Privacy policy

Privacy policy - DEIF

At DEIF A/S (”DEIF”, ”we”, ”us”, or ”our”) confidentiality and data protection is a high priority. This privacy policy sets out the guidelines for DEIF’s processing of your personal data and provides you with the information you have the right to receive according to applicable data protection law. You must read the privacy policy before submitting your personal data to DEIF.

Data controller and contact information
The data controller for your personal data is:

DEIF A/S
Frisenborgvej 33
7800 Skive
Denmark
Company registration No.: 15798416

1. If you visit our websites

This section sets out the policy of DEIF’s processing of personal data regarding users of DEIF’s websites www.deif.com, www.deif.dk, www.deif.de, www.deif.us, www.deif.es, www.deif.fr, www.deif.com.br, www.deif.co.kr, www.deif.cn, www.deif.no and www.myportal.deif.com.

1.1 Cookies

Types of personal data DEIF uses cookies on our websites and applications. DEIF may collect, process, and store the following personal data about you via cookies when you visit our websites or applications:

- IP address
- Language settings
- Hardware, software, and internet browser used to access our websites
- Date and time of your access to our websites or applications
- Preferences and click behaviour
- Browsing history

We use cookies to collect the personal data stated above. You can find more information regarding our use of cookies in our cookie policy, which is available here.

Purposes of the processing
Your personal data may be processed for the following purposes:

- Promotional marketing in general
- Product and service development
- Statistics and analysis

Legal basis
DEIF will mainly process your personal data based on the following legal basis:

- Legitimate interests: The processing of your personal data will be based on our legitimate interest in, for instance, conducting statistics, analysis, marketing activities (where consent is not required), as well as improving and developing our products and services (Article 6 (1) (f) of the General Data Protection Regulation).

Retention period
Cookies are deleted pursuant to our cookie policy which is available here. Anonymised personal data collected via cookies may, however, be kept for a longer period of time.

1.2 If you use contact forms, schedule a demo, sign up for product webinars or otherwise contact or communicate with us

Types of personal data
When you use the contact forms on our websites, download whitepapers, sign up for webinars or otherwise contact or communicate with us, DEIF collects, processes, and stores the following personal data about you:

- Name, email address, phone number, job position
- What your inquiry or the communication concerns
- Date and time of your inquiry
- Other personal data you submit as part of your inquiry or communication with us. We recommend that you do not submit sensitive personal data unless it is strictly necessary in relation to your inquiry. If you submit sensitive or otherwise confidential personal data by email, we recommend that you use encryption.
- Whether you have accepted to receive our newsletter or other material and communication from DEIF

Purposes of the processing
Your personal data may be processed for the following purposes:

- Handling of your inquiry
- General communication with you
- Customer service
- Statistics and analysis
- Promotional marketing in general

Legal basis DEIF will mainly process your personal data based on one or more of the following legal bases:

- Legitimate interests: The processing of your personal data will be based on our legitimate interest in, for instance, conducting statistics, analysis and developing our products and services (Article 6 (1) (f) of the General Data Protection Regulation).

- Contractual obligation: If your inquiry concerns conclusion of a (potential) contract with DEIF, we process your personal data to make arrangements prior to the conclusion of the contract (Article 6 (1) (b) of the General Data Protection Regulation).

Retention period
Your personal data will be retained for five years after your business relation with DEIF has ceased.

Anonymised personal data may, however, be kept for a longer period of time.

If you are a customer or employed with one of our customers, suppliers, or other business partners, we refer to section 3 below.

2. If you subscribe to our newsletter and other marketing material

This section sets out the policy for DEIF’s processing of personal data when you have subscribed to our newsletter or other marketing material.

