Integritetspolitik

Last updated September 2024 

This privacy policy has been prepared for suppliers, existing and potential customers. Nordic Compliance Partner is referred to as the company, due to the data protection regulation GDPR (EU) 2016/679 which entered into force on 25 May 2018. Nordic Compliance Parnter is obliged to inform you about how personal data is processed and the purpose of the processing. In this policy you will find all the information that we are obliged to report to you.  

Personal data controller: 

Nordic Compliance Partner 

Location: Aarhus, Denmark  

info@nordic-compliancepartner.com   

You always have the opportunity to contact Nordic Compliance Partner regarding the handling of your personal data or generally about this privacy policy if information is missing here or if something is incorrect. 

What constitutes personal data? 

Personal data means all information that can be directly or indirectly attributed to a living person. These factors are factors related to someone’s physical, physiological, mental, economic, cultural or social identity. 

What data we process and why? 

In connection with an order, we collect, process and store information about your name, e-mail address, telephone number and information about your company. If a company is registered at a private address, we are obliged to include it on the invoice according to the Value Added Tax Act. We handle the mentioned personal data because it is necessary to be able to fulfill an agreement to which you are a party.  

The data is stored for 3 years after the completion of the last delivery to you, this with a legally justified interest in being able to reconnect/follow up contact and to prevent fraud. Personal data is saved in our customer registers, the company’s e-mail system and in order documentation containing information about your order. According to current law for the archiving of bookkeeping, invoices are saved for 7 years and with them also existing personal data. 

In connection with an offer/webinar/digital meeting, we collect, manage and store information about your name, email address, phone number and information about your company. We do not operate with any marketing, therefore we do not handle or save any data for marketing purposes.  

In cases where you have a sole proprietorship, we only process complete social security numbers where it is necessary to comply with laws on bookkeeping and invoicing, and during the agreed time we save your finished product. In other places, the social security number is replaced with the company name. 

Cookies 

When you visit our website, you have the opportunity to accept or reject cookies that are not necessary. Read generally about cookies here. 

Which data we do not process 

We do not process sensitive personal data such as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and health data, a person’s sex life or sexual orientation, genetic data and biometric data to uniquely identify a person. Examples of information about health can be the reason for sick leave, pregnancy or a doctor’s visit. We also do not process the personal data of minors. If Nordic Compliance Parter is  provided with such information, it is deleted and we will confirm the deletion to the sender as soon as possible.   

External Service/Third Party 

In cases where we use third party services, we refer to the respective privacy policies for more information. The data we collect is stored within the EU/European Economic Area (EEA), but can also be transferred and processed in countries outside the EU/EEA. All such transfer of personal data takes place in accordance with current legislation. 

Your rights 

You have the right to delete your data – in whole or in part. 

You have the right to request at any time to have your personal data that we process deleted. In such cases, we do this without undue delay, but within one month at the latest. Please note, however, that we can not delete such personal data that we need to preserve in order to fulfill an agreement or other legal relationship, e.g. accounting law. We will also, without your actively requesting it, on our own initiative delete your personal data when there is no longer a legal basis for continued processing. 

You have the right to withdraw consent 

You have the right to withdraw the consent you have given at any time. In such cases, we delete the data whose processing is based on your consent. Your withdrawal of your consent does not mean that we are obliged to delete data whose legal processing is based on a contract or other legal relationship. 

You have the right to access 

You have the right to access personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format. You have the right to receive confirmation from us if personal data concerning you is being processed and, in such cases, to have access to the personal data and the following information: 

• the purposes of the treatment
• the categories of personal data to which the processing relates
• the recipients or categories of recipients to whom the personal data is provided or intended
• the period for which the personal data will be stored or how this period is determined
• if personal data is collected from any source other than you: where such information comes from and what data it is
• the existence of automated decision-making and profiling

You have the right to correction 

As a registered user, you have the right to have incorrect personal data concerning you corrected by us without undue delay, but no later than within one month. You also have the right to request completion of incomplete personal data, taking into account the purpose of our processing of the personal data. 

You have the right to limitation 

You have the right to request deletion or the right to request that we limit our processing of your personal data. It may be a question of: 

• you dispute the accuracy of the personal data to give us the opportunity to check whether the personal data is correct

• the processing is illegal but you do not want the personal data to be deleted
• we no longer need the personal data for the purposes of the processing but you need it to establish, assert or defend legal claims or
• you have objected to processing involving profiling or automated decision-making, whereby limitation is made by us pending verification of whether our legitimate reasons for the processing outweigh your legitimate reasons.

Data portability 

You have the right to transfer your personal data to another personal data controller, if our processing of the personal data is based on consent or if the processing takes place automatically, if we judge it to be technically possible. 

You have the right to object to processing 

You have the right, at your own discretion, to object at any time to our processing of your personal data that relates to automatic decision-making, such as profiling, should such processing be carried out. 

Right to file a complaint with the supervisory authority/The supervisory authority’s contact details. 

You have the right to submit a complaint to your national supervisory authority about our processing of your personal data. Regardless of whether we conduct our business in the same country in which you live, you have the right to lodge a complaint with your national supervisory authority. Via the link below you will find the contact details for the Swedish supervisory authority Datatilsynet, as well as a list of contact details for European supervisory authorities: 

https://www.datatilsynet.dk/kontakt

https://ec.europa.eu/newsroom/article29/items/612080

This policy was last updated 2024-09-09 

We reserve for miswriting.