Personal data policy of Henry Olsens Sønner A/S

Introduction

In order to buy, sell and deliver goods, we collect and process personal information. The personal data is subject to the rules of the General Data Protection Regulation, and we must inform you of the following about our personal data policy:

 

Contact details of our data protection officer

Steen Madsen, 4820 1770, madsen@henryolsen.dk

Data controller

Henry Olsens Sønner A/S, Centervænget 19, 3400 Hillerød, VAT no. 25834429

Our processing of your personal data

We process personal data that you or another party has provided to us in connection with your customer relationship.

We process this personal data to meet our contractual obligations to you.

Typically, it will be these types of personal data:

  • Name, business address, telephone, email
  • Information on purchases/sales, including volume and prices

 

Deadlines for deletion/storage

We strive to delete (or anonymise) personal data as soon as it has no relevance. However, we always store personal data for at least 5 years after the customer relationship may have ended.

Your rights under the Personal Data Protection Regulation

In connection with our processing of your personal data, you have the following rights:

  • The right to receive information on how we process your personal data (disclosure).
  • The right to access your personal data.
  • The right to have inaccurate personal data rectified.
  • The right to have your personal data deleted.
  • The right to object to your personal data being used for direct marketing.
  • The right to transfer your personal data (data portability).


All of the above rights are handled manually by contacting our data protection officer.

We may reject requests that are repetitive, require disproportionate technical effort, affect the protection of personal data of others or which will affect the competitive conditions for Henry Olsens Sønner A/S.

If we can correct information, we will do so unless it involves a disproportionate effort. When we delete your personal data from our services, it is possible that we cannot always delete residual copies from our file servers immediately, and it is not certain that the information is removed from our backup systems.

At any time, you have the right to complain to the Danish Data Protection Agency (https://www.datatilsynet.dk/borger/klage-til-datatilsynet/

 

Information that we disclose

We do not share personal data with businesses, organizations and individuals. Except for these cases:

  • With your consent

We provide personal data to businesses, organizations or individuals if we have your consent.

  • For external data processing

We provide personal data to our partners or other trusted businesses or persons that process it for us. Their processing is based on our instructions and is done in accordance with our personal data policy and any other appropriate measures regarding confidentiality and security, such as our data processing agreement.

  • For legal reasons

We provide personal data to businesses, organizations or individuals if we believe that access, use, preservation or disclosure is necessary to:

Comply with applicable law, provisions, legal action or legally valid requests from public authorities.

Register, prevent or otherwise protect against problems with fraud, security or technical issues.

Data security

We work determinedly to protect our trading partners from unauthorized access, alteration, disclosure or destruction of personal data that we store.

We have implemented the following organizational and technical measures in general:

  • Installed antivirus programs on IT systems that process personal data.
  • Made backups of IT systems that process personal data.
  • Restricted access to personal data to the effect that access only is granted where required.
  • Implemented data processing agreements with suppliers that process personal data.
  • Implemented confidentiality agreements for staff needing to process personal data.
  • Teaching safe processing of personal data and information assets of staff with access to information systems.

 

Compliance and cooperation with supervisory authorities

We regularly review that we comply with our own personal data policy. When we receive formal written complaints, we will contact the sender to follow up on the complaint. We work with the appropriate legislative authorities, including the Danish Data Protection Agency, to resolve any complaints about the transfer of personal data that we cannot resolve directly with our users.

Amendments

Our data protection policy may be amended. In case of major amendments, we will inform you in our usual email correspondence.

 

Revision history

Version             Note                                                                             Date                                                Edited by

Ver. 1                 First draft of template                                           25 May 2018                                 Steen Madsen

Ver 1.1               Template adjusted                                                 15 April 2015                                Steen Madsen/Kim Bonde