You are here: Home -> Privacy policy
Privacy Policy for DAV NORDIC A/S, CVR: 34 99 10 14
Regarding: Information on the processing of personal data
Version: 4
Updated by: Gitte Frimann
DAV Nordic A/S (CVR No.: 3499 1014) is responsible for the data we collect about you and ensures that your personal data is processed in accordance with the law.
We maintain high ethical standards and have established several internal procedures to ensure that your personal data is handled in the best possible way. In our privacy policy, you can read about:
If you have any questions or comments about our privacy policy – or would like to contact us in general, please feel free to get in touch. You can find contact information at the bottom of the document.
Personal data is any kind of information that can be used to identify a person, and it can include many things such as name, address, phone number, email address, etc. It can also be a picture or an IP address. If multiple pieces of personal data together can identify a person, they are considered personal data.
We can collect personal data about you in the following ways:
In the menu below, you can see what information we collect, why we do it, the legal basis, and what rights you have in connection with our processing of your information.
As a business customer, it is typically information about the company that is registered; however, we may register a contact person with a name, phone number, and email address.
The purpose is to process the order for the purchased goods/services and to manage the relationship with the company. For the registration and storage of contact information, we use the legal basis of balancing interests, cf. Article 6(1)(f) of the GDPR.
These details will be deleted or updated as soon as we become aware of changes. In addition, contact details may appear on invoices, etc., which will be kept for 5 accounting years in accordance with the Accounting Act.
In areas where it is indicated, video surveillance is installed.
The purpose is to prevent and investigate theft and fraud, and we use the legal basis of balancing interests, cf. Article 6(1)(f) of the GDPR.
The surveillance will be deleted after 30 days but may be stored for a longer period in relevant cases and disclosed to the police or other relevant authorities.
When you consent to direct electronic marketing, we process the data you provide in connection with giving your consent, typically name and email address.
The purpose of our processing of your personal data is to manage newsletter subscriptions and send newsletters and advertisements on Facebook, LinkedIn, Instagram, and Google with direct marketing based on given consent. We use the legal basis of Article 6(1)(a) of the GDPR.
If you no longer wish to receive direct marketing from us, you can withdraw your consent at any time by unsubscribing on our website or at the bottom of the newsletter. After unsubscribing, you will no longer receive newsletters from us; however, your personal data collected in connection with giving consent will be deleted only after 2 years, as we must be able to document your consent during this period.
Recipients of information and direct marketing on Facebook and Google
Your information is not sold to third parties for marketing other companies and their products, but it is shared with partners (marketing agencies, Facebook, Instagram, and Google) to increase the relevance of the newsletter content and perform direct marketing on Google, Facebook, and Instagram.
When you visit our social media (e.g., Facebook and Instagram), we process the information you have made available through your social media settings, your reactions and comments on our posts, and the sharing thereof. The various providers collect personal data in the form of your behavior on our pages on their platform and can combine this information with your profile, enabling the provider to identify you. In this context, the individual providers have independent or joint data responsibility with us, and we refer to their policies for the use of the platforms:
For the distribution and management of newsletters, we have partnered with Mailchimp and INTUIT, to whom we disclose your information. Mailchimp and INTUIT are data processors and may not use the information for other purposes. Mailchimp and INTUIT are established in the USA, and the necessary safeguards for transferring the information to the USA are ensured through the conclusion of EU standard contracts with Mailchimp and INTUIT, cf. Article 46(1)(c) of the GDPR. https://www.intuit.com/privacy/statement/
We use various technologies such as cookies and pixel tags.
Cookies are necessary for the website to function and collect information about IP address, technical information about your device, geographical location, and behavior on the website. Cookies also help us get an overview of your visit to the website so that we can continuously optimize and target the website to your needs and interests. For example, cookies remember what you have placed in the cart, whether you have visited the site before, and whether you are logged in. We also use cookies to target our ads to you on other websites. Overall, cookies are used as part of our service to display content that is as relevant to you as possible.
You can delete cookies at any time – see the instructions below. If you do not delete the information yourself, it will be deleted automatically. Note that if you delete or block cookies, ads may become less relevant to you and appear more frequently. You may also risk that the website does not function optimally and that there may be content you cannot access. Our legal basis for processing this information is balancing interests, cf. Article 6(1)(f) of the GDPR.
When you visit our social media, such as Facebook, Instagram, and LinkedIn, we process the information you have made available via social media settings, your reactions and comments on our posts, and the sharing thereof. The various providers collect personal data in the form of your behavior on our pages on their platform and can combine this information with your profile, enabling the provider to identify you. In this context, the individual providers have shared or independent data responsibility, and we refer to their policies for the use of the platforms:
You can always reject cookies on your computer by changing the settings in your Internet browser. Where you find the settings depends on the browser you use. Note that if you do this, many functions and services will not be available because they require the website to remember the choices you make.
