Privacy policy
PRIVACY POLICY AT NORTH by HEART
General information
NORTH by HEART
ADELGADE 91
4720 PRESTØ
CVR no.: 41838507
Telephone: +45 81 75 00 11
Email: info@northbyheart.com
Data controller
I am the data controller for the processing of the personal data that I process about my customers and business partners. You will find my contact details below:
If you have any questions about the processing of your personal data, you can contact me via the contact form on the website.
Treatment activities
As data controller cf. GDPR, I have the following processing activities.
Visit website
When you visit my website, I use cookies so that the website can function.
Communication with potential customers
When you have questions about my site, or want to hear more about my services, you can contact me via:
- Contact form
- Telephone
Through this, I will process your personal data so that we can enter into a dialogue with you, e.g. answer questions about my services. I only process the information that you give me in connection with our communication.
I will typically process the following general information: name, e-mail, telephone number.
My authority to process this personal data is the data protection regulation's article 6, paragraph 1 liter f.
I delete our communication with you when it is clear whether you want our services or not.
Should in a special case arise a need to store your personal data for a longer period of time, this could be the case.
Customers
I need to communicate with my customers, so I make sure that the service is delivered correctly. Through this, I can process information about name, address, services, special agreements, payment information and the like.
The authority to process this personal data is the Data Protection Regulation, Article 6, subsection 1 liter b.
When the service has been delivered and any outstanding issues have been completed, I will immediately delete the personal data.
Accounting
I must save all accounting documents cf. the Accounting Act. This means that I save invoices and similar documents for accounting purposes. This may include general personal data such as name, address, service description.
My authority to process personal data for bookkeeping is Article 6, subsection 1 letter of the data protection regulation.
I store this information for a minimum of 5 years after the current financial year has ended.
Data processors
Few can handle everything by themselves, and the same applies to me. I therefore have business partners and make use of suppliers, some of whom may be data processors.
External suppliers can, for example, provide systems to organize my work, services, consultancy, IT hosting or marketing.
It is my responsibility to ensure that your personal data is processed properly. That is why I make high demands on my business partners, and my partners must guarantee that your personal data is protected.
I therefore enter into agreements on this with companies (data processors) who handle personal data on my behalf in order to increase the security of your personal data.
Dissemination of personal data
I do not pass on your personal data to third parties.
Profiling and automated decisions
I do not make profiling or automated decisions.
Third country transfers
I generally use data processors in the EU/EEA, or who store data in the EU/EEA.
In some cases this is not possible, and here data processors outside the EU/EEA can be used if they can provide your personal data with adequate protection.
Treatment safety
I keep the processing of personal data secure by having in place appropriate technical and organizational measures.
I have made risk assessments of our processing of personal data, and have subsequently introduced appropriate technical and organizational measures to increase processing security.
One of my most important measures is to keep myself and any employees updated about GDPR via ongoing awareness training, GDPR course, as well as by going through GDPR procedures.
The rights of the data subjects
According to the data protection regulation, you have a number of rights in relation to our processing of information about you.
If you want to exercise your rights, please contact me so that I can assist you with this.
Right to see information (right of access)
You have the right to gain insight into the information that I process about you, as well as a range of additional information.
Right to rectification (rectification)
You have the right to have incorrect information about yourself corrected.
Right to erasure
In special cases, you have the right to have information about you deleted before the time of my general general deletion occurs.
Right to restriction of processing
In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, I may in future only process the information – apart from storage – with your consent, or for the purpose of establishing, asserting or defending legal claims, or to protect a person or important public interests.
Right to object
In certain cases, you have the right to object to my otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing.
Right to transmit information (data portability)
In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transferred from one data controller to another without hindrance.
You can read more about your rights in the Data Protection Authority's guidance on the rights of data subjects, which you can find at www.datatilsynet.dk .
Withdrawal of consent
When my processing of your personal data is based on your consent, you have the right to withdraw your consent.
Complaint to the Danish Data Protection Authority
You have the right to lodge a complaint with the Danish Data Protection Authority if you are dissatisfied with the way I process your personal data. You will find the Norwegian Data Protection Authority's contact information at www.datatilsynet.dk .