Last updated: 16th of January 2023
1. Data Use
In order to best protect your personal data, we continuously monitor the level of risk associated with our processing of your data. We are especially careful when it comes to data that can negatively affect your personal rights, including the risk of discrimination, identity theft, economic damage, loss of reputation, or release of confidential information.
Roccai ApS is responsible for the processing of your data, and we ensure that your personal information is processed in accordance with the law.
Aldersrovej 34, Aarhus N, Denmark
40 63 86 44
+45 3138 8060
We ensure transparent data processing
When we ask you to submit personal information, we will inform you of what data we are using and for what purpose. You will receive a notification at the time the personal information is collected.
If we collect data about you from others, for example, vendors, public authorities, or business partners, we will inform you within 10 days of the date we receive the information. We will explain the purpose for which we have collected the data and refer to the legal basis that gives us the right to collect it.
2. Processing of Personal Information
Data we process
We process data about you in order to improve the services and products we offer when we communicate with you.
The data we use includes: General personal data
In some cases, we may need to compare your data with data that we receive from other actors, such as from social media. If this comparison can reveal your identity and information of a private or sensitive nature, we will request your approval.
Before we compile any data, we evaluate whether there is a risk that the process will negatively impact your privacy. If that is the case, we will inform you about the action and its purpose and ask for your permission in order to continue.
Automatically collected data
Our digital solutions are based on various technologies with the goal of ensuring a user-friendly and secure experience. These technologies can automatically collect data, either directly from us or from a third party on our behalf, in order to offer the best possible solution. See below for more information about cookies and clickstream analysis, which are examples of these technologies.
If we place cookies, you will be informed of their use and the purpose of collecting data via cookies.
We obtain your consent and before we place cookies on your equipment, we ask for your permission. Cookies that are necessary to ensure proper functionality and settings can be used without your explicit permission.
All visits to a digital solution trigger the sending of information from your browser to a server. It is via the analysis of this data that we optimize the digital solution. Data is collected by a third party on our behalf.
Data about your computer can be collected in connection with system administration and internal marketing-related analysis. This data is comprised of statistical information about users’ behavior in the digital solution.
Examples of data that are collected and analyzed:
- date and time of visit
- the pages that were visited
- the IP address of the visitor
- settings from the browser and computer used
Settings you actively submit
In addition to the information that is collected automatically, we also process data that users have given to us. Examples of this data, which users actively submit, are:
e-mail, company name, name etc.
There is also the matter of information that is submitted to us in connection with inquiries to, for example, customer service.
We collect and store your personal data for specific purposes
We collect and store your data for specific purposes or other legally allowed, business-related reasons.
We process only relevant personal information
We only process data about you that is relevant and appropriate in relation to the goals that have been defined above. The goal defines what kind of data about you is relevant for us. The same applies to the extent of the personal information we use. We use, for example, no more of your data than we need for a specific purpose.
Before we process your personal information, we find out if it is possible to minimize the amount of data we collect about you. We also find out if any of the data types we use can be anonymized or used in a pseudo-anonymized form. We do that if it does not have a negative impact on our obligations or on the offers or services we can provide you.
We process only necessary personal information
We collect, process, and store only the personal information that is necessary in order to achieve our determined goals. There can be additional, legally defined types of data that are necessary to collect and store for our business operations. The type and extent of the personal information we process can also depend on what is required in order to complete a contract or another legal requirement.
We want to ensure that we only process personal information that is necessary for one of our specific goals. Therefore, it is embedded in our IT systems that only the necessary amount of data should be collected. This also automatically ensures that the extent of the data processing is not unnecessarily large and the storage time is not too long.
To protect you against the chance that unauthorized persons may gain access to your personal data, we also use solutions that automatically ensure that data is only available to relevant employees. There is also built-in protection that prevents an unlimited number of people from gaining access to data.
We monitor and update your personal information
We ensure that the personal information we use about you is not incorrect or misleading. We also also make an effort to update your personal information on an ongoing basis.
Because our service requires data that is correct and up-to-date, we ask you to notify us of relevant changes in your data. You can use the contact information provided above to notify us of any changes.
