Privacy Policy

This Privacy Policy explains how we handle your personal information at Flensted Mobiler ApS.

 

 

Data controller

The entity responsible for the processing of your personal information is:

Flensted Mobiler ApS

Brovej 6

5464 Brenderup

Denmark

CVR: 70637618

Mail: [email protected]

Tel: +45 6444 1688

 

 

Description of the processing

As the new General Data Protection Regulation comes into effect on 25 May 2018, we at Flensted Mobiles would like to inform you how we store data, in order to better service our customers. These data include mail addresses, physical addresses, phone numbers and IP addresses attached to mail addresses and data that may identify a person (such as cookies).

 

We do not sell or pass on relevant data to third parties, unless they are used as part of our customer service, such as news mails, in which case we have passed on data. All are accounted for below.

 

 

Accounting

In connection to our salary-, accounts receivable and accounts payable department, we store personal data, as requested by the Danish Financial Statements Act. Data will be stored a minimum of 5 years and in this particular instance, the right to be forgotten is not an option.

 

 

Newsletters

We use US-based MailChimp to send out our newsletters and have therefore passed on information about email addresses, contact name and company name. We send out approximately 6 newsletters per year, to keep our customers informed about holidays, the trade fairs where they might meet us and new product releases.

 

Mailchimp writes:

“What is MailChimp doing to prepare? We’ve been researching the GDPR and modifying many of our internal practices and policies over the last year, because we are committed to achieving compliance with the GDPR in 2018. For example, we’re in the process of updating our Data Processing Agreement and third-party vendor contracts to meet the GDPR’s requirements.

 

We’re also assessing the impact of the GDPR on MailChimp’s tools to see if we can make them more practical for users who are subject to the GDPR.

 

As further guidance is released and our research progresses, we’ll continue to look for ways we can help our users around the world get ready for the GDPR.”

 

Data stored in our ERP

To handle orders, we use Microsoft Dynamics NAV. This data is for internal use only and is stored on a Microsoft SQL Server.

 

Microsoft writes:

“The new General Data Protection Regulation (GDPR) is the most significant change to European Union (EU) privacy law in two decades. The GDPR requires that organizations respect and protect personal data – no matter where it is sent, processed or stored. Complying with the GDPR will not be easy. To simplify your path to compliance, Microsoft is committing to be GDPR compliant across our cloud services when enforcement begins on May 25, 2018.”

 

 

Data stored in our CRM

As a commercial company we have a customer and lead database. This is for internal use only. All data is stored in Microsoft 365 OneDrive.

 

Microsoft writes:

“The new General Data Protection Regulation (GDPR) is the most significant change to European Union (EU) privacy law in two decades. The GDPR requires that organizations respect and protect personal data – no matter where it is sent, processed or stored. Complying with the GDPR will not be easy. To simplify your path to compliance, Microsoft is committing to be GDPR compliant across our cloud services when enforcement begins on May 25, 2018.”

 

 

Your rights

You have the following rights:

  • You have the right to request access to and rectification or erasure of your personal data.
  • You also have the right to object to the processing of your personal data and have the processing of your personal data restricted.
  • In particular, you have an unconditional right to object to the processing of your personal data for direct marketing purposes.
  • If processing of your personal information is based on your consent, you have the right to withdraw your consent at any time. However, your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent.
  • You have the right to receive your personal information in a structured, commonly used and machine-readable format (data portability).
  • Should you need any guidance, we refer to The Danish Data Protection Agency.

You can take steps to exercise your rights by sending an email to [email protected].

There may be conditions or limitations on these rights. It is therefore not certain for example you have the right of data portability in the specific case – this depends on the specific circumstances of the processing activity.

 

(Last updated: 23 May 2018)