In our personal data policy for Washpower, you get help to understand what data we collect, why we collect it and what we as data controllers use it for. Washpower has prepared this information on personal data protection in order to ensure compliance with applicable personal data legislation, including the EU regulation on personal data and the Data Protection Act.
1. In general
1.1 This personal data policy applies to all personal information that you provide to us and / or that we collect about you when you are a customer of Washpower, or when you visit our website washpower.com.
2. Data controller
2.1 The data controller for the processing of your personal data is:
CVR No. 37808172
Telephone; 2834 1133
2.2 Washpower uses subcontractors who act as sub-data processors. They are listed below. These sub-processors can themselves use additional sub-processors, which they themselves maintain a list of.
Nytorv 6, st.
CVR No. 34364168
Subdata processors: vizuall.dk/underdatabehandlere
DK-1620 København V
+45 71 74 76 00
2.3 When we process personal information, we comply with the EU Data Protection Regulation (GDPR) as well as the Danish personal data law rules, which may apply after 25 May 2018.
2.4 If you have any questions about our personal data policy, or the way we process your personal information, which is registered with Washpower, you can contact firstname.lastname@example.org or telephone +45 96 96 10 15.
3. Website and tracking
3.1 When you visit our website, information is collected about you, which is used to gain insight into the use of the site, as well as how the user experience can be improved. We call this practice “tracking”.
3.2 If you want insight into, or want to delete the information we have collected about you, you are welcome to contact us about this.
4. Collection of personal information
4.1 If you are a customer or contact us from the website, washpower.com, we collect general personal information about you, for example: name, address, mobile number and email address.
4.2 We do not process sensitive personal data about you (as defined in Article 9 (1) of the Data Protection Regulation).
5. Processing of personal information
5.1 Personal data must be understood as defined in the personal data legislation.
5.2 We only process personal data to the extent necessary. For example, it may be necessary for us to meet our obligations under agreements and related services. It can also be to live up to the obligations we have as a Danish company, where we are covered by Danish law.
Thus, we do not use personal information other than that we need for the specific purpose.
5.3 We do not profile you and do not misuse your personal information. We also do not pass on your personal information without your consent, unless we are required to do so by law.
5.4 If you are a customer, we use your personal information to:
Send order confirmation, passwords and user guides to you.
Provide you with customer service, support, answer questions and comply with your requests.
Execute your orders and deliver our services and services.
Manage customer relationship management for you.
Submit notifications about new options, products, prices, system updates, downtime, etc. via e-mail.
5.5 We check as far as possible that the personal information we process about you is not incorrect or misleading. We also make sure to update your personal information regularly when we become aware of changes.
6. Sharing your personal information
6.1 We always make sure that there is a legal basis before we pass on your personal information to third parties.
6.2 We share your personal information with the suppliers and partners who assist us with the execution of your order, or who assist us with our IT operations, hosting, SMS gateway, etc. This means, for example, that we share your information with our service providers, our technical support and our bank.
6.3 We also share your personal information to the extent that we are obliged to do so, for example as a result of reporting requirements to public authorities such as SKAT.
7. Sharing of information with recipients outside the EU / EEA
7.1 In certain cases, we transfer personal data to data processors established outside the EU / EEA.
7.2 We are aware of the stricter rules within this area, and ensure that our data processors meet the requirements that the data processing presupposes.
8. IT security
8.1 We have adopted internal rules on IT security, which contain instructions
8.2 We have established procedures for granting access rights so that our employees only have access to information relevant to their work.
8.3 In the event of a security breach that results in a high risk for you of discrimination, ID theft, financial loss or other significant inconvenience, we will notify you of the security breach as soon as possible and in accordance with the rules laid down by law.
8.4 In connection with the use of external partners for storage of personal data (cloud solutions), we ensure that a data processing agreement has been entered into and that the partner in question has adequate security procedures and that compliance with these is continuously checked.
9. Protection and erasure of personal data
9.1 According to the personal data rules, your personal data must be stored securely and confidentially.
We store your personal data on computers with limited access, which are located in controlled facilities, and our security measures are continuously checked to determine whether our user information is handled properly and with due regard to your rights as a user.
However, we cannot guarantee 100 percent security for data transfers over the Internet. This means that there may be a (limited) risk that others unjustifiably gain access to information when data is sent and stored electronically. You thus provide your personal information at your own risk.
9.2 The personal data will be deleted or anonymised on an ongoing basis as the purpose for which it was collected is completed. Personal data is stored for a maximum of 2 years after the purpose has been completed.
9.3 Changes in our processing of personal data may become necessary. We therefore reserve the right to update and change these guidelines for the processing of personal data. If we do so, we will correct the date under item 12. “Last updated” at the bottom of the page. In the event of significant changes, we will notify you in the form of a visible notice on our website.
10. Your rights
10.1 You have the right to know what personal data we process about you, where it comes from and what we use it for. You can also be informed how long we store your personal data and to whom we may disclose your personal data.
10.2 In certain cases, you have the right to object to our processing of your personal data, e.g. in connection with our use of your data for marketing purposes. If your objection is justified, we will make sure to stop processing your personal data.
10.3 If the personal information we process about you is incorrect, incomplete or irrelevant, you are entitled to have the information corrected or deleted – subject to restrictions in applicable law and our right to process the information.
When you contact us with a request to correct or delete your personal data, we will investigate whether the conditions are met and, if so, carry out the change or deletion as soon as possible.
10.4 If you believe that the personal data we have registered about you is incorrect, or if you have objected to our use of the data, you can demand that we restrict the use of the data to storage until its accuracy can be verified or until it can be established whether our legitimate interests override your interests.
10.5 You can revoke consent to the processing of your personal data at any time. If you withdraw consent, please note that we may not be able to provide the service or service to which your consent relates. There may also be cases where we are obliged to process your personal data and where we must therefore continue to process your personal data.
10.6 If you believe that your personal data is being processed unlawfully, you can complain to the personal data controller specified in section 2.1.
If you believe that your complaint is not being handled correctly by the data controller, you can complain in writing to the Danish Data Protection Agency, cf. section 39 of the Danish Data Protection Act. See the current contact information, etc. on datatilsynet.dk.
11. The legal basis for our processing
11.1 We process your personal data on the following basis:
- The data subject has given consent to the processing of his/her personal data for one or more specific purposes, cf. Article 6(1)(a) of the General Data Protection Regulation.
- Processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of measures taken at the request of the data subject prior to entering into a contract, cf. Article 6(1)(b) of the General Data Protection Regulation.
12. Last updated
Date; 19.11.2020, Rasmus Ustrup, Marketing Coordinator, Washpower A/S