Cookies that you have previously accepted can be easily deleted. If you use a PC/computer with a newer Internet browser, you can delete your cookies by using shortcut keys:
CTRL + SHIFT + Delete. If the shortcut keys do not work, and/or if you use a MAC, you need to start by finding out which browser you use and then click on the relevant link:
Remember: If you use multiple Internet browsers, you need to delete cookies in all of them.
Our suppliers and partners are other companies that are generally not covered by the General Data Protection Regulation (GDPR). However, we may register a contact person with their name, phone number, and email address. The purpose is to process our purchases/services and manage the relationship with the company.
For the registration and storage of contact information, we use the legal basis of balancing interests, according to Article 6(1)(f) of the GDPR. This information will be deleted or updated as soon as we become aware of changes. Additionally, contact information may appear on invoices, etc., and this information will be kept for 5 accounting years in accordance with the Accounting Act.
The purpose of receiving or collecting personal data about you in the recruitment process is to assess whether you are a qualified candidate for a vacant position with us, and we use the legal basis of balancing interests according to Article 6(1)(f) of the GDPR.
Your application, CV, and any other attached documents will be deleted 6 months after we have received them. If we wish to keep your information for more than 6 months, consent will be obtained, after which the legal basis for processing your information will shift to consent according to Article 6(1)(a) of the GDPR.
In the recruitment process, the information you provide and that is included in your application, CV, and any other attached documents will be registered. Typically, this will be general information such as name, address, contact details, education, work experience, and possibly other skills and competencies like languages, driving licenses, and IT skills. If you are called for an interview, we will record information and details for further proceedings.
We do not collect references from previous employers without your consent.
If deemed relevant for the job, you may be asked to provide a criminal record, but only at the end of the hiring process. If the criminal record is clean, a note will be made in our system, after which the criminal record will be deleted. The purpose is to prevent cases of theft and fraud, and we use the legal basis of balancing interests according to Article 6(1)(f) of the GDPR.
Your information is registered in our system and is available to relevant employees in the process, but will not be sold or disclosed to persons outside the company.
We naturally delete your information when we no longer have a purpose for retaining it, but you can always have your information deleted by contacting us at the contact details provided below.
We are committed to protecting your personal data. Both because it is required by law, but also because our own internal ethical rules demand that we take good care of your personal data.
We use relevant and appropriate technical and organizational security measures to ensure that unauthorized access to the personal data we store is not created. The purpose is to ensure that the personal data is not used, destroyed, altered, disclosed, or otherwise misused.
In this section, you can read that:
This includes, among other things, that personal data is only available to the employee(s) who need it, and that we continuously inform our employees on the proper handling of personal data and check that the rules are followed by the employees.
As mentioned, we have taken a number of measures to ensure the processing of your personal data.
Should our IT systems and other security measures still be compromised, we will notify you without undue delay if the compromise involves a high risk to your rights and freedoms.
We collect, process, and store only the personal data that is necessary to fulfill our established purposes. Additionally, the type of data that must be collected and stored for our business operations may be specified by law. The type and scope of personal data we process may also be determined by the need to fulfill a contract or another legal obligation.
As our service depends on your data being correct and up-to-date, we ask you to inform us of relevant changes to your data. You can use the contact details below to notify us of your changes, and we will ensure that your personal data is updated. If we ourselves become aware that data is not correct, we will update the information and notify you of this.
The greatest risk of misuse of personal data is due to people’s own actions, and you can do a lot to take good care of your personal data (e.g., never sharing passwords with others).
Although we have taken the above measures to limit the risks associated with the processing of personal data, it cannot constitute a 100% guarantee that no unintended incidents will occur, and we therefore recommend that you also take steps to secure your personal data. You can do this, among other things, by closing your browser after use, logging out of all accounts after use, installing antivirus, anti-malware, and other software that can improve security on your computer.
In addition, we recommend that you continuously update software, the apps you use, your computer and mobile devices, and never share your password with others.
We use partners for, among other things, storage, technical operation, IT solutions and improvements of the website, sending newsletters, sending surveys, analyzing website traffic, A/B testing of content on the website, and targeted marketing, including retargeting and segmentation. These companies are data processors under our instructions and process data for which we are responsible. The data processors may not use the information for any purpose other than fulfilling the agreement with us and are subject to confidentiality regarding this information. We have entered into written data processing agreements with all data processors who process personal data on our behalf.
