INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA AT DANGAARD GROUP A/S

GENERAL
 
We prioritise the security of personal data highly and process data according to our internal security procedures and the statutory requirements in force from time to time, including the General Data Protection Regulation (Regulation (EU) 2016/679) and the Data Protection Act (Act No. 502 of 23 May 2018).
 
DATA CONTROLLER AND CONTACT INFORMATION
 
Dangaard Group A/S is the data controller for the processing of the personal data which we obtain from you. If you have any questions or comments or if you would like to exercise your rights as described in detail below, please contact us via the following contact information:
 
Dangaard Group A/S
Industrivej 1
6330 Padborg, Denmark  
Telephone +45 7230 3400
Mail: dangaard@dangaard.com 
 
THE PURPOSE OF OUR PROCESSING OF PERSONAL DATA
 
Personal data is any type of information which can be used to identify a person such as name, address, email and the like. In order to run our business, we have a natural need to process a number of personal data about you as a customer. Without these basic data, we would not be able to serve you. As part of our business, we therefore request selected personal data from you when you wish to place an order or to receive our newsletter.
Whether you wish to provide us with the data requested is up to you. However, please note that we may not be able to serve you if we do not receive the personal data requested.
We only obtain the data we deem necessary for each customer. Our processing of personal data is for the following purposes: 
- Placing an order for products
- General customer service and any administration of your user profile
- Sending newsletters, offers and other marketing material if you have given your active consent
- Operations and optimisation of our webshop
- Statistical purposes (in depersonalised form)
- Our observance of the statutory requirements in force from time to time, including regarding accounting
THE LEGAL BASIS FOR OUR PROCESSING OF PERSONAL DATA
 
We process your personal data when we have a legal basis to do so. This basis depends on the specific context in which we process the data. This may be in one or more of the following instances:
- Necessary processing in order to implement measures in connection with your placing of an order according to Article 6.1. of the Personal Data Protection Regulation. (b)
- We must observe a legal obligation according to Article 6.1. of the Personal Data Protection Regulation, (c) among other things because of the bookkeeping legislation and the marketing legislation. 
- We pursue our legitimate interests in being able to manage your data according to Article 6.1. of the Personal Data Protection Regulation. (f). 
 
We wish to serve our customers the best way possible. In those regards, it is necessary that you give us accurate and updated data and continuously notify us in case of changes to your personal data. 
 
CATEGORIES AND OBTAINING PERSONAL DATA
 
We only obtain the personal data which we deem necessary and relevant to each customer relationship, and we therefore process a number of various personal data, including:
 
Company name
First name
Surname
Email address
VAT number and/or CVR number
Address (invoicing and delivery addresses)
Website
Telephone number
Payment information
Order list
Favourite lists
Place of delivery
Special requests/comments 
 
We can obtain personal data about you from various sources. For example, we obtain data directly from you when you submit documents to us, obtain quotations from us, visit our website and the like. We can also obtain data about you from an external business partner. Furthermore, we can obtain and use data about you from credit rating agencies, public sources and registers, insurance companies etc. when we deem it necessary, among other things when we assess your creditworthiness or check the accuracy of your data. 
 
STORAGE OF PERSONAL DATA 
 
We store personal data as long as necessary to serve the purposes that form the reason for our gathering of data. This means that we generally store your personal data as long as you are our customer. 
 
Following your order or once you are no longer our customer, we will store certain personal data in a subsequent period depending on the specific customer relationship. Among other things, this is due to the legal obligations imposed on us, for example the Danish Bookkeeping Act (bogføringsloven), according to which we need to store certain data for at least five years after the cessation of the customer relationship. If the product is to be sent from our German warehouse, we have to store personal data for a longer period, for example according to German legislation (Handelsgesetzbuch and Abgabenordnung) according to which companies must store certain data for up to 10 years. Data will be deleted following the expiry of these deadlines unless it is necessary to store them longer and we have the legal authority to do so. 
 
If you have given your consent to receive emails with information about events, campaigns and competitions and emails with offers and other marketing from us and you delete your profile in the system or revoke your consent, we may store your consent for two years after that according to the Danish Marketing Practices Act (markedsføringsloven). 
 
DISCLOSURE OF PERSONAL DATA
 
In certain cases, we will disclose or hand over your personal data to external recipients, including to:
o Public bodies, for example the Danish tax authorities, the German Finanzamt or the like. 
o Carriers/forwarding agents who need the data to deliver the product. 
o External data processors within the EU regarding marketing, hosting and support of our IT systems. 
o Data processors who provide service to us regarding internal data processing to optimise our webshop and the like. 
o Auditors and other consultants. 
We only transfer personal data to external data processors with whom we have concluded a written data processing agreement and who may therefore only process your personal data according to our instructions and in compliance with the requirements of the General Data Protection Regulation. For that purpose, we use i.a. standard contracts approved by the Danish Data Protection Agency (Datatilsynet) to ensure sufficient protection of your personal data and rights.
When we share your personal data with external entities acting as independent data controllers, we also aim at ensuring that these data are only used for the purpose agreed and according to the requirements of the General Data Protection Regulation.
 
STATISTICS ETC. 
 
Your data may be used internally at Dangaard for statistical purposes and to assess the customers’ geographical location and other service-related measuring parameters. However, the results will always remain internal and will be kept confidential from third parties. 
 
However, we may use external data processors in those regards who - on our behalf and solely according to our instructions - refine, profile and correlate data, for example about your behaviour on our webshop. This can be used to profile your product interest to enable us to target our advertising.  
 
You may at all times object to our use of your data for statistics etc. after which we will cease our use and delete the data we have about you. 
 
COOKIES 
 
Use of Cookies are used to remember your settings and your shopping basket in the webshop. You may at all times choose to delete your data in your web browser settings. You can find a link to our cookie information at the bottom of our website.
 
YOUR RIGHTS 
 
You have a number of rights in connection with our processing of your personal data. If you wish to exercise those rights, please feel free to contact us. Your rights are stated in the General Data Protection Regulation and are as follows:
The right to see data (right of access)
You have the right of gaining access to the personal data we process about you, the purpose of the processing, where we obtained them and whom we may pass them on to. 
The right of rectification (correction)
You have the right to have incorrect data about you rectified. 
The right to erasure
In certain cases, you have the right to have data about you erased before our normal, general erasure. 
The right to restriction of processing
In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, we may only process future data - except for storage - with your consent or for the purpose of the establishment, exercise or defence of legal claims.
The right to object
In certain cases, you have the right to object to our processing of your personal data. 
The right to transmit data (data portability)
In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have your personal data transmitted from one data controller to another without hindrance.
More information about your rights is available here: www.datatilsynet.dk/media/6893/registreredes-rettigheder.pdf
 
RIGHT OF COMPLAINT
 
You have the right to lodge a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You may lodge your complaint at www.datatilsynet.dk/generelt-om-databeskyttelse/klage-til-datatilsynet/ or via the following contact information: 
 
The Danish Data Protection Agency 
Carl Jacobsens Vej 35
DK-2500 Valby
Email: dt@datatilsynet.dk
 
VERSION
 
The most recent update of this personal data policy was on 17 December 2020.