Types of personal data
When you subscribe to our newsletter or other marketing material, DEIF collects, processes and stores the following personal data about you:

- Name, email address, job position
- Your consent
- Your interests
- Your click behaviour in relation to marketing material we have sent you

Purposes of the processing
Your personal data may be processed for the following purposes:

- Promotional marketing
- Statistics and analysis

Legal basis
DEIF will process your personal data based on one or more of the following legal bases:

- Consent: DEIF will only use your personal data in order to send you product information, newsletters and other marketing material if you have provided your prior and explicit consent hereto (Article 6 (1) (a) of the General Data Protection Regulation).
- Legitimate interests: The processing of your personal data for statistics and analysis will be based on our legitimate interest in improving and developing our products and services (Article 6 (1) (f) of the General Data Protection Regulation)

Retention period
Your personal data will be retained for as long as your consent to receive marketing material is active.

You may revoke your consent by clicking the unsubscribe link in the bottom of each e-mail or by contacting us as described below. The revocation of your consent does not affect the legality of the processing prior to the withdrawal.

The documentation for your marketing consent will be kept for two years after revocation. This retention period is based on DEIF’s legitimate interest in being able to document that direct marketing activities have been carried out in compliance with applicable legislation (Article 6 (1) (f) of the General Data Protection Regulation). Anonymised personal data may be kept for a longer period of time.

3. Contact persons at customers, suppliers, and other business partners

This section sets out the policy for DEIF’s processing of personal data collected from owners of sole proprietorships or contact persons at customers, suppliers, and other business partners who collaborate with DEIF.

Collection of personal data
DEIF may collect, process, and store personal data about you in the following instances:

- When your company or the company you are employed with enters into an agreement with DEIF
- When you have shown an interest in DEIF’s products or services, e.g. by providing your business card to DEIF
- When you collaborate and communicate with DEIF

Types of personal data
DEIF may collect, process, and store the following personal data:

- Name, email address, telephone number and similar identification data
- Individual data, such as preferred language and home country
- Organisational data, such as company name, company address, job position, business area, primary work location and country
- Contractual data, such as purchase orders, invoices, contracts and other agreements between your company (or your employer) and DEIF, that may include e.g. your contact information
- Any feedback you provide if you participate in surveys
-Financial data, such as payment terms and bank account details 

Such information may be provided directly by you (primarily via emails and other correspondence) or by a third party such as your employer.

Purposes of the processing
Your personal data may be processed for the following purposes:

- Generally, to plan, perform and manage the business relationship, including any contracts
- Administration, such as processing payments, evaluation of credit ratings, performing accounting, auditing, billing, as well as providing support services
- Completion of requests received from you
- General communication
- Product and service development
- Statistics and analytics
- Marketing
- Market research
- Compliance and regulatory purposes, such as fulfilling our legal and compliance-related obligations to prevent illegal activity
- Dispute handling

Legal basis
DEIF will mainly process your personal data based on the following legal bases:

- Contractual obligation: The processing of your personal data will in some cases be necessary for the performance of a contract (Article 6 (1) (b) of the General Data Protection Regulation).

- Legitimate interests: We may process your personal data pursuant to our legitimate interest in, for instance, to manage daily operations according to lawful and fair business practices, including planning, performing and managing the business relationship or our legitimate interest in e.g. statistics, analysis, marketing activities (where consent is not required), providing support as well as improving and developing our products and services. The processing may also be necessary for our legitimate interests in preventing fraud or establish, exercise, or defend legal claims (Article 6 (1) (f) of the General Data Protection Regulation).

- Legal obligation: The processing of your personal data will in some cases be necessary to comply with legal obligations, such as our obligations to prevent illegal activity (Article 6 (1) (c) of the General Data Protection Regulation).

Retention period
Your personal data will be retained for five years after DEIF’s business relation with you or the company you are employed with has ceased.

Any personal data included in bookkeeping records will be stored for five years as from expiry of the financial year at which time the data will be deleted. The storage period has been determined with a view to complying with applicable bookkeeping legislation and DEIF’s legitimate interests in being able to document DEIF’s finances.

Anonymised personal data may be kept for a longer period of time.

4. If you apply for a job

This section sets out the policy for DEIF’s processing of personal data in relation to recruitment.

