Treatment of Personal Information

Data controller

We are the data controller for the treatment of personal information that we process about our customers and partners. You can find our contact information below.

DRIVADAN A/S
Gørtlervej 6
DK-5471 Søndersø
Denmark

VAT no.: DK21270075

If you have any questions about the treatment of your personal information, you can contact us at info@drivadan.dk.

Processing activities

As the data controller under GDPR, we have the following processing activities.

Website visit

When you visit our website, we use cookies for visitor statistics, if you have approved this at the bottom of the page.

Communication with potential customers

If you have questions about our site or want to learn more about our services, you can contact us through:

  • Contact form
  • Email
  • Phone

Through this, we will process your personal information so that we can engage in a dialogue with you, such as answering questions about our services. We only process the information you provide us in connection with our communication.

We will typically process the following common information: name, email, phone number.

Our legal basis for processing this personal information is Article 6, paragraph 1, letter f of the GDPR.

We delete our communication with you when it becomes clear whether you want our services or not.

In a special case, there may be a need to store your personal information for a longer period of time.

Customers

We need to communicate with our customers to ensure that the service is delivered correctly. Through this, we can process information about name, address, services, special agreements, payment information, and similar.

The legal basis for processing these personal information is Article 6, paragraph 1, letter b of the GDPR.

Once the service is delivered and any outstanding issues are resolved, we will immediately delete the personal information afterwards.

Bookkeeping

We are required to keep all accounting documents under the Bookkeeping Act. This means that we keep invoices and similar documents for accounting purposes. This can include common personal information such as name, address, service description.

Our legal basis for processing personal information for bookkeeping is Article 6, paragraph 1, letter of the GDPR.

We store this information for a minimum of 5 years after the current financial year has ended.

Job applications

We gladly accept job applications to assess whether they match a recruitment need within our company.

If you submit your job application to us, our legal basis for processing your personal data is Article 6, Paragraph 1, Subparagraph f of the General Data Protection Regulation.

If you have submitted an unsolicited application, we will immediately assess whether your application is relevant, and subsequently delete your information again if there is no match.

If you have submitted an application for a posted job, we will dispose of your application in the event that you are not hired, and immediately after the right candidate is found for the job.

If you are part of a recruitment process and/or are hired for the job, we will provide you with separate information on how we handle your personal data in this regard.

Data processors

No one can do everything alone, and the same goes for us. Therefore, we have partners and use suppliers, some of whom may be data processors.

External suppliers can, for example, provide systems for organizing our work, services, advice, IT hosting or marketing.

It is our responsibility to ensure that your personal data is processed properly. Therefore, we have high demands for our partners, and our partners must guarantee that your personal data is protected.

Therefore, we enter into agreements with companies (data processors) that handle personal data on our behalf to increase the security of your personal data.

Disclosure of personal data

We do not disclose your personal data to third parties.

Profiling and automated decisions

We do not perform profiling or automated decisions.

Transfers to third countries

As a starting point, we use data processors within the EU/EEA, or who store data within the EU/EEA.

In some cases, this is not possible, and data processors outside the EU/EEA may be used if they can provide appropriate protection for your personal data.

Data protection and security

We ensure the safety of personal data by implementing appropriate technical and organizational measures. We have carried out risk assessments of our data processing, and have subsequently implemented appropriate technical and organizational measures to increase data protection and security. One of our main measures is to keep our employees updated on GDPR through ongoing awareness training, GDPR courses, and by reviewing our GDPR procedures with employees.

The rights of the data subjects

According to the data protection regulation, you have a number of rights in relation to our processing of your information. If you wish to exercise these rights, please contact us so we can assist you.

Right of access (insight)

You have the right to access the information we process about you, as well as additional information.

Right to rectification

You have the right to have incorrect information about yourself corrected.

Right to erasure

In certain cases, you have the right to have information about yourself deleted before the time of our general erasure.

Right to restriction of processing

In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have processing restricted, we may only process the data, except for storage, with your consent or for the establishment, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest.

Right to object

In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You also have the right to object to the processing of your information for direct marketing purposes.

Right to data portability

In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have it transmitted from one data controller to another without obstruction.

You can read more about your rights in the Danish Data Protection Agency's guidance on the rights of the data subjects, which can be found on www.datatilsynet.dk.

Withdrawal of consent

If our processing of your personal data is based on your consent, you have the right to withdraw your consent.

Complaints to the Danish Data Protection Agency

You have the right to lodge a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find the contact details of the Danish Data Protection Agency on www.datatilsynet.dk.