a coach, communicate with us directly (e.g., via email, the contact form on our website or with the Lenus support team through our app) your communication will contain personal data, e.g., your contact details (including name and email address) and other personal data you may provide us with. The controller is Lenus eHealth ApS or the entity you have contacted.
  2. We process these personal data for the purpose of managing and answering your inquiries. The legal basis for the processing is article 6(1)(f) of the GDPR, as we are pursuing our legitimate interests in managing general inquiries. 
  3. Personal data pertaining to our general communication with you (such as email inquiries) will be deleted 5 years after the end of the financial year where your last inquiry has been handled/concluded. If your communication pertains to an order, personal data will generally also be deleted 5 years after the end of the financial year in which the order was placed. In specific situations, we may defer from our general retention periods (in case of e.g. complaints, objections or other specific situations).
  4. Please note that when you, as a coach, use the contact form on our website to get in contact with us, we may disclose your contact details to our affiliated company Zenfit ApS if we deem their services to be a better fit for you. They will then contact you to introduce you to their services. You may find their privacy policy here
  5. We disclose personal data included in our account records to the relevant public authorities, including the tax and customs authorities, in connection with our statutory bookkeeping etc. We also make your personal data available to our processors who e.g. host, develop and support our IT systems, and we share your information with our group companies.
  6. Please see below regarding transfer of your personal data to third countries

5. When you visit our social media platforms 

  1. If you, as a coach or client to a coach, visit our pages at Facebook, Instagram or LinkedIn, we may process the personal data that you make available to us via the pages, including your reactions on content, likes and comments, and any sharing of our content etc. The controller is Lenus eHealth ApS.
  2. We process these personal data for the purpose of managing our social media platforms and communicating with our followers through these platforms. The legal basis for the processing is article 6(1)(f) of the GDPR, as we are pursuing the above-mentioned legitimate interests. Your personal data is deleted in accordance with applicable data protection policies in place to the relevant social media platforms (see the links below).
  3. Please note that when using our social media platforms, the provider (such as e.g., Facebook) will also process your personal data for its own purposes, including for targeted marketing purposes. You may find further information on the processing activities in the relevant privacy notices: 

6. When you partner up with us (only for coaches)

  1. When you partner up with us as a coach, we process your personal data, including your name and contact details, such as your email, phone number, address, your social media information, as well as your billing information, and any other information you provide us. The purpose of the processing is to manage our partnership with you. The controller is the Lenus entity you have entered the partnership agreement with.
  2. The legal basis for our processing of your name and contact details, as well as your banking details, is article 6(1)(b) of the GDPR, as the processing is necessary in order for us to fulfil our end of our partnership agreement.
  3. Further, we are obligated to store bookkeeping information, including information related to payments/transactions in accordance with the bookkeeping legislation. Based on the GDPR, our legal basis in that regard is article 6(1)(c).
  4. The legal basis for our processing of your social media information and other information you provide us is article 6(1)(f) of the GDPR, as we are pursuing our legitimate interests in tailoring our partnership to you.
  5. As a starting point, we will delete your personal data 5 years after the end of the financial year where our partnership has ended. In specific situations, we may defer from our general retention periods (in case of e.g., complaints, objections or other specific situations).
  6. We disclose personal data included in our account records to the relevant public authorities, including the tax and customs authorities, in connection with our statutory bookkeeping etc. Further, we disclose your personal data to our service providers and to our processors who e.g. host, develop and support our IT systems, and we share your information with our group companies.
  7. Please see below regarding transfer of your personal data to third countries.

7. When you use our Lenus App (only for clients)

  1. When you download and use our app as part of your programme with a coach, we process your personal data, which includes statistical data such as your age, gender and measurements (e.g. height/weight) and any other information you provide in the app. The purpose of this processing is to aggregate data to be able to create unique insights and to continuously improve the product for the benefit of coaches and clients alike. The controller is Lenus eHealth ApS.
  2. The legal basis for our processing of information you provide us through the app is article 6(1)(f) of the GDPR, as we are pursuing our legitimate interests in being able to share aggregated generic data with e.g. research institutes.  
  3. Further, we may also, in very rare events, observe the communication that has taken place between you and your coach in our app, if we are reasonably suspicious that a coach is conducting malpractice, fraud or not complying with Lenus’ code of conduct. The purpose for this monitoring is to be able to raise a legal claim against a coach or to protect you from malpractice. Based on the GDPR, our legal basis in this regard is article 6(1)(f). 
  4. We will delete or anonymize your personal data in accordance with the data retention policy employed by your coach. 
  5. Lenus may send aggregated and anonymized generic data to third parties for research, business or other purposes. Further, Lenus may send personal data to third-party software providers who process data on our behalf.

