Data Protection Policy
All About Data Protection
The General Data Protection Regulation (GDPR) was adopted by the EU in 2016 and came into effect on May 25, 2018.
For businesses, this means that they must be able to demonstrate that personal data is handled in a responsible manner.
Therefore, no more data than absolutely necessary should be collected and recorded, and it should not be stored longer than needed.
At DanBlumen, such data will be collected and processed based on the principles outlined below in the General Data Protection Regulation (GDPR).
Furthermore, our marketing activities generally do not involve the processing of personal data.
This data is stored in our ERP system and may also be found in our email system and shared data drives.
The data is stored in our ERP system and may also be found in our email system and shared data drives.
regarding this, please contact our data controller:
Henrik Christensen
mail@danselection.com
Tel: (+45) 66 18 59 00
Fundamental Principles
Personal data is defined as any information relating to an identified or identifiable natural person.
At DanBlumen, such data will be collected and processed in accordance with the principles outlined in the General Data Protection Regulation (GDPR).
Lawfulness
We only process data for which we have a legal basis.
This includes legal obligations, consent, legitimate interest, and contractual necessity.
Fairness
We only process data to the extent that it serves a reasonable and legitimate purpose.
Transparency
We clearly inform employees and business partners about how we process data.
Again, the legal basis may be legal obligation, consent, legitimate interest, or contractual necessity.
Data Processing and Rights
Data sharing:
We only share data in the form of employee-related information when necessary for legal or contractual obligations.
DanBlumen has entered into Data Processing Agreements with all relevant partners. In cases where third parties may gain access to data, a confidentiality agreement will be signed.
Data storage:
All electronic data is stored on servers located in Denmark. Data may also be exchanged through Office365.
All servers and employee computers are protected by up-to-date firewalls and antivirus programs. Physical documents are stored in locked cabinets.
Rights:
According to the GDPR, you as an individual have the right to be informed about which personal data we hold about you, and to have that data updated, provided to you, and/or deleted.
You also have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet) regarding our data security and handling practices.
Data Security and Management
At DanBlumen, we are systemically protected by updated firewalls, spam filters, and antivirus software.
Computers are secured with personal passwords. Only employees with a work-related need have access to personal data.
Data Deletion and Breaches
Deletion:
Data is deleted or shredded securely once the established retention period has expired.
Data Breach:
In the event of a data breach, DanBlumen will notify the Danish Data Protection Agency (Datatilsynet) within 72 hours of discovery.