Last updated: 15/06-2021
for persons in contact with Keepit A/S, and all of its affiliates, either as customers, potential customers, suppliers, business partners, contact persons, website visitors and/or job applicants.
1. Categories of personal data and purposes
We process your personal data for the following purposes:
- Customer administration, e.g., to process, negotiate and handle orders, invoices, agreements, payments, maintain our business relationships including user account administration and handling support requests within the services we provide etc.
- Business partner/supplier administration, e.g., to process, negotiate and handle agreements, collaborations, payments, maintain our business relationships etc.
- Direct marketing, sales, customer relationship management and business partner/supplier relationship management, e.g., con-tacting potential customers, manage and maintain information on business partners, suppliers, and customers, etc.
- Recruitment, e.g., processing and handling job applications
- To improve and provide our website and services.
We collect and process the following types of personal data:
If you are a job applicant and have given us your explicit consent to the processing of your references from your previous employer, we may collect such references from your previous employer(s).
3. Data provided on a voluntary basis
When we collect personal data directly from you, you either provide us with the personal data on a voluntary basis or in order for us to comply with the law. It will depend on the specific circumstances whether you are under an obligation to provide us with such personal data.
The consequence of not providing us with the personal data mentioned above will be that we cannot pursue the specific purposes set out above, which for example means that we cannot process and handle orders, provide you with our services, a functional website etc.
4. Disclosure and transfers of personal data
We may disclose non-sensitive personal data to third parties, e.g., our business partners, provided that the disclosure is necessary and in compliance with the GDPR and Danish Data Protection Act. Furthermore, we use different services providers and suppliers who process personal data on our behalf and, thus, acts as data processors, e.g., information technology suppliers.
Some of our business partners, service providers and suppliers are located in countries outside the EU/EEA. In such cases, we only transfer personal data in compliance with GDPR chapter V and the European Data Protection Board’s (EDPB) recommendations on supplementary measures. If we transfer personal data to countries which are not deemed to have an adequate level of security, we enter into the EU standard contractual clauses and, if deemed necessary, apply supplementary measures in accordance with the European Data Protection Board’s recommendations.
5. Storage period
Your personal data may, therefore, be subject to different retention policies based on the personal data in question and the purposes to which the personal data is collected. Below are a few examples of our retention periods:
- As a general rule, we store personal data for the duration of our business relationship with you and until five (5) years after the termination of such business relationship.
- Correspondence with you as a potential customer will in general be deleted two (2) years after the time of such correspondence.
- We delete job applications and other personal data related hereto as soon as we do not need it anymore and no later than 6 months after we have received the personal data unless you have given your explicit consent to an additional retention period of 6 months.
6. Your rights
Subject to the applicable restrictions in the Danish Data Protection Act and General Data Protection Regulation, you have the following rights:
- The right of access to personal data
- The right to rectification of inaccurate and inadequate personal data
- The right to erasure of personal data
- The right to restriction of processing of personal data
- The right to object
- The right to data portability
The right to object
You have the right to object – on grounds relating to your particular situation – to processing of personal data where the legal basis for our processing is legitimate interests, as stated above. If you exercise your right to object, we may no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defense of legal claims.
You also have the right at any time to object to the processing of your personal data for marketing purposes, which includes the right to object to profiling in so far as it relates to direct marketing. If you object to our processing for the purpose of direct marketing, your personal data may no longer be processed for this purpose.
You also have a right to submit a complaint to the competent supervisory authority, including the Danish Data Protection Agency. You will find the contact information of the Danish Data Protection Agency on www.datatilsynet.dk. You can also read more about your rights on www.datatilsynet.dk.
Please contact our data protection officer if you have any questions about the processing of your personal data or how to exercise your rights.
Per Henrik Lings Allé 4, 7.sal
DK-2100 København Ø
Tlf.: (+45) 88 70 40 70