PROTECTION OF PERSONAL DATA
Data protection has highest priority for our office, and we wish sincerity and transparency about how we process your personal data. Therefore, we have produced a data protection policy and at this point, we would like to inform you about how we process and protect your personal data.
Why do we use your personal data?
We use your personal data to perform our obligations according to legal requirements of the legislation, court orders and authority resolutions. This includes the use of your personal data for collection and verification of accounting data in compliance with accounting regulations.
What types of personal information do we use?
We use below mentioned categories of personal data:
What legal right do we have to use your personal information?
- Customer No.
- Order No.
- Postal address
- E-mail address
- Amount of transaction
- Date of transaction
It is necessary for us to use your personal information to fulfill our legal obligations.
How long do we keep your data?
We keep your data in accordance with the Danish Accounting Act. After that, we delete or anonymize all data in such a way that the data can no longer identify you.
Who is responsible for your personal data?
The provider is responsible for the personal data you provide and is responsible for the personal data in accordance with the applicable Data Protection Act.
Where do we store your data?
The data we collect about you is stored in Denmark, more specifically at Bright Systems Danish hosting centers and the providers own server. Such transfer of your personal data is performed in accordance with applicable law.
Who has access to your data?
Only trusted staff of the provider has access to your data. The provider acts as data manager for your personal data and uses the personal data on own behalf. However, the provider uses multiple data providers to ensure delivery of the desired products and services to our customers. We never distribute, sell or exchange your personal data to third parties for marketing outside the provider. Personal data disclosed to third parties is used only to service you. Below you can find named processes and belonging categories of third parties:
What are your rights?
The right of access:
- Payment card transactions: DIBS or QuickPay
- Booking transactions: Bright Systems
You are entitled at any time to know what personal data we have registered about you. Contact the provider and we will send your personal information by email.
The right of correct data:
You are entitled at any time to request that your personal data must be corrected if incorrect, including the right to make incomplete data sufficient.
The right to delete data:
You are entitled at any time to request that your personal data, which we use, must be deleted, except in the following situations:
Your right to object to the processing and use based on legitimate interests:
- You have an unresolved case with us.
- You have an on-going order, which is not completed.
- You have a financial balance with the provider, no matter the payment method.
- You are under suspicion of having or had misused our services within the last four years.
- Your debt has been resold to third parties within the last three years or within one year for deceased clients.
- When you have made a purchase, we keep your personal data in connection with your transaction in compliance with accounting regulations.
You are entitled to object to the processing and use of your personal data, based on the provider’s legitimate interests. The provider does not continue to use your personal data, unless we on ground of facts can prove its use, which overrides your wishes and rights and/or based on legal requirements.
Your right to object to direct marketing:
You are entitled at any time to object to direct marketing, including profiling analysis for direct marketing purposes, by contacting the provider directly.
The right to limited use:
How to exercise your rights?
- You are entitled at any time to request for limited use of your personal data by the provider in the following circumstances:
- If you take exception to use, based on the provider’s legitimate interests, the provider is obliged to limit all use of data in question, while examine whether our legitimate interests are ahead of yours.
- If you believe that your personal data is incorrect, the provider is obliged to limit all use of the data in question, while accuracy of these personal data is being examined.
- If the process is unlawful, you are entitled to oppose deletion of your personal data, and request for limited use of your personal data instead.
- If the provider no longer needs your personal data, but it is required to be able to make a legal claim.
We take data protection very seriously; therefore, you can always contact the provider with inquiries.
The right to appeal to a supervisory authority:
If you believe that the provider is processing your personal data incorrectly, contact Bright Systems at firstname.lastname@example.org. You also have the opportunity to appeal to Datatilsynet.