Policy for securing our customers’ personal information

1. Data responsibility 

We process and store personal data and have adopted this policy to secure this data.

In order to best protect your personal data, we continuously evaluate whether our collection, use of and disclosure of data is in accordance with applicable law.

We have chosen not to process and store sensitive personal data. We do not ask our customers for this data, and if we do get it anyway, it will be deleted – it will not be saved.

1.1 Contact Information 

Carlsen&E is responsible for storing and securing personal data and we make sure to treat your personal data in compliance with GDPR legislation in Denmark.

Contact Information:

Carlsen&E ApS
Nødebo Skovvænge 8,
3480 Fredensborg

Att.: Jens Carlsen

Phone: + 45 23 27 06 18
e-mail: carlsen@carlsen-e.dk
website: www.carlsen-e.dk

1.2 Collaboration with Data Handlers

We collaborate with selected Data Handlers and have signed data handling agreements with each handler in order to:

  • all personal data is handled and stored securely, and that no unauthorized third party has access to the personal data for which we are responsible
  • all our partners on personal data management comply with the EU GDPR of 25 May 2018.

1.2 Samarbejde med Databehandlere

Vi samarbejder med en række udvalgte databehandlere og sikrer databehandleraftaler med disse for at:

  • alle persondata håndteres og opbevares forsvarligt, og at ingen uvedkommende 3. part har adgang til de persondata, vi har ansvaret for
  • alle vore samarbejdspartnere om persondatahåndtering opfylder EU’s GDPR af 25. maj 2018.

Mere information om vores partnerspersondata politik:

2. Processing of personal data

 2.1 We obtain your consent before we process your personal data

We obtain your consent before we process your personal data for the purposes described above. Your consent is voluntary, and you can withdraw it at any time by contacting us. Use the contact information above for more information.

We do not pass on personal data to other actors without your consent.

2.2 We ensure a fair and transparent data processing

When we ask you to make your personal data available to us, we inform you of what data we process about you and for what purpose. You will receive information about this at the time of collection of your personal data.

If we collect data about you from others, e.g. an authority or partner, we will inform you about it. We also provide information about the purpose of the collection and the legal basis that gives us access to collect your personal data.

2.3 We typically store this type of data about you 

We use data about you to make our service better and ensure quality in our products and services, as well as in our contact with you.

This will include data such as: 

  • Basic personal data 
  • Test results
  • Shorthand minutes of conversations such as sales meetings or coaching sessions
  • Photos from team sessions and/or seminars.

2.4 We collect and store your personal data for specific purposes 

We collect and store your data for well-defined purposes. It happens in connection with: 

  • Assigning new customers
  • Administration of customer and vendor collaboration
  • Personal tests in connection with coaching
  • Accepting our newsletters or other information from Carlsen&E
  • Registering for courses and programs.

2.5 We only handle relevant and necessary data about you

We only process data about you that is relevant and sufficient for the purposes defined above.

2.6 We delete your personal data from storage, when they are no longer relevant

We delete your personal data when it is no longer needed for the purpose that was the reason for our collection, processing and storage of your data – and no later than after 5 years.

3. Security 

3.1 We protect your personal data and have internal rules on information security

We have adopted internal rules on information security, which contain instructions and measures that protect your personal data against being destroyed, lost or altered, against unauthorized publication, and against unauthorized access or knowledge of them.

As a minimum, we have created and maintained documented workflows for the following:

  • Receiving and storing customer consent to the processing and storage of personal data
  • Deletion of personal data at the end of the collaboration – or at the request of the customer
  • Deletion of all personal data older than 5 years – for inactive customers
  • Creation and maintenance of documented agreements with all our data processors
  • Quarterly review of policies, workflows, and experiences with personal data
  • Delivery of personal data to the customer upon request
  • Criteria for how personal data is stored at Carlsen&E
  • Notification to the Danish Data Protection Agency in the event of possible data leakage.

3.2 You have the right to access your personal data

You have the right to be informed at any time about the data we have collected about you, where they come from and what we use them for. You can also be informed of how long we store your personal data.

You can make use of your rights by contacting us. You will find our contact information at the top.

If you believe that the personal data, we process about you is inaccurate, you have the right to have it corrected. You must contact us and inform us of the inaccuracies and how they can be corrected.

You can request that all your personal data be deleted from us unless we store them due to requirements from authorities.

You have the right to object to our processing of your personal data.

You can use the contact information at the top to submit an objection.