1 General
1.1 This Personal Data Policy ("Policy") applies to all the information you provide to us and / or we collect about you, either as part of a customer or contributor relationship or as a user of our services, including while visiting our websites. . In Politikken you can read more about what information we collect, how we handle your information and how long we store information about you etc. You should read this Policy and contact us if there is information in the Policy that you cannot accept. At www.indremission.dk you will at all times be able to find the current version of the Policy.
2 Data controller
2.1 The data controller organization for the processing of your personal data is:
Church Association for the Inner Mission in Denmark
Korskærvej 25
7000 Fredericia
Phone: 45 75 92 61 00
Email: post (at) indremission.dk
CVR No .: 65 21 91 15
(Hereinafter "the Organization")
2.2 The overall legal framework for our processing of personal data is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and on repeal of Directive 95/46 / EC and its Regulation. In addition, the Danish Parliament's Act no. 502 of 23 May 2018 on supplementary provisions to the regulation (the Data Protection Act).
2.3 All questions regarding this Policy, the processing of your information and the suspicion of non-compliance must in the first instance be addressed to:
Controller Jesper Blond Jensen
Church Association for the Inner Mission in Denmark
Korskærvej 25
7000 Fredericia
Phone: 45 82 27 13 28
Email: jesper.bj@indremission.dk
3 Definitions
3.1 The following are definitions of some of the most important concepts of personal data law:
Personal data | Any form of information about an identified or identifiable natural person. That is, any information that, directly or indirectly, alone or in combination, can identify a particular natural person. |
Data controller | The natural or legal person, public authority, institution or other body which, alone or together with others, decides for what purposes and with what aids the processing of personal data may be carried out. |
data Processing | The natural or legal person, public authority, institution or other body that processes personal data on behalf of the controller. |
Treatment | Any activity or series of activities that involve the use of personal information, eg collection, registration, systematization, modification, search in, compilation, transfer or transfer to persons, authorities, companies, etc. outside the Organization. |
Special categories of personal data | Information on race or ethnic origin, political, religious or philosophical beliefs, trade union affiliation, health information including genetic data, biometric data for identification and information on a natural person's sexual relations or sexual orientation (sensitive information). |
Personal Data Ordinance | Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46 / EC associated regulation. |
The Data Protection Act | Folketingets Lov nr. 502 of 23 May 2018 on supplementary provisions to a regulation on the protection of natural persons in connection with the processing of personal data and on the free exchange of such data. |
4 Purpose of the processing of your personal data
4.1 Depending on whether you are a customer or contributor to us or perhaps just a user of our websites, we are obliged to process your personal information to such an extent that we can partly provide you with the services you request and partly live up to the obligations we have as an association and business fund. This applies both to the handling of your possible contributions - unless you choose to contribute anonymously - your possible purchases of services or goods from us, and / or when we have to manage your possible subscriptions with us. It can also be through your use of our webshops, our customer service and / or in connection with our marketing to you.
5 The personal information we process about you
5.1 We collect this information directly from you:
5.1.1 When you are a customer or contributor with us, we collect the following general personal information from you: Name, address, postcode, city, telephone number, e-mail address, registration and account number and communication preferences. Depending on your relationship with us, we collect information about your CPR number, for example if you need a deduction for any contributions, or if we have a reporting obligation.
5.1.2 When you visit our websites and click around in our universe, we collect data regarding your movements between different pages and services and in some cases also your IP address. If you contact us from one of our websites via forms or sign up for one or more of our services (eg news emails), we collect your name, address, postcode, city, telephone number and e-mail address.
5.1.3 As a rule, we do not collect any special categories of personal information about you.
5.2 We collect this personal information from others about you:
5.2.1 In some cases, it is necessary for us to collect personal information about you from others. This can, for example, be from iDQ A / S, where we can obtain information from the CPR register via our subscription. We collect this information in order to keep our information about you as up-to-date and accurate as possible.
6 Cookies
6.1 On our websites, "cookies" are used to manage login and to collect web statistics. A cookie is a small text file that is sent from our server to your browser and stored on your computer's hard drive or mobile device. Cookies mean that you can use the website more efficiently and more easily. We do not process user behavior information collected through cookies in a way that may link user behavior to specific individuals. You can set your browser to inform you when you receive a cookie so that you always have the opportunity to decide whether you want to accept it. You can also choose to turn the feature off completely. However, if you do, the website will not work optimally. The cookies do not contain personal information such as information about your name, your e-mail address or other personal information in addition to what may be stated in this Policy. You can read about our cookie policy here: www.indremission.dk/cookies.
7 How we process your personal information
7.1 Specifically, we use your personal information for several different purposes depending on whether you are a customer or contributor with us, or whether you are only a user of our websites.
