ON720.COM A/S
Personal data policy
Data controller
We are the data controller for the processing of the personal data that we process about our customers and business partners. Our contact details are:
ON720.com A/S
CVR no. 43484435
Egehøjvej 3
8960 Randers SØ
It is not a requirement that our company has a Data Protection Officer, but if you have questions about the processing of your personal data, you can contact us via tel. 70 222 720 or e-mail: info@on720.com.
The processing activity
As data controller cf. GDPR and the Data Protection Act, we carry out the following processing of personal data:
Visit website.
When you visit our website, we use cookies in order for the website to function, which you can read more about in our cookie policy, link.
Communication with potential customers
When you want to hear more about our services, you can contact us via:
Contact form, Email or Phone. See www.on720.com
In this connection, we process your personal data so that we can enter into a dialogue with you and answer questions about our services. We only process the information that you give us in connection with our communication.
We will typically process the following general information: name, e-mail address and telephone number.
Our authority to process this personal data is the data protection regulation's article 6, paragraph 1 liter f.
We delete our communication with you when it is clear whether you wish to enter into an agreement with us or not.
Should, in a special case, a need arise to store your personal data for a longer period of time, this could be the case if there is an authorization for processing in current legislation.
Customers
We need to communicate with our customers so that we ensure that our services are delivered correctly. In this connection, we process information about name, address, e-mail address, telephone number, services, special agreements, payment information and the like.
The authority to process this personal data is the data protection regulation's article 6, subsection 1 liter b.
When the service has been delivered and any outstanding issues have been completed, we will immediately delete the personal data.
However, personal data is always stored for as long as required by applicable special legislation.
Newsletter
We have a newsletter that you can sign up for voluntarily and you can always unsubscribe again.
The purpose of the newsletter is to send e-mails to those registered with new information from the company, which may deal with new products and services.
We will only send you the newsletter if you have given your express consent to this. It initially requires that you enter your e-mail address, to which we will subsequently send an e-mail, so that you can confirm the registration. In this way, we ensure that you have actually signed up for the newsletter yourself and have given active consent.
Our authority to process your personal data in connection with the newsletter will be the data protection regulation's article 6, paragraph 1 letter a.
We will process your personal data as long as you are still registered for the newsletter. By unsubscribing from the newsletter, we naturally stop sending this to you.
When unsubscribing from the newsletter, we store your now previous consent for 2 years after it was last used for reasons of limitation requirements in relation to documentation of consent.
Accounting and invoicing
We must save all accounting documents cf. the Accounting Act. This means that we save invoices and attachments for use in filing accounts and submitting tax returns. The accounting annexes may contain general personal data such as name, address, e-mail address and service description.
Our authority to process personal data in connection with financial management and accounting is Article 6, subsection 1 letter c of the Data Protection Regulation.
We store this information for a minimum of 5 years after the current financial year has ended.
Job applications
We gladly accept job applications in order to assess whether you match a need for new hires with us.
When you send us a job application, our authority to process your personal data is Article 6, paragraph 1 of the Data Protection Regulation. 1 liter f.
If you have sent an unsolicited application, we will immediately assess whether your application is relevant, and then delete your information again if this is deemed not to be the case.
If you have sent an application for an advertised position, we will delete your application if you are not hired and immediately after the right candidate has been found for the job.
If you participate in a recruitment process and/or are employed by us, we will provide you with separate information about how we process your personal data in that connection.
APPs
In connection with the purchase and use of our Apps, we process personal data about you as a customer, as well as the data you enter into the App. Data processing is in some cases carried out by subcontractors.
We store your personal data as a customer for the period required by law. They are then deleted. You can delete data entered into Apps yourself if they are no longer relevant.
Data processors
We have business partners and use subcontractors, some of whom may be data processors.
External suppliers can, for example, provide systems to organize our work, services, consultancy, IT hosting or marketing.
It is our responsibility to ensure that your personal data is processed securely. Therefore, we make high demands on our partners, who must guarantee that your personal data is protected against accidental access.
We therefore enter into data processing agreements with companies (data processors) that handle personal data on our behalf in order to secure your personal data as best as possible.
Dissemination of personal data
We do not pass on your personal data to third parties without your express permission.
Profiling and automated decisions
We do not make profiling or automated decisions.
Transfer of data to third countries
6.1. We generally use data processors in the EU/EEA, or who store data in the EU/EEA.
6.2. If this is not possible, data processors outside the EU/EEA can be used if they can ensure protection of your personal data at the level of the rules within the EU/EEA. Individual subcontractors such as e.g. Microsoft cannot and will not guarantee that data is stored within the EU. However, we generally have full confidence that Microsoft stores and processes your personal data fully responsibly.
7. Processing security
7.1. To secure your personal data against unauthorized access, we have implemented appropriate digital and organizational measures. We continuously follow up on our initiatives and adapt our precautions based on an assessment of the current risk of hacker attacks etc.
7.2. We have carried out risk assessments of our processing of personal data, and have subsequently introduced appropriate technical, digital and organizational measures to increase processing security.
7.3. As an important part of protecting your personal data, we keep our employees up-to-date on GDPR and data protection through courses, as well as by reviewing our GDPR procedures with employees at regular intervals.
8. Your rights
8.1. According to the data protection regulation, you have a number of rights in relation to our processing of information about you.
8.2. If you want to exercise your rights, please contact us so that we can assist you with this.
8.3. You have the following rights:
8.3.1. Right to see information (right of access)
You have the right to gain insight into the information that we process about you, as well as a range of additional information.
8.3.2. Right to rectification of incorrect information
You have the right to have incorrect information about yourself corrected.
8.3.3. Deletion - Right to be forgotten
We normally delete your personal data after a maximum of 6 years if there is a legal requirement to store the data for the sake of control by the authorities.
If there is no legal requirement to store your personal data, it will be deleted when we are no longer authorized by the Personal Data Regulation to process it.
If there is a need to save data in order to meet any compensation claims, the data will be deleted at the latest when the absolute limitation period of 10 years has expired.
Under certain conditions, you have the right to have information about you deleted before the time of our general general deletion occurs.
8.3.4. Right to restriction of processing
Under certain conditions, you have the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, we may in future only process the information – apart from storage – with your consent, or for the purpose of establishing, asserting or defending legal claims, or to protect a person or important public interests.
8.3.5. Right to object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your information for direct marketing.
Right to transmit information (data portability)
If specific conditions are met, you have the right to receive your personal data in a structured, commonly used and machine-readable format, as well as to have this personal data transferred from one data controller to another without hindrance.
You can read more about your rights in the Data Protection Authority's guidance on the rights of data subjects, which you can find at www.datatilsynet.dk.
9. Withdrawal of consent
If our processing of your personal data is based on your consent, you have the right to withdraw your consent.
10. Complaint to the Data Protection Authority
You have the right to lodge a complaint with the Danish Data Protection Authority if you are dissatisfied with the way we process your personal data. You will find the Data Protection Authority's contact information at www.datatilsynet.dk. You can read more about the rules and your rights at www.datatilsynet.dk/borger.