PRIVACY POLICY
This privacy policy explains how we process your personal data.
Data Controller
1. Data Controller
The legal entity responsible for the processing of your personal data is:
Xplor ApS
Annette Andersen, aa@xplor.dk
CVR.: 10126452
Tåstrupvej 7
4370 St. Merløse
+45 51 36 56 77
Data Processing Description
2. Description of the data processing
Purpose | Categories of personal data | Sources | Processing basis | Recipients | Data storage |
---|---|---|---|---|---|
Delivery of our service: Personal data is used to contact you for the purpose of order processing that you have requested, Marketing: Personal information is used for marketing purposes, including targeting our communication with you in relation to specific orders and sending you relevant marketing in the form of e.g. newsletters. Optimizing the user experience on the website: Personal information is collected through your use of our website. We use this information to optimize the user experience on our website and the services we offer. |
We process the following categories of personal information about you: General personal information: Name, address, e-mail, telephone number, Purchasing history, use of digital services Sensitive information Credit ratings |
We collect information from the following sources: Directly from you Activities on our website |
We process your personal information based on the following processing basis: Article 6.1.a (consent) Article 6.1.b contract to which you are a party Article 9.2.f (necessary for legal claims to be established, asserted or defended) Article 9.2.g (necessary in the interests of the public interest under EU law or the national law of the Member States) Article 10, cf. section 8 of the Data Protection Act |
We may share your personal information with: Suppliers and resellers, including IT providers, support, and financial institutions that we work with to assist our business |
We will store personal information for as long as is necessary for the purposes mentioned. Eg.: Up to 5 years for all financial documents Up to 5 years for all order history Your contact information as long as we have contact with you as a customer or supplier |
Consequences of data processing if the above is violated by mistake
3. Consequences of data processing if the above is violated by mistake
The affected persons are contacted immediately for information of the violation. Together with those affected, the further course is agreed.
Transfers to countries outside the EU / EEA
4. Transfers to countries outside the EU / EEA.
There are no transfers.
Mandatory information
5. Mandatory information.
The information below is mandatory if you are a customer of ours. If you do not provide this information, we will not be able to provide goods or services to you.
- TAX ID / VAT Number / CVR Number
- Company name
- Delivery address
- Billing address
- Contact person with e-mail and phone number
Your rights
6. Your rights
You have the following rights:
- You have the right to request insight, correction or deletion of your personal information.
- You also have the right to oppose the processing of your personal data and have the processing of your personal data restricted.
- In particular, you have an unconditional right to object to the processing of your personal data for the purpose of direct marketing
- If the processing of your personal data is based on your consent, you have the right to revoke your consent at any time. Your revocation will not affect the legality of the processing carried out prior to your revocation of your consent.
- You have the right to receive the personal information that you have provided yourself in a structured, commonly used and machine-readable format (data portability).
- You can always file a complaint with a data protection authority,, e.g. The Danish Data Protection Agency
You can make use of your rights by: contacting Annette Andersen, aa@xplor.dk
There may be conditions or limitations to these rights. It is therefore not certain that you e.g. have the right to data portability in the specific case – this depends on the specific circumstances in connection with the processing activities.
General Data Protection Regulation (GDPR) – MAPPING XPLOR APS
What personal information do we have?
1. What personal data do we have?
Customers: Company name; company address; attention name; and e-mail. Phone number; direct mobile number; credit information; Statistics.
Suppliers: Company name; company address; Company registration number; attention name; and email. Phone number as well as sometimes direct mobile number.
Partners: Company name; company address; Company registration number; attention name; e-mail and phone number.
Employees:
- Social Security number
- Name
- Address
- Tax information
- Bank details
- Job application
- Employment agreements
- Staff files such as interviews, warnings, etc.
- Sick leave
- Possibly. health information in connection with the employment, subsidy schemes, aids, etc.
- Possibly. information in connection with accidents at work
- Possibly. individual working environment conditions / considerations
- Possibly. photos and videos
What sensitive personal data do we have?
2. What sensitive personal data do we have?
Customers: Under normal circumstances, none. If, in connection with a special relationship with a customer, sensitive information should be included in an email, it will be deleted immediately.
Suppliers: Under normal circumstances, none. If, in connection with a special relationship with a supplier, sensitive information should be included in an e-mail, it will be deleted immediately.
Collaborators: Under normal circumstances, none. If, in connection with a special relationship with a business partner, sensitive information should be included in an e-mail, it will be deleted immediately.
Employees: We have on employees: social security number, statements in personnel files, documentation of illness, tax information, bank information, employment agreement, development interviews and possibly photos.
