Your data security is important to us, and we therefore take great care to ensure that your personal data is handled responsibly. Below you can read how DAHL Advokatpartnerselskab (hereinafter DAHL, "we", "us" or "our") processes personal data about you when we act as data controller. You can also read about your rights in relation to our processing.
1 DAHL's role as a data controller
DAHL is the data controller in connection with registration of information about you when you visit our offices.
If you have any questions regarding our processing of your personal data, please contact DAHL here:
Central Business Reg. No. (CVR) 37 31 00 85
Our contact person for data protection is:
Name: Christoffer Belmann Mirasola
Phone: +45 88 91 94 05
2 What personal data do we collect and why?
We process personal data about you in a number of different situations. The personal data which we collect and process is mainly provided by the registered persons themselves. However, we also to some extent collect information from other sources, e.g. public databases etc.
Read more about our processing in the different situations below.
2.1 Visitors to DAHL's offices
When you visit one of DAHL's offices, we process personal data about your name, company name (if any), title and any other information you choose to provide to us.
The purpose of the processing is to ensure an appropriate level of security at our premises, including identifying who is a guest, and to prevent unauthorised persons from being on our premises.
The processing of personal data is based on Article 6(1)(f) of the General Data Protection Regulation, as DAHL has legitimate interests in being able to ensure an appropriate level of security.
We keep our visitor records at the reception desk for a short period of time. Your data will be deleted within 14 days of registration. Storage during this period is carried out in order to ensure an adequate level of security. However, if required by applicable law or where necessary for the establishment of a legal claim, the data may be kept for a longer period.
Our visitor records are securely stored and only accessible on a need to know basis, e.g. to look into an incident. These records are reviewed only by persons who have a work-related need to do so.
Areas monitored by video surveillance are identified in accordance with Section 3(1) of the Danish Television Surveillance Act. All recordings are stored securely and are only viewed if there are reasonable grounds for doing so, e.g. in case of an incident. Recordings are available only to persons who have a work-related need to see them. Recordings are typically overwritten automatically after a short period of time, unless a problem is identified that requires investigation, such as theft.
2.2 Participants in DAHL's events
When you participate in events organised by DAHL and/or in cooperation with DAHL, we process personal data about your name, telephone number/mobile number, email address, which event you are participating in and other information you choose to provide to us.
We process this personal data for the purpose of administering the event and for security reasons, as well as to be able to send you relevant material.
The basis for processing is our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation) or your consent (Article 6(1)(a) of the General Data Protection Regulation and Article 10 of the Danish Marketing Practices Act).
Depending on the event, catering may be provided. In this connection, you can inform us if you have any special dietary requirements. This information may be considered health-related, including for example information on allergies, special dietary requirements or similar. In addition, this information may be considered sensitive because it may reveal information about your religious beliefs or health conditions. If you provide us with such information when registering for the event, we will ask for your consent (Article 9(2)(a), cf. Article 6(1)(a) of the General Data Protection Regulation).
Personal data will not be kept longer than necessary for the purpose for which it was collected. When your personal data is no longer needed, such as when there has been no activity from you as a former participant for up to 2 years, we will ensure that it is deleted in a secure manner.
2.3 Photos and videos from DAHL's events
When you participate in events organised by DAHL and/or in collaboration with DAHL, photos and videos are taken for marketing purposes, for example on social media.
In this context, we process personal data about you in the form of photos and videos.
Your personal data is processed for the purpose of marketing our company and the company's services.
The basis for processing is our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation) and/or your consent (Article 6(1)(a) of the General Data Protection Regulation and Section 10 of the Danish Marketing Practices Act).
Your personal data will not be kept longer than is necessary for the purpose. When your personal data is no longer needed, we will ensure that it is deleted in a secure manner.
Photos and videos are stored as long as they are relevant for marketing purposes, for instance for similar events, and are processed for a period of up to 3 years.
3 Disclosure of your data to others
DAHL may disclose your personal data to other suppliers and/or service providers in the ordinary course of our business.
DAHL may also disclose your personal data to a public authority in situations where we are specifically obliged to disclose your personal data pursuant to legislation and notification obligations to which we are subject.
We try to limit the disclosure of personally identifiable information and thus the disclosure of information that can be attributed to you personally.
DAHL also discloses your personal data to data processors if this is required to fulfil the purpose. Our data processors only process your personal data for our purposes and under our instructions.
4 Transfer of personal data to countries outside the EU/EEA
In connection with our processing of your personal data, we may transfer such information to countries outside the EU/EEA.
The data protection legislation in these countries may be less strict than the legislation applying in Denmark and other parts of the EU/EEA. However, in some countries, the EU Commission has determined that the level of data protection is equivalent to the level of protection in the EU/EEA. If we transfer personal data to countries where this is not the case, the transfer of your personal data to these countries outside the EU/EEA will be based on the standard transfer contracts drawn up by the European Commission and specifically designed to ensure an adequate level of protection.
You can read more about the transfer of personal data to countries outside the EU/EEA on the European Commission's website.
If you would like further information about our transfer of personal data to countries outside the EU/EEA, please contact us at firstname.lastname@example.org .
5 Data integrity and security
It is our policy to protect personal data by taking adequate technical and organisational security measures.
We have implemented security measures to ensure data protection for all personal data that we process. We conduct regular internal follow-ups on the adequacy of and compliance with policies and measures.
6 Your rights
As a data subject, you have certain rights under the General Data Protection Regulation. If you want to exercise your rights, please contact us.
You may – unconditionally and at any time – withdraw your consent. You can do so by sending us an email (see email address above). Withdrawal of your consent will not have any negative impact. However, this may mean that we cannot meet specific requests from you in the future. Withdrawal of your consent will not affect the lawfulness of the processing based on consent before it is withdrawn. Furthermore, it will not affect any processing carried out on another lawful basis.
You can also – unconditionally and at any time – object to our processing when it is based on our legitimate interests.
Your rights also include the following:
- Right of access: You have the right to access the personal data we process about you.
- Right to rectification: You have the right to obtain rectification of any inaccurate and incomplete personal data about you.
- Right to erasure (right to be forgotten): In exceptional cases, you have the right to obtain erasure of information about you before the time when we would normally delete your personal data.
- Right to restriction of processing: In certain situations, you have the right to restrict the processing of your personal data. If you have the right to restrict the processing of your personal data, we may only process personal data in the future – apart from storage – with your consent, or for the establishment, exercise or defence of legal claims, or to protect an individual or important public interests.
- Right to object: In certain situations, you have the right to object to our processing of your personal data, and always if the processing is for direct marketing purposes.
- Right to data portability: In certain situations, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have such personal data transferred from one data controller to another.
- Right to lodge a complaint: You can lodge a complaint at any time with the Danish Data Protection Authority about our processing of personal data. See more at datatilsynet.dk where you can also find further information on your rights as a data subject.