Privacy policy


Data Controller

We are the data controller for the processing of personal data we process about our customers and partners. You can find our contact information below.

 

DAMPA ApS

Højeløkkevej 4A

5690 Tommerup

Denmark

Tel.: +45 63 76 13 00

CVR-no.: 16045489

If you have questions regarding the processing of your personal data, you can contact us at hello@dampa.dk.

Processing activities

As a data controller under the GDPR, we have the following processing activities.

Website visits

When you visit our website, we use cookies for the website to function, which you can read more about in our cookie policy.

Communication with potential customers

If you have questions about our services or would like to learn more about them, you can contact us via:

Through these channels, we will process your personal data so that we can engage in a dialogue with you, for example, to answer questions about our services. We will only process the information that you provide us in connection with our communication.

We typically process the following ordinary information: Name, email, phone number.

Our legal basis for processing this personal data is Article 6(1)(f) of the GDPR.

We will delete our communication with you when it becomes clear whether or not you want our services.

If there is a special case where there is a need to store your personal data for a longer period, this may be the case.

Customers

We need to communicate with our customers to ensure that the service is delivered correctly. In doing so, we may process information about name, address, services, special agreements, payment information, and similar.

The legal basis for processing this personal data is Article 6(1)(b) of the GDPR.

Once the service has been delivered and any outstanding issues have been resolved, we will immediately delete the personal information.

Newsletter

We have a newsletter that you can voluntarily subscribe to, and you can always unsubscribe.

The purpose of the newsletter is to send subscribers information from the company, which may include new content on the website, general information, and advertising our services.

We will only send you emails if you have given your active consent. This initially requires you to provide your email address, which we will then send an email to so that you can confirm your subscription. In this way, we ensure that you have actually subscribed to the newsletter, i.e. given active consent.

Our legal basis for processing your personal data (i.e., your email address) in connection with the newsletter will be Article 6(1)(a) of the GDPR.

Your personal data in connection with the newsletter is processed via Klaviyo as long as you are still subscribed. Upon unsubscribing from the newsletter, we will stop sending it to you. If we have not sent you a newsletter in 1 year, your consent will expire due to our inactivity.

Upon unsubscribing from the newsletter, we will keep your former consent for 2 years after it was last used due to the statute of limitations.

Bookkeeping

We must keep all accounting records in accordance with the Bookkeeping Act. This means that we store invoices and similar records for accounting purposes. Ordinary personal information such as name, address, and service descriptions may appear in these records.

Our legal basis for processing personal data for accounting purposes is Article 6(1)(c) of the GDPR.
We store this information for a minimum of 5 years after the current fiscal year has ended.

Job Applications

We welcome job applications to assess whether they match our company's employment needs. If you send your job application to us, our legal basis for processing your personal data is Article 6(1)(f) of the General Data Protection Regulation.

If you have sent an unsolicited application, we will immediately assess whether your application is relevant and delete your information if there is no match. If you have applied for a posted job, we will dispose of your application in the event that you are not hired, and immediately after the right candidate is found for the job.

If you are involved in a recruitment process and/or hired for the job, we will provide you with separate information on how we process your personal data in this regard.

Data Processors

Few can handle everything on their own, and the same goes for us. Therefore, we have partners and use suppliers, some of whom may be data processors. External vendors may provide systems for organizing our work, services, advice, IT hosting, or marketing.

It is our responsibility to ensure that your personal data is treated properly. Therefore, we have high standards for our partners, and our partners must guarantee the protection of your personal data. We therefore enter into agreements with companies (data processors) that handle personal data on our behalf to enhance the security of your personal data.

Disclosure of Personal Data

We do not disclose your information to third parties except for newsletters where your information is stored via Klaviyo.

Profiling and Automated Decision-Making

We do not engage in profiling or automated decision-making.

Transfers to Third Countries

As a starting point, we use data processors in the EU/EEA or those that store data in the EU/EEA. In some cases, this is not possible, and data processors outside the EU/EEA may be used if they can provide appropriate protection for your personal data.

Treatment security

We ensure the security of the processing of personal data by implementing appropriate technical and organizational measures.

We have conducted risk assessments of our processing of personal data and have subsequently implemented appropriate technical and organizational measures to increase processing security.

One of our most important measures is to keep our employees updated on GDPR through ongoing training via courses and information, as well as by reviewing our GDPR procedures with employees.

Rights of the data subjects

Under the General Data Protection Regulation, you have a number of rights with regard to our processing of information about you.

If you wish to exercise your rights, please contact us so that we can assist you with this.

Right to access information (right of access)

You have the right to access the information we process about you, as well as a number of additional details.

Right to rectification (correction)

You have the right to have incorrect information about yourself corrected.

Right to erasure

In special cases, you have the right to have information about you erased before the time of our regular general erasure occurs.

Right to restriction of processing

In certain cases, you have the right to request that the processing of your personal information be restricted. If you have the right to have processing restricted, we may only process the information - except for storage - with your consent, or for the purpose of establishing, asserting, or defending legal claims, or to protect a person or important public interests.

Right to object

In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You may also object to the processing of your information for direct marketing.

Right to data portability

In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have this personal data transferred from one data controller to another without hindrance.

You can read more about your rights in the Data Protection Agency's guide to data subjects' rights, which you can find at www.datatilsynet.dk.

Withdrawal of consent

When our processing of your personal data is based on your consent, you have the right to withdraw your consent.

Complaint to the Data Protection Agency

You have the right to file a complaint with the Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find the Data Protection Agency's contact information at www.datatilsynet.dk.

We generally encourage you to read more about GDPR so that you are up to date on the rules.