Privacy Policy
Data Controller
We are the data controller for the processing of personal data that we process about our customers and partners. You will find our contact information below.
AP Helmet Design ApS
Stokbrohedevej 54, 9310 Vodskov, Denmark
CVR number: 40059431
It is not a requirement that our company has an external DPO, but if you have questions about the processing of your personal data, you can contact us via mail@aphjelmdesign.dk .
Processing activities
As a data controller, cf. GDPR, we have the following processing activities.
Visit website
When you visit our website, we use cookies to make the website work, which you can read more about in our cookie policy .
Communication with potential customers
If you have any questions about our site or would like to hear more about our services, you can contact us via:
- Contact form
- Phone number
Through this, we will process your personal data so that we can enter into a dialogue with you, for example to answer questions about our services. We only process the information that you provide us in connection with our communication.
We will typically process the following general information: name, email, telephone number.
Our legal basis for processing this personal data is Article 6(1)(f) of the General Data Protection Regulation.
We will delete our communication with you when it is clear whether you want our services or not.
Should there be a need in a special case to store your personal data for a longer period of time, this may be the case.
Customers
We need to communicate with our customers to ensure that the service is delivered correctly. This allows us to process information about name, address, services, special agreements, payment information and the like.
The basis for processing this personal data is Article 6(1)(b) of the General Data Protection Regulation.
Once the service has been delivered and any outstanding issues have been resolved, we will immediately delete the personal data.
Newsletter
We have a newsletter that is voluntary to subscribe to – and you can always unsubscribe from this again.
The purpose of the newsletter is to send registered emails with new information from the company, which may include new content on the website or advertising of our services.
We will only send you emails if you have given your active consent to this. This requires that you first provide your email address, to which we will then send an email so that you can confirm your registration. In this way, we ensure that you have actually signed up for the newsletter yourself, i.e. given active consent.
Our legal basis for processing your personal data (i.e. your email address) in connection with the newsletter will be Article 6(1)(a) of the General Data Protection Regulation.
We will process your personal data as long as you are still subscribed to the newsletter. When you unsubscribe, we will also stop sending the newsletter, and if we have not sent you a newsletter for 1 year, your consent will lapse as a result of our inaction.
When you unsubscribe, we will store your previous consent for 2 years after it was last used, due to statute of limitations requirements, see the Consumer Ombudsman’s spam guidelines, section 11.3.
Accounting
We must store all accounting documents, cf. the Danish Accounting Act. This means that we store invoices and similar documents for accounting purposes. These may include general personal information such as name, address and service description.
Our legal basis for processing personal data for accounting purposes is Article 6(1)(a) of the General Data Protection Regulation.
We retain this information for a minimum of 5 years after the current financial year has ended.
Job applications
We welcome job applications with a view to assessing whether they match a hiring need in our company.
If you send us your job application, our legal basis for processing your personal data is Article 6(1)(f) of the General Data Protection Regulation.
If you have sent an unsolicited application, we will immediately assess whether your application is relevant and then delete your information again if there is no match.
If you have submitted an application for a posted job, we will dispose of your application if you are not hired and immediately after the right candidate has been found.
If you participate in a recruitment process and/or are hired, we will provide you with separate information about how we process your personal data in this connection.
Data processors
Few people can do everything themselves, and the same goes for us. That’s why we have partners and use suppliers, some of whom may be data processors.
External suppliers can, for example, provide systems to organize our work, services, consulting, IT hosting or marketing.
- [If applicable, list your data processors with company name + purpose of processing]
It is our responsibility to ensure that your personal data is processed properly. That is why we place high demands on our partners, and they must guarantee that your personal data is protected.
We enter into agreements with companies (data processors) that handle personal data on our behalf to increase security.
Disclosure of personal data
We do not disclose your personal information to third parties.
Profiling and automated decisions
We do not carry out profiling or automated decisions.
Third country transfers
We generally use data processors in the EU/EEA or those who store data in the EU/EEA.
In some cases this is not possible, and here data processors outside the EU/EEA may be used if they can provide your personal data with adequate protection.
Treatment safety
We keep the processing of personal data secure by having appropriate technical and organizational measures in place.
We have conducted risk assessments of our processing of personal data and have subsequently implemented appropriate measures to increase security.
One of our most important measures is to keep our employees up to date on GDPR through ongoing awareness training, GDPR courses and review of our GDPR procedures.
Rights of data subjects
Under the General Data Protection Regulation, you have a number of rights in relation to our processing of information about you.
If you want to exercise your rights, please contact us so we can help you.
Right to see information (right of access)
You have the right to access the information we process about you, as well as a number of additional information.
Right to rectification (correction)
You have the right to have incorrect information about yourself corrected.
Right to erasure
In special cases, you have the right to have information about you deleted before the time of our general deletion occurs.
Right to restriction of processing
In certain cases, you have the right to have the processing of your personal data restricted. If you have this right, we may only process the data – with the exception of storage – with your consent, or for the establishment, exercise or defence of legal claims, or to protect a person or important public interests.
Right to object
You have the right to object to our lawful processing of your personal data in certain cases. You can also object to processing for direct marketing purposes.
Right to transmit information (data portability)
In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this information transferred from one data controller to another without hindrance.
You can read more about your rights in the Danish Data Protection Authority’s guidance, which can be found at www.datatilsynet.dk .
Withdrawal of consent
When our processing of your personal data is based on your consent, you have the right to withdraw this consent.
Complaint to the Danish Data Protection Agency
You have the right to file a complaint with the Danish Data Protection Authority if you are dissatisfied with the way we process your personal data. You can find the Danish Data Protection Authority’s contact information at www.datatilsynet.dk .
We generally encourage you to familiarize yourself with GDPR so that you are up to date on the rules.
