Priess A/S Privacy Policy

This Privacy Policy applies from 25 May 2018.

Priess A/S, Sevelvej 51, DK-7830 Vinderup (“Priess A/S”, “we”, “us” or “our”) is the data controller of your personal data, and we are under an obligation to protect and respect your privacy and your personal integrity whenever you do business with Priess A/S and browse our website. This Privacy Policy will help you understand which personal data we collect about you, why we collect the data and how we use them. The Privacy Policy will also explain how you can exercise your rights when you entrust us with your personal data. We kindly ask you to carefully read this Privacy Policy and familiarise yourself with its contents. If you have any questions, please do not hesitate to contact us using the contact details found at the end of this Privacy Policy.

Please note that our website and social media may contain links to and from websites that are operated by parties other than us. If you follow a link to one of these websites or use third-party services, you must be aware that they might have their own separate privacy policies, and that we cannot be held liable for how they process your personal data. Therefore, you should familiarise yourself with their privacy policy before giving them your personal data.

Minors

We take seriously our obligation to protect the safety and privacy of children online, and we do not deliberately target our marketing at or request personal data from children under 18 without obtaining the consent of a verified holder of parental guardianship.

What personal data do we collect from you?

We can collect personal data about you whenever you do business with Priess A/S (as both a buyer and seller), when you sign up for newsletters, take part in competitions, or are otherwise in contact with us. The personal data we collect depends on the circumstances and the context in which you are in touch with us.

Personal data which you actively make available to us

  • Name, e-mail address and telephone number
  • Payment details
  • Information from you based on a request from us when you report a problem to us concerning a transaction
  • If you contact us, the address from which you are contacting us
  • All other data submitted at the time of setting you up as a customer, supplier or partner

User-generated personal data

Details about which product you are buying.

We can also collect additional information about your use of our website through cookies and other similar technologies. You can find further details about this in our Cookie Policy.

Personal data obtained for a third party

We can supplement the information we collect from you with information we receive from a third party. This can include information we receive from third parties who provide us with our credit assessments, marketing initiatives, etc.

What happens if you connect your social network services to our services?

You can use your account on social network services, such as your Facebook account, to share or like our social network services.

Please note that this Privacy Policy does not apply when you use the functions in your social network account. Instead, your interactions with these functions are subject to the privacy policy and other policies of the companies providing these services.

Why do we collect your personal data?

OUR AIMS:

We process your personal data for the following purposes:

 A) Out of consideration for our contractual relationships:

  • To be able to deliver the agreed product/service to you or for you to buy what has been agreed, including managing our contractual relationship with you;
  • To handle payment and to be able to deliver order and invoice information to you;  
  • To keep track of your purchases for the purpose of ensuring that we can provide you with the content you are entitled to;
  • To communicate with you about the customer or supplier relationship;
  • To deliver special offers, news, information, products or services which you request from us or which you have consented to receiving via our contact form;

B) For legitimate purposes:

  • To give you special offers, news, information, products or services which we think could be of interest to you, including customised advertising, so it relates to your probable interests;
  • To establish, exercise or defend legal requirements;

C) For marketing purposes:

  • To send you newsletters, if you have given your consent to receive them; these can also contain special offers, news or information relating to our services. Please note that you may unsubscribe from the newsletter at any time.

D)  We can also process your personal data if this processing is necessary for us to comply with a legal obligation or the decision of a public authority.

On what legal basis in the GDPR does the processing of your personal data rest?

The processing of your personal data for the purposes described below:

  • (A) It is necessary for entering into and meeting our obligations according to our agreement with you or if you have given your consent to this;
  • (B) It is necessary for our legitimate interests in developing, managing, protecting and marketing our services, from both a commercial and a strategic perspective;
  • (C) It will only occur if we have received your consent to such processing;
  • (D) It is necessary to comply with statutory obligations;

Is it mandatory for you to make your personal data available?

The personal data we request from you is necessary for enabling us to provide our services (for statutory, contractual, administrative, technical or similar reasons).

With whom may we share your personal data?

We may forward your personal data to third parties if we have reasonable grounds to believe that the release of such personal data is necessary:

  • To comply with current legal obligations, including subpoenas, governmental requests or search warrants, or otherwise as required by law;
  • To protect our rights or property, or the security of our customers or employees;

  • To promote or defend against complaints or legal requirements in court, administrative matters, procedures, and similar;

  • To assess a credit risk, for reporting purposes, or to receive payment for our services;

  •  As part of a merger and amalgamation, provided that the prospective buyer or seller agrees to respect and process your personal data in accordance with our Privacy Policy;
  • For external accountants and supervisory authorities;

THIRD-PARTY SUPPLIERS

We may use third-party suppliers to perform services for us, such as providing infrastructure and IT services (including, but not limited to data storage), processing credit information, providing customer services, collecting debt analyses and improving data, processing queries from customers and performing other types of statistical analyses. For the performance of these services, third-party suppliers may have access to your personal data, but they will only be authorised to process them solely on our behalf and pursuant to our instructions.

