Purpose | Transfers to other data controllers |
---|---|
(i) Use of our websites (cookies) | Personal data contained in cookies are transferred to third party cookie providers, provided that you have given your consent to the use of cookies on our websites. |
(ii) When you communicate with us | Personal data contained in our accounting material (e.g. invoices) will be transferred to public authorities, such as the Danish tax authorities. |
(iii) Electronic newsletters etc. (marketing) | None. |
(iv) Customer administration (CRM) | The personal data will be transferred to our group companies (which are acting as joint data controllers for the processing of personal data in the group’s CRM system). |
Further, your personal data will be transferred to our data processors. We have entered into data processing agreements with all our data processors.
Transfers of Personal Data
Your personal data will be transferred to recipients which are located in the following countries outside the EU/EEA:
- USA. The transfers are based on EU Standard Contractual Clauses
- China. The transfers are based on EU Standard Contractual Clauses
- Switzerland. The transfers are based on the Commission decision on the adequate protection of personal data provided in Switzerland
If you would like further information regarding our transfers of personal data outside the EU/EEA, including a copy of the relevant safeguards etc., you may contact us using the contact details in the section “Questions and concerns” below.
Storage of Your Personal Data
We will only store your personal data as long as it is necessary to fulfill the purposes for which the personal data was collected, unless otherwise provided by law.
We have implemented the following general retention periods:
Purpose | Retention periods | |
---|---|---|
(i) Use of our websites (cookies) | Personal data contained in cookies will be deleted in accordance with the lifetime/period for each specific cookie. Read more about our cookies, including their lifetime in our | Cookie Policy. |
(ii) When you communicate with us | Personal data contained in our accounting material will be stored for at least 5 years from the end of the financial year to which the material pertains, in accordance with e.g. chapter 5 of the Danish Bookkeeping Act. Personal data pertaining to our general communication with you will be deleted 12 months after your last query has been handled/concluded. | |
(iii) Electronic newsletters etc. (marketing) | Personal data pertaining to our distribution of electronic newsletters etc. will be deleted 2 years after our latest newsletter has been distributed, unless you have withdrawn your consent (i.e. unsubscribed) before such time. | |
(iv) Customer administration (CRM) | Customer personal data contained in the CRM system will be deleted 2 years after the end of the financial year in which the customer relationship has ended. |
The personal data will be deleted in accordance with the above-mentioned retention periods, unless we have a specific need to store the personal data for a longer period, e.g. in connection with a specific case or an agreement.
Your Rights
In accordance with the GDPR, you have a number of rights when we process your personal data. You can read more about those rights in this section.
Right to Withdraw Consent
Where you have given your consent for our processing of your personal data, you have the right to withdraw your consent at any time. If you withdraw your consent, the withdrawal will not affect the lawfulness of already carried out processing based on your consent.
Right of Access
You have the right to obtain confirmation as to whether or not we collect or process personal data concerning you and, if this is the case, you have the right to request a copy of such personal data in digital format.
Right of Rectification
You have the right to require that we correct any inaccurate personal data concerning you, and that we complete incomplete personal data.
Right of Erasure
In certain circumstances, you have the right to request that we erase personal data concerning you; for example, if it is no longer necessary for the purposes for which it was originally collected.
Right to Restrict Processing
In certain circumstances, you have the right to request that we restrict the processing of the personal data we have collected about you, e.g. if you believe that the personal data is not accurate or lawfully processed.
Right to Data Portability
In certain circumstances, you have the right to receive the personal data you have provided us with in a structured, commonly used, machine readable format, and the right to have us transmit the data to another entity, where technically feasible.
Right to Object to the Processing
In certain circumstances, you have the right to request that we stop processing your personal data.
Right to Object to the Processing for Direct Marketing Purposes
You have the right to request that we stop sending you marketing communications (please also see “Right to withdraw consent” above).
Right to Complain to a Supervisory Authority
You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes the GDPR. For more information we refer to the Danish Data Protection Agency. You can also read more about your rights in the Danish Data Protection Agency’s Guidelines on data subjects’ rights which is available here (in Danish).
Updates to our privacy policy
This Privacy Policy may be updated periodically to reflect changes in the law and guidance issued.
Questions and concerns
If you have any questions or concerns, or if you wish to exercise your rights as described above, please contact us at dataprivacy@boyum-it.com or by mail at:
Boyum IT Solutions A/S
Sintrupvej 71b
DK-8220 Brabrand