Information about employees is registered when reporting to the tax authorities, to virk.dk as well as to the municipality to the extent necessary.
Job applications are received by Annette Andersen. They are deleted immediately if they are not to be used. If we would like to keep a job application, we will write to the applicant with information that we would like to keep the application in question for up to 6 months with reasons, but that the applicant can of course ask to have it deleted.
Photos and, for example, video recordings are only used in a marketing context and only after approval by the employee or employees in question.
Video surveillance. Xplor only uses video surveillance in connection with burglar alarms.
For what purpose do we have this information?
3. For what purpose do we have this information?
Customers: In order to fulfill the contract and to have a dialogue about current and new tasks.
Customers have the opportunity to sign up for the newsletter. When registering, a standard declaration is used.
Suppliers: In order to fulfill the contract and to have a dialogue about current and new tasks.
Suppliers have the opportunity to sign up for newsletters. When registering, a standard declaration is used.
Partners: In order to fulfill the contract and to have a dialogue about current and new tasks.
Partners have the opportunity to sign up for newsletters. When registering, a standard declaration is used.
Employees: In order to meet legal requirements in relation to the tax authorities, the Annual Accounts Act, the Working Environment Act, etc. This is only statutory information and information of significance to the employment relationship.
Where is the information stored?
4. Where is the information stored?
Customers: In the company’s email archive, possibly work files and in a customer database. Information is deleted when an employee of a customer is no longer working for that customer or there is no longer contact with the customer.
Suppliers: In the company’s email archive, possibly. work files and in a vendor database. Information is deleted when an employee of a supplier is no longer working for that supplier or there is no longer contact with the supplier.
Partners: In the company’s email archive, possibly. work files and in a contact database. Information is deleted when an employee of a business partner is no longer working for that business partner or there is no longer contact with the business partner.
Employees: All sensitive information is available either on a closed drive only with access from the Executive Board, Annette Andersen or in a paper folder in a locked cabinet. Information is deleted in accordance with deadlines in current legislation – for example, the Danish Financial Statements Act.
Should a situation arise with an accident at work, where the investigation and closing of the case drags on, this information is moved to a special folder and stored until the case is closed.
Who has access to this information?
5. Who has access to this information?
Customers: Employees at Xplor ApS
Suppliers: Employees at Xplor ApS
Partners: Employees at Xplor ApS with relevance to the use of this information.
Employees: Only the management and only for administrative or statutory reasons.
In addition, information is sent via statutory reports to the tax authorities and to Virk.dk.
Where does this information come from?
6. Where does this information come from?
Customers: Have submitted them themselves for practical reasons.
Suppliers: Have submitted them themselves for practical reasons.
Accounting data from the Internet.
Partners: Have submitted them themselves for practical reasons.
Employees: Have submitted tem themselves. We may receive information about health conditions from an authority in connection with illness, accidents and, for example, special subsidies or other employment conditions. Some conditions will be received from the municipality via VITAS.
Information in the form of disciplinary reactions related to the employment is given orally to the employee in question and is handed out in writing in copy to the employee.
To whom do we pass this information on and how?
7. To whom do we pass this information on and how?
Customers: Information is not passed on. They are for internal use only between employees of the company.
Suppliers: Information is not passed on. They are for internal use only between employees of the company.
Partners: Information is not passed on. They are for internal use only between employees of the company.
(Data processors will also have access)
Employees: The following information is passed on by management:
- Tax returns
- Reporting to virk.dk, for example maternity leave, illness with sickness benefit coverage
- Salary information for auditor for use in salary payment
- Information on salary payment to the employee’s bank connection
- Registration in the company’s Accounting System of salary data
- The municipality in connection with salary reimbursement and reporting of sick leave, etc.
Do we have or use information without objective or legal purpose?
8. Do we have or use information without objective or legal purpose?
Customers: No.
Suppliers: No.
Partners: No.
Employees: No.
Have we informed that we have this information and use it as described and have we obtained consent?
9. Have we informed that we have this information and use it as described and have we obtained consent?
Customers: Privacy policy appears on the website. For newsletters, a special statement is used.
Suppliers: Privacy policy appears on the website. When subscribing to the newsletter, a special statement is used.
Partners: Privacy policy can be found on the website. When subscribing to the newsletter, a special statement is used
Employees: Special statement of consent
Have we informed that you can ascertain what information we have and what we use them for, and that you can get corrected / deleted?
10. Have we informed that you can ascertain what information we have and what we use them for, and that you can get corrected / deleted?
Customers: Privacy policy appears on the website. When subscribing to the newsletter, a special statement is used.