8. When you participate in surveys and questionnaires (only for coaches)

  1. During your partnership with Lenus, we will send you invitations to participate in various surveys and questionnaires. For this purpose, we process your personal data, including your name and contact details, such as your email, phone number, address and other relevant information necessary for the specific survey in question. The purpose of the processing is to gain insights into our app or service offerings. The controller is Lenus eHealth ApS.
  2. The legal basis for our processing of your responses to our surveys and questionnaires is article 6(1)(f) of the GDPR, as we are pursuing our legitimate interests in continuously improving our product.
  3. In addition to the above, Lenus may also send invitations to participate in mental health surveys.  For this purpose, we process your personal data which can include health information. The purpose of the processing is to gain insights into the stress levels and mental health of online coaches using our platform. Lenus greatly cares about the health - including mental health - of our partner coaches, and we want to ensure that our product is continuously developed in a sustainable way to ensure that our partner coaches are happy, healthy and free of stress. The controller is Lenus eHealth ApS.
  4. The legal basis for our processing of your responses to our mental health surveys and questionnaires is article 6(1)(a) of the GDPR, as we will always collect your consent prior to processing any health information. Be aware that you can recall your consent at any time by reaching out to us at privacy@lenus.io.
  5. We will delete (or anonymize) your personal data 5 years after the end of the financial year where our partnership has ended. In specific situations, we may defer from our general retention periods (in case of e.g., complaints, objections or other specific situations).
  6. We disclose information only to any third-party service providers (marketing/survey automation platforms), and we share your information with only the relevant people in our group companies. 
  7. Please see below regarding transfer of your personal data to third countries.

9. When you are or represent a supplier, vendor or other third party

  1. When you communicate with us (e.g., via email) as or on behalf of supplier, vendor or another third party, your communication may often contain personal data, e.g. your contact details (including name and email address), association with a certain company or other personal data you may provide us with. We may also receive such personal data from a third party, such as your employer. 
  2. We process these personal data for the purpose of managing and answering your inquiries and orders and to communicate with you/the company you represent. 
  3. The legal basis for the processing is article 6(1)(f) of the GDPR, as we are pursuing our legitimate interests in managing general inquiries and fulfilling any agreement, we may have concluded with the company you represent. 
  4. Personal data pertaining to our communication with you will generally be deleted 5 years after the end of the financial year in which our last contact with the business you represent took place.
  5. We disclose personal data included in our account records to the relevant public authorities, including in connection with our statutory bookkeeping etc. We may also disclose your personal data to our relevant business partners, including external advisors. Finally, we make your personal data available to our processors who e.g., host, develop and support our IT systems, and we share your information with our group companies. 
  6. Please see below regarding transfer of your personal data to third countries.

10. When you apply for a job with us

  1. When you apply for a job with one of our European-based companies, we process your personal data in different situations, which you can read more about below. The controller is Lenus eHealth ApS.

10.2. Receipt of applications etc. 

  1. When we receive your application, we will read it and select the persons who we will call for an interview. The selection is based on your qualifications in relation to the specific position(s). You will be called for the interview by email or telephone.
  2. As part of the recruitment process, we will receive and process the personal data that you have included in your application, CV and any other material that you may have forwarded along with your application. We may also ask you to send us additional information. The information obtained in this connection will include information about your previous employments, including information relating to work assignments, skills and performance, and information about your personal appearance and interpersonal skills. We will also obtain other information about you if we consider such information to be necessary for the assessment of your application.
  3. The legal basis for processing the personal data is article 6(1)(f) of the GDPR as we pursue the legitimate interest in the processing of the personal data being necessary for our assessment of you as a person and your skills in relation to the contents of the position. 
  4. Further, our processing of data that you make available to us on your own initiative is deemed to be performed on the basis of your consent (in accordance with the relevant consent provisions of the GDPR and/or national data protection laws).

10.3. Social media

  1. If relevant, we will obtain available information published by you on social media, such as LinkedIn and Facebook.
  2. The legal basis for processing the personal data published by you is article 6(1)(f) of the GDPR as we pursue the legitimate interest in the processing of the personal data being necessary for our assessment of you as a person in relation to the contents of the position.

10.4. References

  1. If we wish to obtain information about you from your current or former employer using your references, we will first ask for your consent. Unless you are otherwise specifically notified by us, the information we obtain in that connection will include the following categories: Information about your previous employments, including information relating to work assignments, skills and performance, your personal appearance and interpersonal skills, and the reason for not being or no longer wanting to be employed by the employer in question.
  2. The legal basis is the consent you give for the purpose of using your references, in accordance with article 6(1)(a) of the GDPR.