How do we process your personal data?

The personal data we collect from you may be transferred to and stored at a destination within the European Economic Area (EEA). We take all reasonable, necessary precautions to ensure that your personal data are processed securely and pursuant to this Privacy Policy, and we have initiated expedient security measures to protect your personal data.

How long do we store your personal data?

We only keep your personal data on file for as long as we deem this to be necessary to meet our purpose, as described above under “WHY WE PROCESS YOUR PERSONAL DATA”. After this, we will erase or, in some instances, anonymise your personal data.

Data is erased on an ongoing basis, such as when a customer or supplier has been inactive for 15 years. We continuously assess our information and in certain instances we will erase them earlier or keep them longer if this is required in relation to legal, contractual or similar circumstances.

How do we protect your personal data?

Protecting your personal data is important to us. We store all the personal data you give on secure servers, and we have strict procedures in place to protect against loss, misuse, unauthorised access, change, publication or destruction of your personal data.

Although we work hard to protect your personal data, we cannot guarantee that our security precautions prevent any and all unauthorised attempts to gain access to, use or disclose personal data. Even so, we maintain security and incident plans, including plans for dealing with any breaches of data security in the event of a physical or technical incident to deal with this punctually and to minimise every adverse impact of such an incident.

How can you gain access to your personal data?

We understand that you may occasionally need additional information from us about your personal data, and how they are being processed, or perhaps you want to update or edit the personal data you have given us. Accordingly, your rights include the following:

  • RIGHT TO ACCESS YOUR PERSONAL DATA: You have the right to have us verify whether we are processing personal data about you and, if so, to gain access to the personal data and the information
  • RIGHT TO ACCESS YOUR PERSONAL DATA: You have the right to have us verify whether we are processing personal data about you and, if so, to gain access to the personal data and the information
  • RIGHT TO HAVE PERSONAL DATA ERASED (RIGHT TO BE FORGOTTEN): Under certain circumstances, e.g. if your personal data has been processed unlawfully, or if you have withdrawn your consent (if the processing of your personal data is based on consent), you have the right to request and obtain an erasure of your personal data by us.

  • RIGHT TO LIMITATION OF PROCESSING: Under certain circumstances, e.g. if you question the accuracy of your personal data or if you have filed an objection against our legitimate purposes for processing your personal data, you have the right to request that we restrict the processing your personal data until a resolution has been found.

  • RIGHT TO PROTEST AGAINST PROCESSING: Under certain circumstances, e.g. you question our legitimate interest in processing your personal data, you have the right to file an objection to such processing on grounds which concern your unique situation.

  • RIGHT TO FILE A COMPLAINT WITH A SUPERVISORY AUTHORITY: You have the right to file a complaint concerning our processing of your personal data with your supervisory authority.

If our processing of your personal data is based on your consent, you have the right to withdraw such consent at any time whatsoever (this will not affect the processing based on your consent before the withdrawal, however) by contacting us or by updating the settings in the Service (wherever relevant).

Please contact us by using the following contact data to submit a request relating to your rights. Commercially, we will make a reasonable endeavour to reply to your request within thirty (30) days after receiving such a request. If we cannot accommodate your request within a period of thirty (30) days, we will notify you about this, specifying the reason for the delay and when we expect to be able to meet your request.

Changes to this Privacy Policy

Our Privacy Policy may be changed at any time. Therefore, you should review the most recent version of this policy regularly. We will post any changes to the Privacy Policy here, and if the changes are significant, we will provide you with a more proactive notification, such as by e-mail. If we change this Privacy Policy in a way that will affect how you use your personal data, we will advise you on the choices you may have arising from these changes. We will also keep previous versions of this Privacy Policy on file for your review.

Contact

The person responsible for data protection at Priess A/S can be contacted via e-mail on priess@priess.dk.

Please feel welcome to e-mail any questions, comments or requests concerning this Privacy Policy to priess@priess.dk.

We are subject to and bound by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (“GDPR”), and Danish Act No 429 of 31 May 2000 on the processing of personal data (Personal Data Protection Act).