Who is R&D?
Thank you for your interest in R&D A/S (“R&D”, “we”, “us”, “our”). At R&D, we process your personal data in several different situations.
We inform about our use of your personal data, as we are obligated by the General Data Protection Regulation to do so. In the following, you can read about the purposes and legal basis for processing data, as well as get an overview of recipients and storage of your personal data.
R&D is data responsible for processing your personal data in connection with
(i) your use of our website (cookies),
(ii) your communication with us,
(iii) your receipt of our newsletter and whitepapers, and
(iv) our customer relationship management
Purpose and legal basis
(i) Use of our website (cookies)
When you visit our website, we register data about your visits through cookies, including for instance your online behavior on our website (meaning: which pages you look at), which browser you use, your geographical location, which IP address you use, and your login data (username and password). This information can in some cases include personal data.
We register the data to provide a safe, stabile and customer friendly user experience on the website as well as to keep track of the usage of our website. Additionally, the data will in certain instances be processed for targeted marketing based on the user’s behavior.
The legal basis for the processing is
- for necessary functionality cookies: The Danish Cookie Law § 4 cf. General Data Protection Regulation article 6, subsection 1, letter f, as we pursue our legitimate interest in maintaining the functionality and safety of the website, and
- for other cookies: The Danish Cookie Law § 3, cf. General Data Protection Regulation article 6, subsection 1, letter a, as we have obtained your consent
(ii) When communicating with us
If you, as a client, supplier or similar, contact us (for instance via email), your enquiry will often contain personal data such as contact information, your attachment to a certain company or other personal data you might share with us. In certain cases, we may receive similar personal data about you from a third party, for instance your employer.
We process the data to handle and reply your enquiries and to communicate with you and the company you represent.
The legal basis for our processing is the General Data Protection Regulation article 6, subsection 1, letter f, as we pursue our legitimate interest in answering general enquiries and honour a deal, we have made with you or the company you represent.
(iii) Electronic newsletters
When signing up to R&D’s newsletters and whitepapers, we register your email, name, employer, country and your subject preferences. We register this information for the purpose of being able to send you relevant news and whitepapers. The legal basis for our treatment is the consent you have provided us with in agreement with the Marketing Law § 10.
(iv) Customer relationship management (CRM)
If you are a customer or represent one of our customers, we can register information about you in our CRM system, including your name, your contact information and information about your association with a certain company. To maintain the connection and relation to our customer, we process this information as a part of our daily customer management.
The legal basis for our processing is the General Data Protection Regulation article 6, subsection 1, letter f, as we pursue our legitimate interest in being able to handle the daily customer relationship management and handle financial tasks.
Recipients of your personal information
If you have given your consent to our use of third-party cookies on the website, cookies are collected and personal information included, passes on to a third part when you use our website.
When you communicate with us, we may share your information with our consolidated companies.
Furthermore, personal information included in our accounting records (e.g. invoices) may be shared with the authorities, including SKAT.
Additionally, the personal information we use in connection with customer relationship management (CRM), may be shared with our consolidated companies.
Furthermore, your personal information will be handed over to our data processors. There has been made a data processing agreement with every data processor.
Transfer to third countries
Your personal information transfers to the United States of America. The transfer basis is the European Commission’s standard contract clauses, which we have entered with our consolidated company based in the United States of America.
If you wish to have further information about the transfer of personal information outside EU and EEA, such as a copy of the relevant safety measures etc., you can request this by contacting us (contact information in the ‘Contact’ section.)
Storage of your personal information
Unless it has been determined otherwise by law, we only store your personal information as long as it is necessary for the purposes, we have collected the information.
- Use of our website (cookies):
- When you communicate with us: As a rule, information included in our accounting records (e.g. invoices) is stored for 5 years, counting from the end of the financial year in which the information is related to, in accordance with the bookkeeping rules we are governed by, cf. among others the Danish Bookkeeping Act’s chapter 5.The personal information we process in connection with our general communication with you (such as enquiries via email) will as a rule be erased at the latest 12 months after your most recent enquiry has been finished/completed.
- Electronic newsletters: Information related to newsletters and whitepapers will as a rule be deleted 2 years after issuing the most recent email, unless you have withdrawn your consent beforehand.
- Customer relationship management (CRM): customer contact information in the CRM-system will as a rule be deleted [*] months after exiting the financial year in which the customer relationship has conclusively ended.
The information will be deleted in accordance with the above-mentioned deadlines, unless we have a specific need to process the information for a longer period of time, e.g. in connection with a case or deal.
In accordance with the General Data Protection Regulation, you have several rights in terms of our processing of information about you. You can read more about these rights below.
The right to withdraw consent
In the situations where you have given consent to us handling your personal information, you can at any time withdraw your consent. This can be done by contacting us through the contact information that appear in the section ‘Contact’.
If you chose to withdraw your consent, it does not affect the legality of us processing your personal information, based on your former communicated consent and up to the time of your withdrawal. The withdrawal will therefore only be effective from the time of withdrawal and onward.
The right to see information (right of access)
You have the right to gain insight in the information that we process about you, as well as some other information.
The right to rectification (correction)
You have the right to have untrue information about you corrected.
The right to deletion
In certain cases, you have the right to get information about yourself deleted before the time of our usual deleting politics.
The right to limit the processing
In certain cases, you have the right to limit the processing of your personal information. If you have the right to limit the processing, we can only process the information – except storage – with your consent henceforward, or for the purpose of legal claims can be determined, made evident or defended, or to protect a person or important public interest.
The right to objection
In certain cases, you have the right to object against our otherwise legal processing of your personal information.
The right to transmit information (data portability)
In certain cases, you have in the right to get your personal information in a structured, commonly used and machine-readable format, as well as transferred this personal information without restriction from one data controller to another.
Complaint to the Danish Data Protection Agency
If you want to make a complaint about our processing of your personal information, you can contact the Danish Data Protection Agency at www.datatilsynet.dk.
You can read more about your rights in the Danish Data Protection Agency’s guidelines about the data subject’s rights, which you can find at www.datatilsynet.dk.
You are welcome to contact us if you have any questions about the protection of your personal information, or if you wish to receive more information about your rights. You can contact us on firstname.lastname@example.org, or via the contact form on our website.