In relevant cases, we disclose data to selected and trusted partners, including credit companies, freight companies, our internal companies and departments, and relevant authorities in accordance with the law, as well as lawyers and auditors. We disclose the necessary personal data to them so that we can meet our obligations to you and the authorities. This may include delivery of goods to your home address, lending, vehicle registration, insurance, etc.
Transfer to Third Countries
Some of our data processors are established in the USA. The necessary safeguards for transferring information to the USA are ensured through the conclusion of EU standard contracts according to Article 46(1)(c) of the GDPR.
Links:
https://www.intuit.com/privacy/statement/
In this section, you can read that you have a number of rights in connection with our processing of your personal data, including that you have:
The Right to Data Erasure
We make a discretionary assessment to determine when we no longer need your personal data. When we no longer need the personal data for the purpose for which it was collected, we delete it. We consider, among other things:
Some personal data must be stored for a minimum of 5 years due to legal requirements, including the Accounting Act. This includes personal data used for issuing invoices, so we can correctly account for taxes and VAT and document this to the authorities.
We also do this to protect our financial interests and legal position if anyone should claim that we have acted negligently. In such cases, we must be able to document what personal data we have received, what agreement has been made, and what we have done in relation to you as a customer, so we can best protect our interests. We ‘cleanse’ the documents of the personal data that is not necessary for this.
We delete your personal data on our own initiative when they are no longer necessary for the purpose for which they were collected, but you can contact us at any time and request deletion. Our processing of your deletion request will be retained for documentation for up to 6 months after the case is closed. We use the legal basis of balancing interests according to Article 6(1)(f) of the GDPR.
The Right to Be Informed and Correct Data
You have the right to know at any time what data we process about you, where it comes from, and what we use it for. You can also be informed of how long we store your personal data and who receives data about you, to the extent that we disclose data in Denmark and abroad.
If you request it, we can inform you about the data we process about you. Access may, however, be limited out of respect for other persons’ privacy, business secrets, and intellectual property rights.
If you believe that the personal data we process about you is inaccurate, you have the right to have it corrected. You must contact us and inform us of the inaccuracies and how they can be corrected.
The Right to Access and Receive Data
You have the right at any time to access the personal data we have registered about you and to receive a copy of the information. Please note that the right to access may be limited out of respect for the protection of other persons’ personal data and our business secrets.
You can also be informed of the purposes of the processing, how long we store your personal data, whether we make automated decisions (including profiling), who we disclose the information to, and where we have obtained it from.
Our processing of your access request will be retained for documentation for up to 6 months after the case is closed. We use the legal basis of balancing interests according to Article 6(1)(f) of the GDPR.
The Right to Request Restriction of Processing
You have the right at any time to request that we restrict the processing of your personal data.
The Right to Object to Processing
You have the right at any time to object to our processing of your personal data. This includes the right to object to our use of the personal data for marketing purposes. We will consider your objection as soon as possible if you submit one.
The Right to Withdraw Consent
You can withdraw the consent(s) you have given us at any time.
The Right to Be Informed About Transfers to Countries and Organizations Outside the EU
You have the right to be informed if we transfer personal data to a country outside the EU.
The Right to Avoid Profiling and Automatic Decision-Making
You have the right at any time to avoid us profiling you and your personal data or making automatic decisions.
No automatic decisions are made that have legal effects or similarly significantly affect you. Automatic decisions are made only for selecting winners in competitions.
The Right to Lodge a Complaint
We do everything we can to ensure that your personal data is handled securely and that your rights are protected optimally, and we regularly review our procedures and handling of personal data. If you unexpectedly believe that we are not handling your inquiry and your rights in accordance with the law, we ask you to contact us by email with the text “complaint” in the subject line.
You can write to us at info@davnordic.dk
We will then forward your inquiry to a senior employee in our company, so any misunderstandings and/or errors can be clarified.
If you still believe that we are not handling your inquiry and your rights in accordance with the law, you can complain to the Danish Data Protection Agency via:
Datatilsynet Carl Jacobsens Vej 35 2500 Valby Phone: 33 19 32 00 www.datatilsynet.dk
On our website, there may be links to other websites that do not belong to our company or our group. We are not responsible for the content on these websites, and our privacy policy does not apply to these companies’ websites.
Our company DAV Nordic A/S is the data controller and ensures that your personal data is processed in accordance with the law:
DAV Nordic A/S Tietgensvej 12 8600 Silkeborg CVR: 34991014 info@davnordic.dk www.davnordic.dk
We continuously update our privacy policy when we deem it necessary. This may be, for example, when we offer new services and products.
The current policy is always available on our website.
The privacy policy was last updated on 01.03.2024.