We take protection of your data seriously
We process personal data and have therefore established this privacy protection policy to inform you how we process your data. To protect your personal data as well as possible we constantly evaluate if there is any risk that our data processing has any negative impact on your basic rights. We are particularly aware of the risk of discrimination, ID theft, financial loss, damage of reputation, or loss of data confidentiality. In case the decisions we need to make depend on our ability to process sensitive personal data, biometrical data, or data pertaining to criminal offenses, we shall carry out an analysis of the impacts of the data processing on your privacy protection. This impact analysis shall be carried out before we start processing your personal data.
Schilling A/S is responsible for data and we ensure that your personal data is treated in compliance with current legislation.
Contact: Schilling A/S
Address: Baldersbækvej 24-26
Company registration number: 61786414
Telephone: +45 70279900
We ensure fair and transparent data processing
When we ask you to submit your personal data to us, we inform you about which data we process and for what purpose. You will receive this information when we collect your personal data. We do not collect any information from other parties.
Processing of personal data
We use this type of data about you
We use data about you to improve our services and ensure the best quality in our products and services and in our communication with you.
The data we use includes:
- Ordinary personal data
- Personal registration number
- Data regarding interests and habits
- Traffic data regarding internet use
- Location data from the internet, cell phone, GPS, or camera
- Transaction data
- Unique network unit numbers
We do not correlate data.
We collect and store your personal data for specific purposes
We collect and store your data for specific purposes or other lawful business purposes, for example when we need to:
- Process your purchase and deliver our services
- Fulfil your request for products or services
- Improve our products and services
- Adapt our communication and marketing to match your needs
- Administer your relation with us
- Comply with current legislation
We may need to use your personal data for a different purpose than the one the data was collected for. Unless you have given your consent to the new use of your data, we will investigate if the original purpose of the collection of your data is compatible with the new purpose. We shall evaluate for example the sources that your data originates from and if the data we need to use is ordinary or sensitive. We shall also evaluate if the use of your data for the new purpose will have any negative impact on your freedom of action.
We only process relevant personal data
We only process data about you that is relevant and sufficient for the purposes described above. The purpose determines the type of data about you that is relevant for us. The same applies to the amount of personal data that we use. For example, we do not use any other data than what we need for specific purposes. Before we process your personal data we investigate if the amount of data can be minimised. We also investigate if any of the data types that we use can be used in anonymised or pseudonymised form. We do this if it has no negative impact on our obligations or on the services we offer you.
We only process necessary personal data
We collect, process, and store only the data that is necessary to fulfil our stated purposes. In addition, legal requirements may determine what types of data it is necessary to collect and store for business purposes. The type and amount of personal data that we process may also be necessary to fulfil a contract or other legal obligation.
We want to make sure that we only process personal data that is necessary for each of our specific purposes. It is therefore embedded in our IT systems that only the necessary data set is collected. This also automatically ensures that the extent of the data processing is not unnecessarily large and that the storage period is not too long.
To protect you against any unauthorised access to your personal data we use solutions that automatically ensure that data is only accessible to relevant staff. Our systems include embedded protection against an unauthorised number of persons gaining access to data.
We control and update your personal data
We control that the personal data we process is not incorrect or misleading. We update your personal data on an ongoing basis. As our services depend on your data being correct and up to date, we ask you to inform us about any relevant changes in your data. You can use the contact information above to inform us about any changes. To ensure the quality of your data we have established internal rules and procedures for control and updating of your personal data.
We delete your personal data when it is no longer needed
We delete your personal data when it is no longer needed for the purpose that was the reason for collecting, processing, and storing the data.
We obtain your consent before we process your personal data
We obtain your consent before we process your personal data for the purposes described above, unless we are obliged to collect the data for legal reasons. In such cases, we will inform you about this and about our legitimate interest in processing your personal data.
Your consent is voluntary, and you can withdraw your consent at any time by contacting us. Please use the contact information above if you would like more information.
Transfer of your personal data
- We shall not transfer your personal data without your prior consent.
- We shall not transfer your personal data to other parties.
- We shall not transfer your personal data to parties in third countries.
Use of subcontractors with whom we work through data processor agreements are not considered transfer. Personal data that we have registered about you can be transferred to countries outside the EU/EES. Should we transfer your personal data outside the EES, we shall ensure that the data is either transferred to countries that according to the European Commission have an adequate level of data protection or that the transfer is based on the standard regulations of the European Commission. You are welcome to contact us at any time to receive a copy of the documentation for the transfer.
We protect your personal data and have internal rules regarding information security
We have established internal rules regarding information security including instructions and measures that protect your personal data against destruction, loss, or changes, against unauthorised publication, and against access by unauthorised persons or unauthorised knowledge of the existence of the data.
We have established procedures for the allocation of access rights to those among our staff who process sensitive personal data and data that identifies information about personal interests and habits. We control their access through logging and supervision. To avoid data loss we make backup copies of our data sets. We also protect the confidentiality and authenticity of your data by means of encryption. In case of security breaches that result in a high risk of discrimination, ID theft, financial loss, loss of reputation, or other significant inconvenience, we will inform you about the security breach as soon as possible.
Cookies, purpose, and relevance
We obtain your consent
You have the right to access your personal data
You have the right at any time to information about what data we process about you, from where it originates, and what we use it for. You can also obtain information about how long we store your personal data and who receives data about you to the extent that we disclose data in Denmark and abroad.
If you request it, we will inform you about the data we process about you. Access to the data may, however, be limited for the sake of the privacy protection of other persons, of trade secrets, and intellectual property rights.
You can use your rights by contacting us. Please see our contact information above.
You have the right to correction or deletion of inaccurate personal data
If you think that the personal data that we process about you is inaccurate it is your right to have it corrected. In that case you should contact us and inform us about the inaccuracy and how it should be corrected.
In certain cases we are obliged to delete your personal data, for example if you withdraw your consent. If you think that your data is no longer necessary for the purpose it was collected, you can request to have it deleted.
You may also contact us if you think that your personal data is processed against regulations or other legal obligations.
If you contact us with a request to have your personal data corrected or deleted, we will investigate if the conditions are fulfilled, and if this is the case we will implement the changes or deletion as soon as possible.
You have the right to object to our processing of your personal data
You have the right to object to our processing of your personal data. You can also object to our disclosure of your data for marketing purposes. Please use the contact information above to lodge an objection. If your objection is legitimate, we will cease processing your personal data.
It is your right to receive the personal data you have submitted to us and the data we have collected about you from other parties based on your consent. If we process data about you as part of a contract in which you are a party you can also request that we send your data. It is also your right to transfer this personal data to another service provider.
If you wish to make use of your right to data portability you will receive your personal data from us in a normally used format. If you want to have access to your data, to have it corrected or deleted, or make an objection against our data processing, we will investigate if this is possible and reply to your request as soon as possible – at the latest one month after receiving your request.