Responsible for data
Vi leverer ydelser til erhvervsvirksomheder, private erhvervsdrivende og privatpersoner og er som udgangspunkt dataansvarlig for de personoplysninger, som vi modtager fra kunder, samarbejdspartnere, modparter, myndigheder mv.
Collection of Personal Information
We typically receive information about individuals from our customers, partners, counterparties, authorities, other advisors, etc. as the basis for our services.
Types of personal information
We collect, among other things, the following personal information:
- name, address, phone number, email address, birth dates, and other general personal information,
- bank details.,
- possible information about family relations and relations to other, closely associated persons and
- information about financial circumstances. Information about contact persons at our business clients is treated as personal information.
In some cases, we process what are known as sensitive personal data, such as information about religious affiliation, criminal matters, and health conditions.
The purpose of collecting information
We only collect personal information as part of the delivery of our services, which are relevant (or required) for the services that we may provide to our customers.
Legal basis for processing
As a starting point, the agreement we enter into with customers for the delivery of services forms the basis for our collection and processing of personal data. In certain cases, the collection and processing of personal data will be based on legislation and administrative regulations
Disclosure of Personal Information
We disclose personal information to third parties when it is relevant and substantiated in the task we have undertaken to solve.
Transfer to third countries outside the EU/EEA
In special cases, there may be a need to transfer personal data to countries outside the EU/EEA (third countries).
If we exceptionally need to transfer data to third countries, we follow the guidelines provided by the Danish Data Protection Agency (Datatilsynet) on the transfer of personal data to third countries.
The rights of the registered persons
In accordance with the General Data Protection Regulation (GDPR), the individuals whose data we process have a number of rights including (i) the right to access their personal data being processed, (ii) the right to have such personal data corrected and updated, (iii) the right to request the deletion of such personal data, unless we have a legal or other legitimate reason to retain the information, (iv) the right to withdraw consent regarding the processing of sensitive personal data that may have been given to us.
The aforementioned rights may be limited due to legal obligations imposed on us to process and store certain personal data, as we are subject to specific duties and rights under legislation. Access to personal data may also be restricted in order to protect the privacy, confidentiality, or similar concerns of other individuals.
It is possible at any time to request from us a copy of the stored personal data, updating of registered personal data, objection to the processing of personal data, or request for the deletion of personal data. However, whether we can disclose such material may be limited as mentioned above. The request must be in writing and include the name, address, phone number, and email address. Furthermore, the request must be signed by the individual to whom the personal data relates. The request can be sent by mail or email. Our contact information is available on our website at www.brightbirdhealth.com.
If the objection is valid, we will cease processing and delete the relevant data, unless we are obligated to retain them under the law or due to the nature of the services to which the personal data relates.
Complaints regarding our processing of personal data can be submitted to the Data Protection Authority (Datatilsynet).
To protect against unauthorized access to your personal data, we utilize IT solutions that automatically ensure that all data is only accessible to relevant individuals.
Furthermore, we have internal procedures and policies regarding information security. These procedures and policies contain instructions and actions that protect your data from being destroyed, lost, altered, disclosed, and from unauthorized access or sharing.