7.1.1 If you are a customer of ours, we use your personal information to:
- make the functionalities on our websites, including webshops (eg www.lohse.dk and www.bethesdas.dk), available to you;
- execute your orders;
- send you purchase-related documents such as order confirmations, invoices and bank statements;
- answer your possible questions and comply with your requests;
- send you marketing materials, provided that this is also in accordance with the Marketing Act in force at any time;
7.1.2 If you are a contributor to, we use your personal information to:
- manage your deposits;
- send you necessary information about your contributions;
- report your contributions to SKAT so that your contributions appear on your tax return;
- send you marketing materials, provided that this is also in accordance with the Marketing Act in force at any time;
7.1.3 If you are the sole user of our websites, we use your personal information to:
- make the features of our websites, including contact forms and news mails, available to you;
- compile statistics about your movements on our websites;
- optimize the layout of our websites;
8 Why are we allowed to process information about you?
8.1 When you make a contribution to us, buy an item in our webshop or enter into another form of agreement with us, we process your general personal information for that very purpose. We may also process your general personal information if, for example, you have an inquiry or the like that precedes your decision to enter into an agreement with us. The legal basis for the processing of your personal data is Article 6 (1) of the Personal Data Regulation. XNUMX (b), as the processing of your information is necessary for us to fulfill our agreement with you or for us to handle inquiries and the like prior to your possible conclusion of an agreement with us.
8.2 We also have the opportunity to process your general personal data because we have a legitimate interest in processing the data about you, cf. Article 6 (1) of the Personal Data Ordinance. XNUMX (f), unless your right to obtain protection of your own personal personal information takes precedence over our legitimate interest in processing your information.
8.3 We have a legitimate interest in processing your personal information (your name and your email address) for marketing purposes. Our legitimate interest thus lies in knowing your preferences so that we can better tailor our offerings to you and ultimately offer products and services that better meet your needs and desires. Of course, we also comply with the rules of the Marketing Act. It is also with reference to this provision that we compile various statistics on contributions, purchases, use of the website, etc.
8.4 In certain cases, we are also legally obliged to process personal data about you. It may, for example, be used for documentation of transaction traces pursuant to the rules in the Accounting Act. Among other things, we must store accounting material for five years from the end of the financial year to which the accounting material relates. It can also be in connection with reports to SKAT, so you can get a deduction for your contributions to us. Reports to SKAT must be made with a statement of CPR number, cf. the Tax Control Act, and this is the basis for our processing of information about your CPR number.
8.5 If you provide or have provided special categories of personal data (sensitive information) to us, then the basis for our processing is Article 9 (2) of the Personal Data Regulation. XNUMX (d), as we are a body which does not work for profit, and as our aim is of a religious nature. The processing of your special categories of personal information (sensitive information) is carried out as part of our legitimate activities in order to live out the Organization's purpose: "Lead to Jesus - live in him". In addition, the processing of your information takes place under the condition that you, due to the purpose of the Organization, are in regular contact with us.
8.6 If you are not a customer or contributor with us, but for example only a user of our website, we - to a limited extent - need to be able to manage the information that you provide for use in, for example, cookie handling. In some cases, we may record which IP addresses have visited our website. An IP address can be personal information, and if we process your IP address, it will be done on the same basis as described above under pkt. 8.2.
9 Sharing your personal information
9.1 We may share your personal information with the suppliers and partners who assist us, for example with the execution of your order, or who assist us with our IT operations, hosting, etc. This means that we can share your information with, for example, our service providers and our bank.
9.2 To the extent permitted by law, we also have the ability to share your information with the sister organizations for which we act as data processors. You can see an overview of these here:
Denmark's Folkekirkelige Søndagsskoler
Korskærvej 25
7000 Fredericia
Phone: 45 75 92 61 00
Email: contact (at) soendagsskoler.dk
CVR No .: 25 80 17 92
The Bible Reader Ring in Denmark
Korskærvej 25
7000 Fredericia
Phone: 45 82 27 13 37
Email: info (at) blr.dk
CVR No .: 30 13 25 64
9.3 In addition to the above, we share your information to the extent we are obliged to do so, eg as a result of reporting requirements to public authorities such as SKAT.
10 Sharing your information with recipients outside the EU / EEA
10.1 Some of our service providers are located outside the EU / EEA. It therefore happens that we share your personal information with recipients in countries outside the EU / EEA. However, this presupposes that:
- the country in question has an adequate level of protection as determined by the European Commission;
- Whereas standard data protection provisions adopted by the European Commission have been concluded between us and the recipient of your personal data;
- the recipient in question is certified in accordance with Article 42 of the Personal Data Regulation; or
- the recipient in question has a set of approved Binding Corporate Rules.
