1. Important information
This is Monthio's privacy notice. Monthio ApS (“Monthio” or “we”) provides services that can help generate an overview of your personal finances (the “services”).
Monthio ApS is the data controller for the personal data processed in connection with the services. This means that we are responsible for the manner in which, and for what purposes, your personal data is processed.
When you use the services, we process your personal data according to this policy.You should be aware that our services are offered as part of a collaboration with lenders and other third parties which have their own personal data policies. Monthio's privacy notice only applies to the data for which Monthio is the data controller.
We follow applicable legislation, including, e.g., the General Data Protection Regulation (GDPR), the Danish Data Protection Act and the Danish Payments Act as well as the Danish Data Protection Authority's guidelines. This means, among other things, that your personal data is always treated confidentially and securely.
Monthio's legal name is Monthio ApS and our company is domiciled at the address Øster Allé 56, 2., 2100 Copenhagen Ø, Denmark.
Monthio is supervised by the Danish Financial Supervisory Authority and is licensed as an Account Information Service Provider (AISP).
With this policy, we want to explain how your personal data is collected and processed, so that you feel comfortable using our services.
If you have any questions, comments or wish to complain, please feel free to write to us at info@monthio.com or send us a letter to our address mentioned above.
You can also complain about our processing of your personal data to the Danish Data Protection Authority, www.datatilsynet.dk. The Danish Data Protection Authority is the public authority that oversees compliance with the rules in the GDPR and the Data Protection Act.
2. Sources of personal data
2.1 Disclosure via third parties
You may give us permission to retrieve your bank account information from your bank and you may give us consent to retrieve information from public registers.
2.2 Automated collection of technical data
When you use our services, we automatically collect some technical information, such as which device you use. For this purpose, we use cookies and similar technologies.
3. Types of personal data
3.1 Bank account information
Bank account information is the transaction data and other information about your accounts that we obtain from the accounts you have chosen to give us access to.
3.2 Personal registration information
Personal registration information is information obtained from the Central Personal Register (CPR) in Denmark on the basis of your CPR number.
3.3 Other public registers
Other public register information is information obtained from public registers such as the Land Registry System (Tingbogen) in Denmark, including Real Estate, the Personal Book, the Cooperative Housing Book and the Car Book.
3.4 Technical data
Technical information about how you access and use the services.
3.5 Sensitive personal data
Some of your payment data that we process may indirectly contain information of a sensitive nature, e.g., payments to political organisations, religious denominations, or similar. Such information will not be identifiable in the budget that we calculate on your behalf. It will instead be automatically grouped and displayed in a non-sensitive manner, e.g., payments of membership fees to a political organisation will be displayed as ‘payments to associations’. This ensures that your sensitive data is protected while still allowing us to provide you with an accurate budget.
4. Purpose types
4.1 Our provision of the services
Data processing necessary for us to provide the services, e.g., that we aggregate payments from your accounts into categories.
4.2 Other purposes, if you have given your consent
Data processing we have specifically asked for your permission to do, such as to share your financial overview with a creditor or another third party.
4.3 Provision of the services
Data processing that commercially supports us being able to provide the services and where it is not the case that your interests or fundamental rights are more important.
4.4 Legal obligations
Data processing necessary to comply with legal requirements we are subject to.
5. Basis types
5.1 Specific consent
When we have obtained authorisation for the data processing by obtaining your specific consent. You can always revoke a consent.
5.2 Legal obligation
When we are authorised to process the data because the processing is necessary to comply with legal requirements we are subject to.
5.3 Our legitimate interests
Data processing that commercially supports us being able to provide the services and where it is not the case that your interests or fundamental rights are more important.
6. Overview of our processing of your personal data
Purpose
Basis
Information
To provide the services to you
Specific consent
Bank account information
Personal registration information
Other public registers
To anonymise your data so that it can be used for statistical analyses
Our legitimate interests (after anonymisation, after which data cannot be attributed to you in any way, data can be used for statistical analyses. This allows us to make improvements to the services)
Bank account information
Cookies related to the services for technical functionality
We only use technically necessary cookies
See Monthio’s cookie policy
Cookies related to our website for technical functionality, statistics and marketing
Specific consent
See Monthio’s cookie policy
7. Other recipients of personal data
Where necessary for the technical operation of the services, we may pass on your personal data to companies that assist with this operation. These companies may only use the information where it is necessary for the operation, and where we have entered into data processing agreements that, among other things, ensures confidentiality and data security.
If you give us your specific consent, we can also pass on your personal data to other business partners, such as your lender.
Finally, we may pass on your personal data if we are legally obliged to do so, or it is necessary for us to defend ourselves against or enforce legal claims.
7.1 Joint applicants
If you are joint applicants, the main applicant will be granted access to certain information regarding the co-applicant’s personal finances, such as information related to income and expenses. This is because as joint applicants, the credit assessment must consider the financial situation of both of you in combination and thus one of you will need to view and edit the combined budget before you can share it with your potential lender.
8. Retention period
We only store your personal data for as long as is necessary to ensure correct forwarding to, and case processing with, your creditor or other third party (but no more than 3 months).
9. Information about your rights
According to the data protection regulation, you have a number of rights in relation to our processing of information about you. If you want to exercise your rights, please contact us.
Broadly described, these rights are as follows.
You have the right to know what personal data about you we are processing and, with certain exceptions, to obtain a copy of this data.
In a number of cases, you have the right to have the personal data about you that we process deleted, corrected or blocked.
You have the right to object to our processing of your personal data due to your particular situation.
You have the right to object to our processing of your personal data for the purpose of direct marketing, after which we will no longer process your personal data for that purpose.
You can read more about your rights in the Danish Data Protection Authority's guidance on the rights of data subjects, which you can find at www.datatilsynet.dk.
10. Confidentiality
We always treat your personal data confidentially and all employees are subject to confidentiality clauses in relation to personal data. Only selected employees have access to personal data and only when necessary to provide the services.
11. Withdrawal of consent
You can revoke the consents you may have given us at any time.
In accordance with the consent you give to Monthio, we will only process your data in connection with your use of the service in the specific process you are undertaking, e.g. an application process. We will then automatically delete your data.
Until you have completed Monthio's process, you can interrupt and activate the deletion of your data yourself. Use the delete function, which you will find in the menu during the process.
Revocation can also be done by interrupting the credit application or by contacting us as indicated in section 1.
12. Policy changes
We reserve the right to change this policy at any time and without prior notice. Changes are published on the Monthio website. Changes take effect upon publication on our website.
13. Cookies (web)
By using the services via a browser, you accept that we use technical cookies, which are necessary for the service to function technically as it should.
You can completely or partially delete and block cookies by using the functionality for this in your browser. If you block all types of cookies, including technical cookies, you will completely or partially lose the possibility to use the services.
When visiting our company's website, you have the option to accept additional cookies. Read more about this in our cookie policy.
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
For further details, please see the ‘about Hotjar’ section of
Hotjar’s support site.
