Privacy policy

Data controller

We are data controllers for the processing of the personal data we receive about our customers. You will find our contact information below.

Energy Cool
Prins Georg Kvarter 13, DK-7000 Fredericia
CVR no.: 3306 7135

Background

Our processing of personal data takes place in accordance with current legislation on personal data, including the Data Protection Act.

Personal data is any type of information about an identified or identifiable natural person. This means that it is all kinds of information that can be directly or indirectly linked to a person.

The purposes for the processing of your personal data

We process your personal data for the following purposes:

When you have questions for us

When you have questions about our site, or want to hear more about our services, you can contact us via:

  • Contact form
  • Email
  • Telephone

Through this, we will process your personal data so that we can answer your questions or deliver a service to you. We only process the information that you give us in connection with our communication.

We will typically process the following general information: name, email, telephone number.

Our authority to process this personal data depends on the purpose of the processing. When we answer your questions, our authority is the Data Protection Regulation, Article 6, subsection 1 letter f), and "When you are a customer with us", the basis is the data protection regulation article 6, paragraph 1 letter b).

We delete our saved communication with you no later than ½ year after our last contact. This applies in general.

Should in a special case arise a need to store your personal data for a longer period of time, this could be the case.

When you are a customer with us

When you are a customer, we will of course have to register some information about your company in order to meet our obligations. This means that we also process the following general personal data: company name, CVR. contact number, phone number, email, website, payment information.

To the extent that we process personal data about our customers, our authority for this is the agreement that we enter into, cf. the data protection regulation, article 6, subsection 1 letter b).

We store the information as long as you are a customer with us. At the moment that the customer relationship ends, we will delete personal data when our outstanding has been completed. However, we are obliged to keep accounting documents for a minimum of 5 years after the most recently submitted annual accounts.

When you visit our website

See more about how we use cookies in our cookie policy. The use of cookies takes place pursuant to the cookie executive order.

Cooperation with third parties

Few can handle everything by themselves, and the same applies to us. We therefore use external partners and suppliers (and data processors) to carry out tasks on our behalf.

External parties can, for example, provide systems to organize our work, services, consultancy, IT hosting and marketing.

It is our responsibility to ensure that your personal data is not misused. That is why we make high demands on our business partners, and our partners must guarantee that your personal data is protected.

We therefore enter into agreements on this with companies that handle personal data on our behalf in order to increase the security of your personal data.

Dissemination of personal data

We do not pass on your personal data.

Third countries

Your personal data is processed by us. However, we also use suppliers who are both independent data controllers and data processors. No one can fend for themselves.

We have a duty to inform you, on whose behalf we process personal data, that data may be transferred to third countries. Google is our data processor when we send emails to our customers and business partners, and Stripe is used so that we can receive payment from customers. When we chat, LiveChat is used so that we can answer your questions. These companies are all based in the USA, and thus your data is also stored there.

The USA is a third country, and there are special requirements for "transferring" personal data to third countries. However, the EU allows us to enter into agreements and use partners in the USA when these have joined an agreement called Privacy Shield. These companies have.

Treatment safety

We process your personal data in accordance with data protection legislation, as well as legislation in the company's business area.

It is crucial for us to take good care of our customers' information. Therefore, we have implemented technical and organizational measures so that we can comply with our data responsibility.

Technical and organizational measures

People make mistakes, and therefore we train all employees in our guidelines for good data processing practices to reduce the number of errors and to create continuous improvements in our data processing. In addition, we have introduced an IT security policy, which sets the direction for the company's overall security.

We have introduced access restrictions so that employees only have access to personal data if this is relevant to their work function.

We will continuously assess the need to use encryption or pseudonymisation of personal information as a risk mitigation initiative.

To secure our data, we use anti-virus programs, renew our passwords regularly, update our systems, and we keep up-to-date with IT developments so that we can protect ourselves against vulnerable IT systems and current IT threats.

Your rights

According to the data protection regulation, you have a number of rights in relation to our processing of information about you.

If you want to make use of your rights, please contact us.

Right to see information (right of access)

You have the right to gain insight into the information that we process about you, as well as a range of additional information.

Right to rectification (rectification)

You have the right to have incorrect information about yourself corrected.

Right to erasure

In special cases, you have the right to have information about you deleted before the time of our normal general deletion occurs.

Right to restriction of processing

In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, we may in future only process the information - apart from storage - with your consent, or for the purpose of establishing, asserting or defending legal claims, or to protect a person or important public interests.

Right to object

In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing.

Right to transmit information (data portability)

In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transferred from one data controller to another without hindrance.

You can read more about your rights in the Data Protection Authority's guidance on the rights of data subjects, which you can find at www.datatilsynet.dk.

Complaint to the Danish Data Protection Authority

You have the right to lodge a complaint with the Danish Data Protection Authority if you are dissatisfied with the way we process your personal data. You will find the Datatilsynet's contact information at www.datatilsynet.dk.