10.5. Use of personality and competency tests

  1. During the recruitment process relating to some positions, we may use a personality test and/or a competency test. Typically, the tests are taken after our first interview with you. The purpose of the tests is to identify your personal preferences and skills, forming a basis for a dialogue with you about your personal resources and conduct. The tests will be part of the overall basis for selecting the right candidate for the position.
  2. The legal basis for processing the personal data is article 6(1)(f) of the GDPR as we pursue the legitimate interest in the processing of the personal data being necessary for our assessment of your personal skills based on the tests.

10.6. Criminal record

  1. During the recruitment process, we may ask you to show your criminal record certificate. Whether a criminal record certificate is required depends on the position, including the responsibilities and powers involved. If we consider it to be relevant to the position for which you have applied, we will ask you to request a personal criminal record certificate.
  2. Please note that no processing of personal data takes place regarding criminal records, as you will in any case only be asked to show us a physical copy of the criminal record certificate (and you are thus not asked to send us a copy via email or otherwise provide us with a copy for us to keep).

10.7. Job interviews

  1. If you progress in the recruitment process, we will conduct interviews where we will focus on your professional and personal skills as well as the challenges etc. of the job. We will write down some of the information disclosed during the interview(s). We only use the relevant information in the assessment of whether you should be offered a position.
  2. The legal basis for processing the personal data is article 6(1)(f) of the GDPR as we pursue the legitimate interest in the processing of the personal data being necessary for our assessment of you as a person and your skills in relation to the contents of the position.

10.8. Drafting of employment agreement

  1. If we offer you a position, we will process the personal data necessary for staff administration purposes. In that case, you will receive further information on this.
  2. The legal basis for processing the general personal data stated in the application documents may (also) be 6(1)(b) of the GDPR as it may be necessary to process the personal data in question for the purpose of drafting an employment agreement, if relevant.

10.9. Recipients of your personal data

  1. Certain data will be made available to our processors, for example our IT system providers etc., and if relevant, we share your information with our group companies.
  2. Please see below regarding transfer of your personal data to third countries.

10.10. Storage of your personal data

  1. We will store your personal data for the period necessary for us to fulfil the purposes for which they were collected. For that reason, we have established a maximum time limit of 12 months for the storage of job applications. As a general rule, we erase or anonymise your personal data according to this time limit unless it is necessary that we continue to store them, e.g. for the purpose of particular cases or the like.
  2. If we employ you, the personal data that we have processed during the recruitment process will, if relevant, be stored in your personnel file in accordance with the applicable retention periods of your employment. In that case, you will be further notified of the processing of your personal data. 

10.11. Mandatory processing of personal data

  1. Under the data protection rules, you are entitled to be informed of whether the provision of personal data is a statutory requirement, or a requirement necessary to enter into a contract, and of whether you are obligated to provide the personal data and of the possible consequences of failure to provide such data.
  2. It should be noted in that respect that under certain national legislations, including the Danish Health Information Act (helbredsoplysningsloven), an employee must state of its own motion or at the employer's request to that effect whether the employee knows that (s)he suffers from an illness or shows symptoms of an illness which will significantly affect the employee's ability to carry out the work in question.
  3. Further, as a potential future employee, you are subject to the general duty of transfer which means that you must not knowingly withhold information that may be relevant to your opportunity for being employed.
  4. Moreover, it should be noted that if you are offered a position, we will use certain personal data about you to draft your employment agreement, including your name and address.
  5. If you do not wish to provide the information that you are required to provide under the provisions of the Danish Health Information Act or similar legislation and/or according to your duty of transfer or the information necessary for drafting an employment agreement, or any other information which we are required to collect from you by law, we will be unable to offer you a position.

11. Transfer of your personal data to third countries

  1. We transfer your personal data to countries outside the EU and EEA, when making data available to our processors and group companies, including to the      UK and the US. Further, we also transfer your personal data to the UK and the US when we share personal data with our group companies in the UK and the US. 
  2. The bases for such transfers are
  • for all third countries other than UK: the Commission Decision of 4 June 2021 on standard contractual clauses for the transfer of personal data of third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, and
  • for the UK: an EU Commission adequacy decision based on article 45 of the GDPR.  
  1. If you want additional information about our transfer of personal data outside the EU and EEA, including a copy of the relevant security measures, etc., you can make a request for such additional information by contacting us (see contact information below). 

