Privacy Policy
- Home
- Privacy Policy
Data Controller
We are the data controller for the processing of personal data we process about our customers and partners. You can find our contact information below.
LIGHT-POINT A/S
Grønnegade 3
1107 København K
Denmark
CVR-nr.:19355705
It is not a requirement for our company to have an external Data Protection Officer (DPO), but if you have any questions regarding the processing of your personal data, you can contact us via info@light-point.com.
Processing Activities
As the data controller according to the GDPR, we have the following processing activities.
Website Visits
When you visit our website, we use cookies for the website to function, which you can read more about in our Cookie Policy.
Communication with Potential Customers
When you have inquiries about our website or want to know more about our services, you can contact us through:
- Contact form
- Phone
Through these channels, we will process your personal information to engage in a dialogue with you, such as answering questions about our services. We only process the information you provide us during our communication.
We typically process the following general information: name, email, and phone number.
Our legal basis for processing this personal data is Article 6(1)(f) of the General Data Protection Regulation (GDPR).
We delete our communication with you when it becomes clear whether or not you are interested in our services.
In a specific case where there is a need to retain your personal data for a longer period, this may be the case.
Customers
We need to communicate with our customers to ensure the proper delivery of services. In this context, we may process information such as name, address, services, special agreements, payment information, and similar.
The legal basis for processing this personal data is Article 6(1)(b) of the GDPR.
Once the service has been delivered and any outstanding matters have been resolved, we will promptly delete the personal information.
Newsletter
We have a newsletter that you can voluntarily subscribe to, and you can always unsubscribe from it.
The purpose of the newsletter is to send subscribed emails with new information from the company, which may include new content on the website or advertisements for our services.
We will only send you emails if you have actively given your consent for this. Initially, you need to provide your email address, and we will subsequently send you an email to confirm your subscription. This way, we ensure that you have actively subscribed to the newsletter and given your consent.
Our legal basis for processing your personal data (i.e., the email address) in connection with the newsletter is Article 6(1)(a) of the GDPR.
We will process your personal data as long as you remain subscribed to the newsletter. If you unsubscribe from the newsletter, we will also stop sending it to you. If we have not sent you a newsletter for 1 year, your consent will expire due to our inactivity.
Upon unsubscribing from the newsletter, we will retain your former consent for 2 years after its last use due to statutory limitations according to the Danish Consumer Ombudsman's spam guidelines, section 11.3.
Accounting
We are required to keep all accounting records according to the Danish Bookkeeping Act. This means that we retain invoices and similar documents for accounting purposes. These may contain general personal information such as name, address, and service descriptions.
Our legal basis for processing personal data for accounting purposes is Article 6(1)(c) of the GDPR.
We keep this information for a minimum of 5 years after the current fiscal year has ended.
Job Applications
We gladly welcome job applications in order to assess whether they match a staffing need in our company.
If you send your job application to us, our legal basis for processing your personal data is Article 6(1)(f) of the General Data Protection Regulation (GDPR).
If you have submitted an unsolicited application, our HR department will immediately assess the relevance of your application and delete your information if there is no match.
If you have applied for a posted job, we will dispose of your application in the event that you are not hired, and immediately after the suitable candidate has been found for the job.
If you are involved in a recruitment process and/or are hired for the job, we will provide you with separate information on how we process your personal data in this regard.
Data Processors
Few can do everything themselves, and the same applies to us. Therefore, we have partners and vendors, some of whom may act as data processors.
External vendors may, for example, provide systems to organize our work, services, advice, IT hosting, or marketing.
It is our responsibility to ensure that your personal data is processed properly. Therefore, we set high standards for our partners, and our partners must guarantee the protection of your personal data.
Therefore, we enter into agreements with companies (data processors) that handle personal data on our behalf to enhance the security of your personal information.
Disclosure of Personal Data
We do not disclose your personal data to third parties.
Profiling and Automated Decisions
We do not engage in profiling or automated decision-making.
Transfers to Third Countries
As a general rule, we use data processors in the EU/EEA or those that store data within the EU/EEA.
In some cases, this may not be possible, and in such cases, data processors outside the EU/EEA may be used if they provide appropriate protection for your personal data.
Data Security Measures
We maintain the security of the processing of personal data by implementing appropriate technical and organizational measures.
We have conducted risk assessments of our processing of personal data and have subsequently implemented appropriate technical and organizational measures to enhance data security.
One of our key measures is keeping our employees updated on GDPR through ongoing awareness training, GDPR courses, and reviewing our GDPR procedures with the employees.
Rights of the Data Subjects
Under the General Data Protection Regulation (GDPR), you have several rights regarding our processing of information about you.
If you wish to exercise your rights, please contact us so that we can assist you.
Right of Access
You have the right to obtain access to the information we process about you, as well as certain additional information.
Right to Rectification
You have the right to have incorrect information about yourself corrected.
Right to Erasure
In special cases, you have the right to have information about you deleted before the time of our regular general deletion.
Right to Restriction of Processing
In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to restrict processing, we may only process the information – except for storage – with your consent or for the establishment, exercise, defense of legal claims, or for the protection of a person or important public interests.
Right to Object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your information for direct marketing purposes.
Right to Data Portability
In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to have this personal data transferred from one data controller to another without hindrance.
You can learn more about your rights in the Danish Data Protection Agency's guidance on the rights of data subjects, which you can find at www.datatilsynet.dk.
Withdrawal of Consent
When our processing of your personal data is based on your consent, you have the right to withdraw your consent.
Complaint to the Danish Data Protection Agency You have the right to lodge a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find the contact information for the Danish Data Protection Agency at www.datatilsynet.dk.
We generally encourage you to learn more about the GDPR to stay updated on the rules.