We delete your personal information when it is no longer necessary
We delete your personal information when it is no longer required in connection with the purpose for which it was collected. This period of time depends on the nature of the information and the purpose for which it is being stored.
We do not pass along your personal information without your permission
If we share your personal information with partners or other actors who will use it for marketing or other purposes, we will gain your permission and inform you of what your data will be used for. You can at any time object to this sharing.
We do not request your permission if we are legally required to share your personal information, for example in connection with a report to the public authorities.
We request your permission before we share your personal information with collaborators in other countries. If we share your information with collaborators based in other countries, we ensure that their level of security regarding personal information lives up to the requirements we have laid out in this policy after applicable laws. We have, among other things, requirements regarding data processing, information security, and compliance with your rights regarding, for example, objecting to being profiled and filing complaints with the Data Protection Agency.
We use Google Analytics as a web analytics solution in our digital solutions. In connection with this, we send web analytics data from our digital solutions to the service Google offers for analysis. In this regard, Google Analytics functions as a “Data processor” of the data and we are the “Data controller” of the data, and our data may only be passed along by agreement or in order to uphold legal requirements.
Our websites use retargeting technologies. This gives us the ability to advertise directly to our visitors on other websites. Based on the interest shown by visitors to our websites, we believe that showing personalized, interest-based advertisements is more interesting for our customers than advertisements that have no personal relevance.
We protect your personal information and have internal rules regarding information security
We have adopted internal rules regarding information security, which contain guidelines and precautionary measures that protect your personal information against being destroyed, lost, altered, published in an unauthorized manner, or accessed by unauthorized persons.
We have established procedures for granting access to our employees who process sensitive personal information and data, which includes information about personal interests and behaviors. We monitor their actual access through logging and supervision. In order to avoid data loss, we create continuous backups of our data. We also protect the confidentiality and authenticity of your data with the help of encryption.
In the case of a security breach that results in a high risk of you being the victim of discrimination, ID theft, economic loss, loss of reputation, or other significant inconvenience, we will notify you of the security breach as quickly as possible.
4. Your rights
You have the right to gain access to your personal information
You have the right to be informed at any time of what data about you we process, where it came from, and what we use it for. You can also find out how long we store your personal information and who receives data about you, in the case that we share data in Denmark and abroad.
At your request, we can inform you of the data about you that we use. Access can, however, be limited to protect the privacy of others, trade secrets, and intellectual property rights.
You can take advantage of your rights by contacting us. Our contact information can be found at the top of this policy.
You have the right to have inaccurate personal information corrected or deleted
If you believe that the personal information we have about you is inaccurate, you have the right to have it corrected. You should contact us and inform us of the inaccuracies and how they can be corrected.
In some cases, we will be required to delete your information. This is the case if, for example, you rescind your permission. If you believe that your data is no longer necessary in connection with the purpose for which it was collected, you can ask to have it deleted. You can also contact us if you believe that your personal information is being processed in a way that goes against the law or other legal requirements.
When you contact us with a request to have your personal information corrected or deleted, we ensure that the terms are fulfilled and implement the changes or deletion as quickly as possible.
You have the right to object to our processing of your personal information
You have the right to make an objection to our processing of your personal information. You can also object to the sharing of your data for marketing purposes. You can use the contact information at the top of this document to send your objection. If your objection is legitimate, we will ensure that the processing of your personal information stops.
You have the right to receive the personal information that you have given us access to and the information that we have collected about you from other actors on the basis of your permission. If we process data about you as part of a contract that you are party to, you can also have your data sent to you. You also have the right to transfer this personal information to another service provider.
If you wish to use your right to data portability, you will receive your personal information from us in a commonly used format.
If you wish to gain access to your data, have it corrected or deleted, or object to our data processing, we will attempt to respond to your request as quickly as possible, and at the latest one month after we have received your request.
5. Updates to the policy
We strive at all times to comply with relevant laws including principles for privacy and data protection. We, therefore, update this policy regularly, for example when there are changes to the law. Significant changes will be announced on our website.