12. Your rights etc.

  1. You have special rights to help you control your personal data, and we wish to make it easy for you to exercise those rights:
  2. Right to withdraw consent 

Where you have given your consent for our processing of your personal data, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us, see below under "Contact". 

If you wish to unsubscribe to our newsletters, you can also withdraw your consent by unsubscribing in the emails you receive from us.

If you withdraw your consent, the withdrawal will not affect the lawfulness of processing that has already been carried out based on your consent. 

  1. Right of access

You have the right to have confirmed whether we collect or process your personal data, and, if so, you have the right to request a copy of your personal data in a digital format.

  1. Right of rectification

You have the right to require that we correct any inaccurate personal data concerning you, and that we complete incomplete personal data.

  1. Right of erasure

In certain circumstances, you have the right to request that we erase personal data concerning you; for example, if it is no longer necessary for the purposes for which it was originally collected.

  1. Right to restrict processing

In certain circumstances, you have the right to request that we restrict the processing of your personal data, e.g., if you believe that the personal data is not accurate or lawfully processed.

  1. Right to object to the processing

In certain circumstances, you have the right to request that we stop processing your personal data.

  1. Right to data portability

In certain circumstances, you have the right to receive the personal data you have provided us with in a structured, commonly used, machine readable format, and the right to have us transmit the data to another entity, where technically feasible.

  1. Complaint to a supervisory authority 
  1. If you want to lodge a complaint with a supervisory authority about our processing of your personal data, you can do so by contacting the Danish Data Protection Agency via their website, File a complaint (datatilsynet.dk)
  2. You may also contact your local regulator (outside Denmark) to receive guidance on how to file a complaint, see: Our Members | European Data Protection Board (europa.eu).
  3. Further, if you are a resident in the United Kingdom, detailed information on the full content of your rights (and any conditions that may apply) is provided by the United Kingdom’s Information Commissioner’s Office and is available on their website: https://ico.org.uk/your-data-matters.
  4. You can read more about your rights in the Danish Data Protection Agency's guidelines on data subjects' rights, which is available at www.datatilsynet.dk (in Danish). Please contact us if you wish to exercise your rights. The relevant contact details are stated below.

13. Contact 

Your can contact our headquarters at

Lenus eHealth ApS
CVR no. 38 16 84 95
Rued Langgaards Vej 8
2300 Copenhagen S
Denmark

Please check our other locations on our website for an overview of the other Lenus companies.

You can always reach us at email: privacy@lenus.io 

14. Privacy Notice to California Residents

If you are a consumer located in California, we process your personal information in accordance with the California Consumer Privacy Act (CCPA). This section provides additional details about the personal information we collect and use for purposes of CCPA.

The sections above describe the personal information we may have collected about you within the last twelve (12) months, including the categories of sources of that information. We collect this information for the purposes of, as well as disclose it, as described in the above sections.

Your CCPA Rights and Choices. As a California consumer and subject to certain limitations under the CCPA, you have choices regarding our use and disclosure of your personal information:

  • Exercising the right to know: You may request the following information about the personal information we have collected about you (see above under Your Rights Etc.):
  • the categories and specific pieces of personal information we have collected about you;
  • the categories of sources from which we collected the personal information;
  • the business or commercial purpose for which we collected the personal information;
  • the categories of third parties with whom we shared the personal Information; and
  • the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.
  • Exercising the right to delete: You may request that we delete the personal information we have collected from you, subject to certain limitations under applicable law.
  • Exercising the right to opt-out from a sale: You may request to opt out of any “sale” of your personal information that may take place. We do not use, share, rent or sell the personal information of our customers for interest-based advertising. We do not sell or rent the personal information of our customers or our site visitors.
  • Non-discrimination: The CCPA provides that you may not be discriminated against for exercising these rights.
PlatformPlatformPlattformPlataformaPlattformTestimonialsUdtalelserTestimonialsTestimoniosUtlåtandenAcademyCareersKarriererKarriereCarrerasKarriärerAboutOm osÜber unsVisiónOm ossContactKontaktKontaktContactoKontakt
NewsroomCookie PreferencesCookie præferencerCookie EinstellungenPreferencias de cookiesCookie-preferenserCode of ConductLegalcontact@lenus.iopress@lenus.io
© Lenus YEAR. Rued Langgaards Vej 8, 2300 Copenhagen VAT DK38168495.
★★★★★ 4.8 · 350+ Ratings
★★★★★ 4.8 · 350+ Vurderinger
★★★★★ 4.8 · 350+ Bewertungen
★★★★★ 4.8 · Más de 350 valoraciones
★★★★★ 4.8 · 350+ Betyg