Introduction

Preparation of a plan for the keeping of important personal data in accordance with the new law on person data policy.
To be able to deliver products and consultancy services to our customers there will be important personal data that we will need to process.
Our personal data policy is intended as a tool to understand what data we collect, why we collect it and what we will use it for.

Contact details for responsible controlling the personal data

Phone +45 31 50 05 00
E-mail: info@kemi-tech.eu

Data controller

Kemi-Tech ApS, Mosetoften 14 – 8722 Hedensted (CVR-number: 25659309)

Our processing of your personal information

We handle the personal data, that either the company or the contact have given us. For example, in connection to an offer or a sale.
These personal data we process, to be able to live up to our obligations towards every single customer in context with sale of the different products.
Including our obligations in connection with concluded operating/service agreements.
Without this information we will not be able to give the customers chemicals including advice in connection to a service visit.

Typically, these personal data would be including:
• Name, address, phone number, e-mail
• CVR-number, (customer number)
• Consumption data there can be attributed to a plant

Deadlines for deletion/storage

We will work hard to delete (or anonymize) the personal data as soon as they will not be relevant in any kind of way for both the customer and ourselves. Although we will always keep data related to accounting for a minimum of 5 years.

Rights under the personal data regulation

In connection to our usage of the personal data of the individual customer or contact, you have several rights:

• The right to get information about how we will use the personal data (duty to provide information)
• The right to get a look into what kind of personal data we store
• The right to get untrue personal data edited
• The right to get your personal data deleted
• The right to object to the use of your personal data in our marketing
• The right to object against any automatic individual decisions including profiling
• The right to move the personal data (data portability)

All the above-mention rights will be handled manually by contacting our personal data controller.

We can reject requests that are unfairly repetitive, require disproportional technical intervention (for example to develop a new system or change an existing practice significantly), affect the protection of others’ personal information, or something that would be extremely impractical (for example requests of information that is available as backups).

If we can correct information, we will of course do this for free, unless it will require a disproportionate effort. We strive to maintain our services in a way that protects information from erroneous or harmful destruction. When we delete the personal data from our services, it will be possible that we cannot always delete the added copies from our archive servers immediately, therefore it might not be possible for us to delete it from our backup systems.

You will always have the right to be able to complaint to the data supervision (https://datatilsynet.dk/english)

Information we will pass on

We will not pass on your personal data to companies, organizations and individual people outside of Kemi-tech’s organization. With exception of:

• With your consent
We will pass on personal data to another company or contact, organizations or individuals outside of Kemi-tech’s organization, if we have the consent of the individual. We require active choice of disclosure of all personal information.

• For external data processing
We pass on personal information to our business partners or other trusted companies or individuals who will process it for us. Their processing is based on our instructions and in accordance with our privacy policy and other applicable confidentiality and security measures, such as our data processor agreements.

• For legal reasons.
We pass on personal data to companies, organizations or individual people outside of Kemi-tech’s organization, if we believe in good faith that access, usage, preservation or publication of the data is necessary to:

– Comply with applicable laws, decisions, regulations or legal request from public authorities.
– Enforce applicable terms of service, including investigating potential violations
– Detect, prevent or otherwise be protected from fraud, security, or technical problems.
– Keep Kemi-tech free from harm, our customers or the rights, property or safety of the public, as required or permitted by law

Information security

We will work hard to protect Kemi-tech and our customers against unauthorized access, change, publication or deletion of personal data, that we store.

We have implemented the following organizational and technical measures generally in Kemi-tech:

• Antivirus on all IT systems that will be processing the personal data.
• Backups on all IT systems that will be processing the personal data.
• Use of industry-typical IT systems to protect the personal data.
• Access restriction to the personal data so it is only permitted where it is needed.
• Data processing agreements with the suppliers who will process the personal data on Kemi-Tech’s behalf
• Statements of confidentiality with staff who need to process personal data.
• Guidance in the secure processing of personal data and information assets for staff with access to information systems.
• Implementation of the above risk assessment and documentation of all systems that process personal data to ensure an informed basis for the security level of the personal data processing in Kemi-tech.

Compliance and cooperation with the supervisory authorities

We regularly review that we comply with our own personal data policy. We also adhere to several self-regulatory security policies. If we receive formal written complaints, we will contact the sender to follow up on the complaint. We cooperate with the relevant legislative authorities for example “The Danish Data Protection Agency”, to resolve complaints about the transfer of personal data that we cannot resolve directly with our users

Changes

Our privacy policy can change from time to time. We do not restrict that person’s rights under this privacy policy without their expressed consent. Any changes to this privacy policy are set forth in this plan.

Revision history

VersionNoteDateEdited by
V0.9First draft of template16/08/18Pia Henriette Olsen
V0.10Edited template25/11/20Maria Jepsen
V0.11Edited template11/01/21Maria Jepsen
V0.12Edited template11/02/21Maria Jepsen