Privacy Policy

Data controller

We are the data controller for the processing of personal data that we process about our customers and business partners. You will find our contact details below.

DanTaet A/S
Højmevej 36-38
5250 Odense SV

CVR no.: 10701309

Our company is not required to have an external DPO, but if you have any questions about the processing of your personal data, you can contact us via dantaet@dantaet.dk.

Treatment activities

As data controller cf. GDPR, we have the following processing activities.

Visiting the website

When you visit our website, if you consent, we use cookies to enable the website to function properly.

Communication with potential customers

When you have questions about our site, or want to know more about our services, you can contact us via:

• Contact form
• Email
• Phone

In doing so, we will process your personal data so that we can engage in a dialog with you, for example to answer questions about our services. We only process the information you provide to us in connection with our communications.

We will typically process the following general information: name, email, phone number.

Our legal basis for processing these personal data is Article 6(1)(f) of the Data Protection Regulation.

Customers

We need to communicate with our customers to ensure that the service is delivered correctly. Through this, we may process information about name, address, services, special agreements, payment information and the like.

The ground for processing these personal data is Article 6(1)(b) of the Data Protection Regulation.

Bookkeeping

We must keep all accounting records according to the accounting law. This means that we store invoices and similar documents for accounting purposes. This may include general personal data such as name, address, service description.

Our legal basis for processing personal data for accounting purposes is Article 6(1)(a) of the Data Protection Regulation.

We keep this information for a minimum of 5 years after the end of the current financial year.

Job applications

We welcome job applications to assess whether they match a recruitment need in our company.

If you send your job application to us, our legal basis for processing your personal data is Article 6(1)(f) of the General Data Protection Regulation.

If you have sent an unsolicited application, we will immediately assess whether your application is relevant and then delete your data again if there is no match.

If you have submitted an application for an advertised job, we will dispose of your application in case you are not hired and immediately after the right candidate has been found for the job.

If you are part of a recruitment process and/or are hired for the job, we will provide you with separate information on how we process your personal data in this context.

Data processors

Few can do everything themselves, and so can we. We therefore have partners and use suppliers, some of whom may be data processors.

External suppliers may, for example, provide systems to organise our work, services, advice, IT hosting or marketing.

• Deloitte
• Net site

It is our responsibility to ensure that your personal data is processed properly. That’s why we set high standards for our partners, and our partners must guarantee that your personal data is protected.

We therefore enter into agreements to this effect with companies (data processors) that handle personal data on our behalf in order to enhance the security of your personal data.

Disclosure of personal data

We will only disclose your personal data to third parties when this is necessary to provide the chosen service.

Profiling and automated decisions

We do not make profiling or automated decisions.

Transfers from third countries

We generally use data processors in the EU/EEA or who store data in the EU/EEA.

In some cases this is not possible and data processors outside the EU/EEA may be used if they can provide adequate protection for your personal data.

Security of treatment

We keep the processing of personal data secure by putting in place appropriate technical and organizational measures.

We have carried out risk assessments of our processing of personal data and have subsequently put in place appropriate technical and organizational measures to enhance the security of processing.

One of our key measures is to keep our employees up to date on GDPR through ongoing awareness training, GDPR training courses, as well as by reviewing our GDPR procedures with employees.

Rights of data subjects

You have a number of rights under the GDPR in relation to our processing of information about you.

If you want to exercise your rights, please contact us so that we can help you with this.

Right to see data (right of access)

You have the right to access the data we process about you, as well as a range of additional information.

Right of rectification (correction)

You have the right to have inaccurate information about yourself corrected.

Right to erasure

In exceptional cases, you have the right to have information about you deleted before the time of our general deletion occurs.

Right to restriction of processing

In certain cases, you have the right to restrict the processing of your personal data. If you have a right to restrict processing, we may only process the data in the future – apart from storage – with your consent, or for the establishment, exercise or defence of legal claims, or to protect an individual or important public interests.

Right to object

In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing purposes.

Right to transmit data (data portability)

In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have those personal data transferred from one controller to another without hindrance.

You can read more about your rights in the Data Protection Authority’s guide to data subjects’ rights, which can be found at www.datatilsynet.dk.

Withdrawal of consent

When our processing of your personal data is based on your consent, you have the right to withdraw your consent.

Complaint to the Data Protection Authority

You have the right to lodge a complaint with the Data Protection Authority if you are unhappy with the way we process your personal data. You can find the contact details of the Data Protection Authority at www.datatilsynet.dk.