When we receive and process your personal data, we ensure that it takes place in accordance with the General Data Protection Regulation. This privacy policy provides information about what personal data we process, what the purpose is, what legal basis that we use and for how long we store your personal data.
Data controller
cp test A/S is the data controller and responsible for the processing of your personal data:
cp test A/S, Skomagervej 13c, 7100 Vejle, CVR. nr. 12476779
You are always welcome to contact us at kontakt@cptest.dk if you have questions about how we process personal data.
cp test A/S collects personal data about you, if you as an individual, or as the employee of a company, enters into an agreement with us either as a customer or a supplier; if you use our website; if you contact us via e-mail, phone or contact form and when you visit some of our locations.
We only collect the necessary personal data for specific purposes, which you can read more about below, and we erase your data again when there is no longer a legitimate purpose for processing them. Read more about this also.
How does cp test A/S collect personal data?
Personal data are primarily collected as follows:
When you use our website, we collect cookies
When you use our website, we collect personal information in the form of one or more cookies. Cookies are small text files which are stored in your browser and which will be recognised each time you visit the website. Cookies make it possible to deliver personalised content to your browser. Cookies cannot contain virus.
Read more about this in our cookie information where you can also accept and reject different cookies – you can find the link to our cookie information on our website in the lower left corner. However, you cannot deselect some necessary cookies as they help ensure the function of the website.
Purpose
To optimise the website and collect knowledge/statistics on the use of the website via Google Analytics.
What personal data do we process?
Information about IP address, type of browser, search words, network location.
Legal basis
The legal basis for our processing of personal data is subject to articles 6(1)(a) (consent) and 6(1)(f) (legitimate interest) of the GDPR. Our legitimate interest is our interest in ensuring the function of the website.
Storage of personal data
Information about storage of cookies can be found in our cookie information.
Sharing of information
Via our website, functionalities from other sites can be accessed. Videos, links etc. may contain cookies from these sites, e.g. they may track that you are using a function on their site via our site. A third party may e.g. be a provider’s comment field or blog field, Vimeo or YouTube.
When you are a customer, supplier or other business partner – or on the way to becoming it
When we enter into dialogue about the performance of a task for the company that you are representing, we collect your personal data. The same applies if you e.g. are representing a supplier, and we are having a dialogue with the purpose of performing tasks or services for cp test A/S.
If we enter into a customer or supplier relationship or if we collaborate with you in any other way, we will process your personal data to be able to communicate and cooperate with you or to prepare the contractual basis etc.
When you visit cp test, we collect personal information via video surveillance, and we may collect information to issue a guest card. As a starting point the, the video surveillance will take place at the company’s entrance.
Purpose for processing personal data
Administration of your relation to cp test A/S, including invoicing and accounting, safety and security for employees and guests as well as sale and marketing.
What personal data do we process?
Primarily name, company, position, mobile phone number, e-mail address, information about visits to certain locations (via video surveillance and guest registration). If you contact us via a contact form, we also process the data submitted in this form.
Legal basis
The legal basis for our processing of personal data is subject to article 6(1)(b) and 6(1)(c) as well as 6(1)(f) (legitimate interest) of the GDPR. Our legitimate interests are the possibility for dialogue and establishment of a working relationship, safety for our employees and visitors and minimisation of the risk of theft.
Storage of personal data
We store your personal data for as long as it is necessary to accomplish its purpose, i.e. for so long as we have a customer or supplier relationship and a period thereafter.
When a customer or supplier relationship ends, we will assess what data that will be deleted and what data that will be stored and for how long. As an example, under the Danish Bookkeeping Act we are obliged to store certain information for at least five years.
Surveillance videos are overwritten regularly, and the information is saved for 30 days. Information for issuing of guest cards will be anonymised after one year. The guest card with your name will be shredded after use.
Security of processing
We protect your personal data, and we have adopted internal rules about information security comprising instructions and measures protecting your personal data against unauthorised disclosure and against unauthorised persons getting access to or knowledge about them. We have established procedures for how we assign access rights to those of our employees who process personal data. To avoid data loss, we currently make a backup of our data set.
In case of a personal data breach resulting in a high risk of discrimination, identity theft, financial loss, loss of reputation or other significant inconvenience, we will inform you of the security breach as soon as possible. We will also report the breach to the Danish Data Protection Agency. Our security procedures are currently revised based on the latest technological development.
In addition to our internal systems, we use external suppliers of IT services, and we have data processor agreements with these suppliers.
Your rights
When we process your personal data, you have the following rights:
Right to access your personal data
You have the right to get access to the personal data we process about you.
Right to rectification
You have the right to have inaccurate personal data rectified.
Right to erasure
In certain cases you have the right to request the erasure of your personal data.
Right to restriction of processing
In certain cases you have the right to request that the processing of your personal data is restricted to storage.
Right to withdraw your consent
If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time according to the personal data rules. Unless the company has another legal basis for processing, we can no longer process the information in question.
Right to object
In certain cases you have the right to object to our processing of your personal data. This is the case, for example, when the processing is based on section 6(1)(f) of the GDPR.
If you want to make use of your rights or if you have questions to our personal data policy, you can write to kontakt@cptest.dk.
You can also read more about your rights and personal data policy in the guideline of the Danish Data Protection Agency at www.datatilsynet.dk
Complaint to the Danish Data Protection Agency
You have the right to file a complaint to the Danish Data Protection Agency, and you will find the contact details and the complaint instructions on www.datatilsynet.dk
March, 2023.