Suppliers: Privacy policy appears on the website. When subscribing to the newsletter, a special statement is used.
Partners: Privacy policy can be found on the website. When subscribing to the newsletter, a special statement is used
Employees: Special statement of consent
Who is the contact person and responsible for the above?
11. Who is the contact person and responsible for the above?
Customers: Annette Andersen
Suppliers: Annette Andersen
Collaborators: Annette Andersen
Employees: Annette Andersen
When do we delete information? And why?
12. When do we delete information? And why?
Customers: When the person is no longer with the customer, or the customer relationship ends.
Suppliers: When the person is no longer with the supplier or the supplier relationship ends.
Partners: When the person is no longer with the collaborator, or the collaborative relationship ends.
Employees: Normally in accordance with the rules of the Danish Financial Statements Act – ie: Information is stored for 5 years.
In the case of information relevant to, for example, an accident at work that has not been closed by the authorities or a disciplinary case that has not been closed, this special information is stored until the case is finally closed.
Do we systematically update personal information and pass on the updates if necessary and relevant?
13. Do we systematically update personal information and pass on the updates if necessary and relevant?
Customers: This can only be considered if a person at the customer moves, gets a new telephone number, or changes name – ie purely practical contact data. These are being updated.
Suppliers: This can only be considered if a person at the supplier moves, gets a new telephone number, or changes name – ie purely practical contact data. These are being updated.
Partners: This can only be considered if a person at the partner moves, gets a new telephone number, or changes name – ie purely practical contact data. These are being updated.
Employees: Yes, if the employee notifies of changes, these will be updated immediately.
Do we allow a customer to have their data transferred to another company?
14. Do we allow a customer to have their data transferred to another company?
No
Is it possible to object to our collection, storage and use of personal information?
15. Is it possible to object to our collection, storage and use of personal information?
Yes, just let Annette Andersen know at xplor@xplor.dk. We point out that certain contractual conditions cannot be fulfilled if we are not allowed to process personal data.
Do we have a procedure that describes all of the above?
16. Do we have a procedure that describes all of the above?
Yes, we believe so – in this document and in the privacy policy
Do we have data protection procedures?
17. Do we have data protection procedures?
Yes, we have an agreement with respectively:
- Our accountant
- Our Supplier of our finance and accounting system
- Our supplier of IT
- Agreement regarding IT security
Do we have emergency procedures in case of a data breach?
18. Do we have emergency procedures in case of a data breach?
Yes. In the event of a data breach, we always do the following:
- We identify the breach and the extent so that we know exactly what data it is about and what has happened to it.
- We close all access to data until we have identified and implemented a solution.
- We give immediate notice to those persons whose data has been breached.
- At the same time, we ask the people involved for information about what they want us to do in relation to their data.
- We make sure that we handle the relevant data as agreed with the people involved, or let them know if something is not possible.
- We identify and initiate relevant corrective actions to prevent recurrences.
Do we use cookies?
19. Do we use cookies?
Yes – see below
VORES COOKIEPOLITIK
Vi vil vi gerne tilbyde en overskuelig og brugervenlig hjemmeside med informationer. For at det kan lade sig gøre, indsamler vi ved hjælp af cookies oplysninger om, hvordan du og andre besøgende bruger hjemmesiden.
What are cookies?
What are cookies?
A cookie is a small text file stored in your browser to recognize your computer on subsequent visits. Cookies can contain text and numbers, including dates. There is no sensitive personal information stored in our cookies and they may not contain viruses.
Some cookies remain on your computer after you close the browser, while others are deleted after 30 minutes or when the browser closes.
Google Analytics
Google Analytics
We use cookies from Google Analytics for statistical purposes to improve the usability of the website. We use the information, among other things. to gain knowledge about how many visitors there are, and about user behavior. Among other things, we can see where the visitors are coming from, what pages they are visiting, and how long they are staying on the pages. It gives us a knowledge of which pages work and which pages we should improve.
Google Ads
Google Ads
We use cookies from Google Ads to target ads specifically to people who have visited our website (remarketing).
Login
Login
At login, we use cookies to ensure that the correct username and password have been used and to identify the user. We also use these cookies to see if the user is already logged in to, for example, another browser window. The cookies associated with the login are necessary for the website to function.
You can delete cookies
You can delete cookies
In the settings of your browser you can delete cookies. At https://www.allaboutcookies.org/manage-cookies/ you can read more about cookies and get instructions on how to delete cookies on different browsers.
As a visitor to the site, you automatically accept that we use cookies. We primarily use cookies to improve the user experience and for statistics
Last update: 02-05-2022