Categories of personal data
DEIF may collect, process, and store the following personal data:

- Personal data which you have disclosed in your job application and CV as well as any attachments
- Personal data you disclose during any job interviews
- Information about you, including information regarding your previous jobs, activities, competencies, performance, as well as your general appearance, which is publicly available on the internet, including on social media.
- Results of personality tests etc.
- Criminal records
- References from your previous and/or current employers
- Credit information and rating if the position you have applied for involves financial responsibilities (e.g., bookkeeping or accounting)
- Health information if the position you have applied for demands special requirements for your health.

Purposes of the processing
Your personal data will be processed for the purpose of assessing whether we can offer you a position.

Legal basis
DEIF will mainly process your personal data based on the following legal bases:

Request to enter into an employment contract with us: We may process your personal data on the basis of your request to enter into an employment contract with DEIF (Article 6(1)(b) of the General Data Protection Regulation).

Legitimate interests: We may process your personal data on the basis of our legitimate interests in carrying out further assessments of whether we want to hire you, including on the basis of personality tests, publicly available information on the internet and – if the position entails a financial responsibility - credit information and rating (Article 6(1)(f) of the General Data Protection Regulation).

Consent: In exceptional cases and only when no other legal basis can be applied, DEIF may ask separately for your consent to process your personal data (Article 6(1)(a) and 9(2)(a) of the General Data Protection Regulation and s. 8(3) of the Danish Data Protection Act). DEIF will, for instance, only take references from your previous and/or current employers or collect your health information or criminal records if you have consented to this.

Retention period
If you are offered a position with DEIF, your application and additional relevant personal data obtained during the recruitment procedure will be stored in your employee file.

If you are not offered a position, we will store your application and any additional personal data obtained during the recruitment procedure for a period of six months following our rejection, unless you have provided your consent to the storage hereof for a longer period.
If we have collected your criminal records, we will delete them immediately after we have received and reviewed them.

5. If you visit our profiles or fan pages on social media

This section sets out the policy for DEIF’s processing of personal data collected via DEIF’s profiles or fan pages on social media.

DEIF and the providers of social media are joint data controllers for the processing of your personal data collected when you visit DEIF’s profile or fan pages on social media. DEIF complies with the guidelines of the Danish Data Protection Agency concerning joint data controllership and, using the applicable tools the best way possible, DEIF attempts to ensure that you receive information on the processing of your personal data when you visit DEIF’s profiles or fan pages on social media.

DEIF has profiles or fan pages on the following social media:

Facebook (Facebook Ireland Ltd.)

- Facebook’s privacy policy is available here

- Manage your privacy settings on Facebook here

YouTube (Google LLC)

- Google’s privacy policy is available here

- Manage your privacy settings on YouTube here

LinkedIn (LinkedIn Ireland Unlimited Company)

- LinkedIn’s privacy policy is available here

- Manage your privacy settings on LinkedIn here

Twitter (Twitter, Inc.)

- Twitter’s privacy policy is available here

- Manage your privacy settings on Twitter here

Instagram (Instagram, Inc.)

Instagram’s privacy policy is available here

Manage your privacy settings on Instagram here

Collection of personal data
Depending on your conduct on the social media, DEIF and the provider of the social media in question may retrieve the following personal data about you:

- Your "likes" or other reactions expressed on DEIF’s profile or fan page

- Comments left by you on DEIF’s profile or fan page

- Your visits to DEIF’s profile or fan page

- Age, gender, relationship status, place of work, lifestyle, geographical information and fields of interest

Purpose of the processing
DEIF may process your personal data for the following purposes:

- To communicate with you if you comment on our posts or send us a direct message

- Improve our products and services, including our profiles and fan pages on social media

- Perform research activities

- Statistics and analytics

 -Promotional marketing in general

Legal basis
DEIF will mainly process your personal data based on the following legal bases:

Legitimate interests: We may process your personal data on the basis of our legitimate interests in being able to improve DEIF’s products and services (Article 6(1)(f) of the General Data Protection Regulation).
The providers of the social media process, among other things, your personal data to enable them to improve their advertisement system and to provide DEIF with statistics, which the provider, for example, works out on the basis of your visit to DEIF’s profile or fan page on the social media in question, with a view to advertising and customising the activities on the profile or fan page. The providers of the social media process your personal data as a consequence of their legitimate interests, including their interest in providing innovative, customised, secure and profitable services (Article 6(1)(f) of the GDPR).

Consent: The providers of social media may also process your personal data in accordance with your consent, which you are entitled to withdraw at any point in time via the settings on the website of the social media in question (Article 6(1)(a) of the GDPR).
Retention period
Your personal data will be retained by DEIF for five years from your interaction with DEIF on social media. DEIF does not delete reviews, comments, likes or other interactions your leave publicly on our profiles and fan pages. You may delete such expressions or interactions by removing your review, comment, like or other interaction from our profile or fan page.
Please refer to the privacy policy of the provider of the relevant social media for information on their retention of your personal data.
Anonymised personal data may be kept for a longer period of time.

Who do providers of social media share your personal data with?
The providers of social media may, among other things, share your personal data with the following categories of recipients:

- Other undertakings in the group which the provider of the social media in question is a part of

- Externally with partners providing analytical services

- Advertisers

- Other individuals using our profile or fan page on the social media in question

- Surveying partners

- Researchers and academics

For more information on the parties with whom the providers of social media share your personal data, we refer to the providers’ general privacy policies.

Your personal data may be transferred by the providers of social media to recipients outside the EU/EEA in accordance with the European data protection standards applicable from time to time. You may read more in the providers of social media’s general privacy policies.

For information of who DEIF shares your personal with, please refer to section 6 below.

6. Disclosure to other data controllers and sharing with data processors

To fulfil the purposes described above we may provide access to your personal data for third parties who, on the basis of a contractual relationship with DEIF, provide relevant services, e.g. DEIF representatives, IT-providers, email providers and marketing providers. Such service providers will only process personal data in accordance with our instructions pursuant to the data processor agreements entered into.

In connection with DEIF’s development, the company structure may change, e.g. through a full or partial sale of DEIF. In case of a partial hand over of assets containing personal data, the legal basis for the related disclosure of personal data is, as a general rule, Article 6(1)(f) of the GDPR, as DEIF has a legitimate interest in handing over part of its assets as well as making commercial changes.

Aside from above, it is a general rule that your personal data is not disclosed to a third party without your permission. However, under certain circumstances and in accordance with applicable law, we may need to disclose your personal data to

- Police

- Lawyers

- Auditors

- Courts

- Public authorities

- Prospective buyers

- Affiliated companies

If your personal data is transferred to data processors or data controllers established in countries outside the EU/EEA which does not have an adequate level of protection, such transfer will be based on the EU Commission’s standard contracts or binding corporate rules.

7. Your rights

- You have the right to access the personal data we process about you

- You have the right to object to our collection and further processing of your personal data

- You have the right to have your personal data rectified and deleted, with certain statutory exceptions, including the Bookkeeping Act

- You have the right to request us to restrict the processing of your personal data

- Under certain circumstances you may also request to receive a copy of your personal data as well as the transmission of your personal data which you have provided us with to another data controller (data portability)

- You may, at all times, withdraw any consent you may have given. We will then delete your personal data, unless we can continue the processing on another basis. Our newsletter can be unsubscribed by clicking the link at the bottom of the newsletter

8. Questions or complaints

If you have any questions in relation to this privacy policy or if you wish to make a complaint in connection to our processing of your personal data, please contact us:

DEIF A/S
Frisenborgvej 33
7800 Skive
Denmark
Email: crs@deif.com

If your complaint is not resolved by us and you wish to proceed with the case, you can send your compliant to the Danish Data Protection Agency:

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby
Denmark
Email: dt@datatilsynet.dk

If you are residing in another EU country, you can instead send your complaint to your local data protection agency – see contact details here.

9. Changes to the privacy policy

We reserve the right to make changes to this privacy policy from time to time. When updated, the date at the bottom of the privacy policy will be updated accordingly. The, at all times, applicable privacy policy will be available at our websites.

***

[04.12.2023]