The Greenery

Trædrivhuse - The Greenery
Trædrivhuse - The Greenery

PRIVACY POLICY

Data controller

We are the data controller for the processing of the personal data we handle about our customers and partners. You can find our contact details below.

The Greenery I/S
Skovvænget 14b, 3100 Hornbæk
Denmark
CVR 40333304

It is not a requirement for our company to have an external DPO, but if you have questions regarding the processing of your personal data, you can contact us at info@thegreenery.dk.

Processing activities

As a data controller under the GDPR, we have the following processing activities.

Visiting our website

When you visit our website, we use cookies to make the site function, which you can read more about in our [cookie policy].

Communication with potential customers

When you have questions about our website or want to know more about our services, you can contact us via:

Through this, we will process your personal data so that we can engage in a dialogue with you, e.g., respond to questions about our services. We only process the information you provide us in connection with our communication.

We typically process the following general information: name, email, phone number.

Our legal basis for processing this personal data is Article 6(1)(f) of the GDPR.

We will delete our communication with you when it becomes clear whether you wish to use our services or not.

If there is a specific need to store your personal data for a longer period, this may be the case.

Customers

We need to communicate with our customers to ensure that the service is delivered correctly. Through this, we may process information about names, addresses, services, special agreements, payment information, and similar.

The legal basis for processing this personal data is Article 6(1)(b) of the GDPR.

When the service has been delivered and any outstanding matters are settled, we will delete the personal data shortly thereafter.

Newsletter

We have a newsletter which you can voluntarily sign up for – and you can unsubscribe at any time.

The purpose of the newsletter is to send subscribers emails with new information from the company, which may include new website content or announcements about our services.

We will only send you emails if you have given your active consent. This requires you to provide your email address, to which we will then send a confirmation email so you can verify your subscription. In this way, we ensure that you have actually signed up for the newsletter, i.e., given active consent.

Our legal basis for processing your personal data (i.e., your email address) for the newsletter is Article 6(1)(a) of the GDPR.

We will process your personal data as long as you remain subscribed to the newsletter. When you unsubscribe, we will also stop sending it to you. If we have not sent you a newsletter for one year, your consent will lapse due to our inactivity.

When you unsubscribe from the newsletter, we will keep your former consent for two years after it was last used due to limitation requirements pursuant to the Danish Consumer Ombudsman’s spam guidance section 11.3.

Accounting

We must keep all accounting records in accordance with the Accounting Act. This means we store invoices and similar documents for accounting purposes. These may contain general personal data such as names, addresses, and service descriptions.

Our legal basis for processing personal data for accounting is Article 6(1)(c) of the GDPR.

We keep this information for at least 5 years after the current fiscal year has ended.

Data processors

Few can do everything themselves, and the same applies to us. We therefore have partners and use suppliers, some of whom may be data processors.

External suppliers may provide systems to organize our work, services, advice, IT hosting, or marketing.

It is our responsibility to ensure that your personal data is handled properly. Therefore, we set high requirements for our partners, and our partners must guarantee that your personal data is protected.

We therefore enter into agreements with companies (data processors) that handle personal data on our behalf to increase the security of your personal data.

Disclosure of personal data

We do not disclose your personal data to third parties.

Profiling and automated decisions

We do not carry out profiling or automated decision-making.

Transfers to third countries

As a rule, we use data processors within the EU/EEA or who store data within the EU/EEA.

In some cases, this is not possible, and data processors outside the EU/EEA may be used if they can provide adequate protection for your personal data.

Processing security

We keep the processing of personal data secure by implementing appropriate technical and organizational measures.

We have conducted risk assessments of our processing of personal data and have subsequently implemented suitable technical and organizational measures to increase processing security.

One of our most important measures is to keep our employees updated on GDPR through ongoing awareness training, GDPR courses, and by reviewing our GDPR procedures with employees.

Data subjects’ rights

You have several rights under the GDPR in relation to our processing of your data.

If you wish to exercise your rights, please contact us so we can help you.

Right of access
You have the right to access the information we process about you, as well as certain additional information.

Right to rectification
You have the right to have inaccurate information about yourself corrected.

Right to erasure
In certain cases, you have the right to have information about you deleted before our general deletion period occurs.

Right to restriction of processing
In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to restriction, we may, apart from storage, only process the data with your consent, or for the establishment, exercise, or defense of legal claims, or to protect a person or important public interests.

Right to object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing purposes.

Right to data portability
In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have this personal data transferred from one data controller to another without hindrance.

You can read more about your rights in the Danish Data Protection Agency’s guidance on data subjects’ rights, which you can find at www.datatilsynet.dk.

Withdrawal of consent

When our processing of your personal data is based on your consent, you have the right to withdraw your consent.

Complaint to the data protection agency

You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find the Agency’s contact details at www.datatilsynet.dk.

We generally encourage you to read more about GDPR so you stay updated on the rules.