10.2 It may also happen that we request your consent for transfer to recipients located outside the EU / EEA, or that this is necessary as a result of an agreement with you or measures taken in connection with an agreement with you. These exemptions for transfer are covered by Article 49 of the Personal Data Regulation.
10.3 You may at any time be informed of, or possibly a copy of, the necessary guarantees that form the basis for the transfer of personal data to recipients outside the EU / EEA, or if exceptions are used as mentioned in Article 49 of the Personal Data Regulation, which exceptions are made as a basis for a possible transfer.
11 Storage and deletion of your personal information
11.1 We store your personal information in accordance with the following rules:
11.2 If you are a customer with us, we will store your personal information for up to 5 years after the current year from your last purchase.
11.3 If you are a contributor with us, we will store your personal information for up to 5 years after the current year from your last contribution.
11.4 If you are a user of our website and at the same time neither a customer nor a contributor, we store the information we have registered about you for up to 6 months from your last visit. If you have actively signed up for a service (eg news mail) on one of our websites, we will store your information until you unsubscribe from the service again.
12 Your rights
12.1 Insight
12.1.1 You have the right to gain insight into the personal data we process about you. By contacting us at our address (see section 2.1), you can request insight into the personal information we have registered about you, including the purposes for which the information was collected. We will comply with your request for insight as soon as possible.
12.1.2 If you are registered as a customer in one or more of our webshops, you can log in and access your profile under "My pages" (www.lohse.dk) or "My account" (www.bethesdas.dk). The master information we have registered about you will also appear here.
12.2 Correction and deletion
12.2.1 You have the right to request correction, additional processing, deletion or blocking of the personal data we process about you. We will comply with your request as soon as possible and to the extent necessary. If we - for any reason - are unable to accommodate your request, we will contact you.
12.3 Limitation of treatment
12.3.1 You have - in special circumstances - the right to have the processing of your personal information restricted. Please contact us if you want a restriction on the processing of your personal data.
12.4 Data portability
12.4.1 You have the right to receive your personal information (this only applies to information about yourself that you have given us) in a structured, commonly used and machine-readable format (data portability). Please contact us if you want to take advantage of the possibility of data portability.
12.5 Right of objection
12.5.1 You have the right to ask us not to process your personal information in cases where the processing is based on Article 6 (1). 6 (e) (task in the interest of society or the exercise of public authority) or Article 1, para. XNUMX (f) (legitimate interest). It is clear from this Policy to what extent we process your information for such purposes. You can exercise your right to object at any time by contacting us.
12.6 Withdrawal of consent
12.6.1 If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal does not affect the legality of the treatment that was carried out before you withdrew your consent. Please contact us if you wish to withdraw your consent.
12.6.2 If you wish to revoke your consent to receive promotional information and offers in general, including by ordinary mail, e-mail, via SMS, by telephone or by other electronic means, you can do so at any time by writing to post@indremission.dk. If we are in doubt about your identity, we may ask you to identify yourself. Apart from the usual communication costs, this is free.
12.7 There may be conditions or restrictions attached to the exercise of the above rights. It is therefore not certain that you, for example, are entitled to data portability in the specific case, it depends on the special circumstances of the treatment activity in question.
13 Possible consequences of not providing personal information
13.1 If you are obliged to provide information about yourself to us, it will appear where we collect the information. Failure to provide the personal information we request may have the consequence that we will not be able to provide you with the services you require, complete your orders, set you up as a contributor, etc.
14 Security
14.1 In the Organization, the processing of personal data is subject to our IT and security policy. Our IT and security policy also contains rules for conducting risk assessment and impact assessment of existing, as well as new or changed treatment activities. We have implemented internal rules and procedures for maintaining appropriate security from the time we collect personal information until deletion, just as we only leave our processing of personal information to data processors who maintain a similar appropriate level of security.
15 Complaint to supervisory authority
15.1 If you are dissatisfied with our processing of your personal data, you can complain to the Danish Data Protection Authority:
Inspectorate
Borgergade 28, 5th floor
1300 Copenhagen K.
Phone: 45 33 19 32 00
Email: dt (at) datatilsynet.dk
16 Updating this Policy
16.1 The organization is obliged to comply with the basic principles of protection of personal data and data protection. We therefore regularly review this Policy to keep it up to date and in accordance with applicable principles and legislation. This Policy is subject to change without notice. Significant changes to the Policy will be published on our website together with an updated version of the Policy.
16.2 Any changes we may make to this Policy in the future will be published on this page and may be communicated to you by email.
