VLEPPO APS PERSONAL DATA PROTECTION POLICY
VLEPPO ApS (“VLEPPO”) (hereinafter “we”, “us”, Data Controller, Data Processor) collects and processes your personal information in accordance with this personal data and privacy protection policy (hereinafter «Personal Data Protection Policy»).
In the following, we inform you about your rights as a registered customer with us, as well as about how we process and protect your personal information.
In fulfilling the obligations under this Agreement, the Data Processor must obey current data protection legislation in Denmark all the time and EU legislation («Data Protection Legislation / GDPR»).
The Data Processor must comply with the Personal Data Act (Act no. 429 of 31 May 2000 with subsequent amendments) with associated executive orders until the Act ceases.
From 25 May 2018, the Data Processor must comply with the Personal Data Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) with accompanying acts and national legislation, including but not limited to the Data Protection Act (Act on supplementary provisions to the Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data – as finally adopted and entered into force), and such other legislation, implementing or supplementing these rules.
1. Personal information
1.1 We only process personal information about you that you provide to us in order to fulfill our agreement with you. The personal information collected will include typically:
- Your full name;
- Email address;
- Company name;
- Company address;
- Company Tax number.
1.2 We never collect personally confidential information («sensitive data») about: race / ethnicity / belief / union / genetic-biometric data / health / sexuality.
2. Purpose of processing data
2.1 The purpose of the collection of your personal information is to fulfill our agreement with you on the provision of technology services, contract management, storage and financial services (hereinafter «the Purpose»).
2.2 We only process personal information about you that is relevant and sufficient to achieve the Purpose.
3. Principles relating to processing of personal data
3.1. Lawfulness, fairness and transparency: we process lawfully, fairly and in a transparent manner in relation to the data subject;
3.2. Purpose limitation: we collect for specified, explicit and legitimate purposes and don’t process further in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1) of the GDPR, not be considered to be incompatible with the initial purposes;
3.3. Data minimisation: adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
3.4. Accuracy: accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
3.5. Storage limitation: we kept the information in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject;
3.6. Integrity and confidentiality: we process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
4. Storage of your personal information
4.1 Your personal information is stored at our company.
4.2 The information is stored on servers within the EU, and your personal information will therefore always be protected by the Personal Data Regulation.
4.3 We are, responsible to you for the storage of your personal information.
4.4 We ensure continuously that we have taken the necessary technical and organizational security measures against your personal information being accidentally or illegally destroyed, lost or deteriorated. Furthermore, we ensure that they do not come to the unauthorized persons, are misused or otherwise processed in violation of the rules in force at any given time regarding the processing of personal data.
5. Sharing the personal data
5.1 The information we collect we share with those of our subcontractors who need it to carry out your order or support task:
5.1.1 Our suppliers with whom we have entered into a proper data processing agreement.
5.1.2 We shall provide your personal data to regulators or any other authorized parties pursuant to the law.
5.1.3 We also share your personal information to others, in condition of abuse registers in accordance with applicable law, if you commit abuse or fraud.
5.2 In addition, if we are required to transfer or share your personal information with public and judicial authorities, including if we are required to report information to the public, we could share your personal information.
6. Storage and deletion of your personal information
6.1 We store personal information as long as it is necessary to achieve the Purpose or to fulfill legal requirements, including warranty.
6.2 We store your personal information as long as you have a customer relationship and during the period calculated as the rest of the year after you have terminated your obligations or up to 5 years thereafter in accordance with the law.
6.3 If you become an our customer again later, we may ask you for your information again.
7. Your rights
7.1 You are entitled to be informed of which personal data we have collected and which we store and process about you all the time. If you want to be informed, contact us at our e-mail or basis telephone number.
7.2. According to the Personal Data Regulation you have such rights:
7.2.1. right to access and communication of data;
7.2.2. right to demand correction, object or have the processing of your personal data restricted;
7.2.3. right to erasure («right to be forgotten»);
7.2.4. right to data portability.
7.3 If you wish to complain about our processing of your personal information, this can be done to the Danish Data Protection Agency, Borgergade 28, 1300 Copenhagen K, tel .: 33 19 32 00 or through e-mail: firstname.lastname@example.org
8. Data Controller and Data Processor
8.1 Your personal information is collected and processed by: