Privacy policy

Privacy policy for current, former and potential new tenants at COBIS

In this privacy policy, we describe our processing of information about stakeholders. Who we are, and how to contact us.

The identity and contact information of the company responsible for data:

  • COBIS A/S
  • Ole Maaløes Vej 3
  • 2200 Copenhagen N
  • CVR-nr. 28870523
  • Phone: +45 7070 29080
  • E-mail: info(at)cobis.dk
  • Web: www.cobis.dk

If you have any questions about our processing of your information, you are always welcome to contact uson info(at)cobis.dk. Remember that normal e-mail is not secure communication. Do not write anything in your e-mail that is private or sensitive or which you think should be protected.


Our processing of personal information:

The information which we process about you includes general personal information, including:

  • identification information, including name, address, telephone number and e-mail
  • place of work, position and job function
  • information that is included in our correspondence with you
  • portrait photo and CV/bio
  • information about your vehicle registration nember
  • your signature
  • video surveillance on the ground floor and in the stairways


Purpose and legal basis

Our data processing has the purpose of managing the tenant relationship, maintenance and cultivation of pipeline as well as ongoing cooperation Furthermore analysis of cooperation and reporting are conducted on the general stakeholder information that is collected.

The legal basis for our processing of personal information is:

➢ In the processing of personal data in connection with your registration to meetings, events and seminars as well as any payment, the legal basis for our registration of information is section 6(1) of the Data Protection Act, cf. paragraph 6(1)(b) of the Data Protection Regulation on processing which is necessary to conclude a contract and for the execution of the contract.

➢ When we register information that is required in accordance with the Accounting Act or as a part of the reporting obligation to the tax authorities, the legal basis is section 6(1) of the Data Protection Act, cf. paragraph 6(1)(c) of the Data Protection Regulation relating to processing which is necessary in order to comply with a legal obligation which is the responsibility of the data controller.

➢ The legal basis for our collection and registration of the other person information is section 6(1) of the Data Protection Act, cf. paragraph 6(1)(f) of the Data Protection Regulation on processing which is necessary for a legitimate interest that is not exceeded with regard to the registered parties. The legitimate interest, which justifies the processing, is the consideration to promote COBIS’ business and offer stakeholders the best service and good deals. The legitimate interest, which justifies the video surveillance, is the consideration for security in the building.

➢ The disclosure of information about you may take place in compliance with the processing rules in the data protection legislation and other Danish legislation. In each case, we will assess whether the disclosure requires your explicit consent or whether the disclosure may take place on another legal basis.

➢ We do not disclose stakeholder information to other companies, but in cases where COBIS organises an event with a cooperative partner, some general personal information (name, position, e-mail, telephone, work place) will be shared with this partner in view of marketing. We will observe regulatory requirements for the specific procedures that are to be followed, including the possibility of raising an objection. Our disclosure will be in accordance with the conditions laid down in paragraph 6(1)(f) of the Data Protection Regulation concerning processing which is necessary for a legitimate interest that is not exceeded with regard to the registered parties.


Categories of recipients

We disclose or hand over personal information to the following categories of recipients:

➢ Bankers in connection with the administration of payments

➢ Tax authorities and other authorities in connection with statutory reports

➢ Co-organisers of events as part of cooperation measures in compliance with applicable rules relating to these

➢ Our data processors on the basis of data processing agreements.

Deletion

COBSI generally follows the retention period that applies in accordance with the Accounting Act. In order to ensure the proper handling of recurring stakeholder conditions, potential warranty matters and to be able to live up to our obligations, we have assessed that it is necessary to save information for up to three years plus the current year from when the business relationship has ended. However, by participating an EU project, for example, you will be made aware of the fact that the audit rules for such projects may mean that your data may be deleted only after approximately 12 years from the start of the project.


Your rights

In accordance with legislation, you have a number of rights in relation to our processing of information about you. You can exercise your personal data rights by contacting us. You will find our contact details at the top of this policy. When you have requested access to information about yourself, to get it corrected or deleted or if you have objected to our data processing, we will investigate to see if it is possible to accommodate your wish. We will respond to your inquiry as quickly as possible and no later than one month after we have received your inquiry. You have:

➢ Right to see information (right of access). You have the right to have access to the information that we process about you as well as a variety of additional information.

➢ Right of rectification (correction). If you believe that the personal data which we process about you is inaccurate, you have the right to have it corrected. You must contact us and tell us where the inaccuracies are and how they can be corrected. We must in all instances decide whether or not we believe your request is justified. When you contact us with a request to have your personal data corrected or deleted, we will investigate whether the conditions have been met, and and if so, we will implement changes or the deletion as quickly as possible.

➢ Right to deletion. We generally delete personal data when it is no longer necessary. In special cases, you have the right to have specific information about you deleted up until the time when our normal, general deletion takes place. This applies, for example, if you retract your consent and we do not have another basis to process the information. If you believe that your data is no longer necessary in relation to the purpose for which we collected it, you can ask for it to be deleted. You can also contact us if you believe that your personal data is processed in violation of the law or other legal obligations.

➢ Right to limitation of processing. If you contest information that we have registered or in any other way process, you may request that we limit the processing of the information until we have been able to determine if the information is correct. You may also request limitation instead of deletion if you believe our processing of the information is illegal or if you believe we no longer need the information or if you believe your legitimate interests precede the legitimate interests of the data controller. If it is found in your favour that our processing is to be limited, we may in the future only process the information with your consent or in order for legal requirements to be established, enforced or defended or to protect a person or important social interests.

➢ Right to transmit information (data portability). You have the right to receive personal data which you have made available to us and which we have obtained about you from other players on the basis of your consent. If we process data about you as part of a contract in which you are a party, you may also have the data sent to you. You also have the right to transfer this personal data to another service provider. You may also ask us to have the information sent directly from the data controller to another authority or company. If you want to exercise your right to data portability, you will receive your personal data from us in a commonly used and machine-readable format.

➢ Right to object. You have the right to raise objections against our processing of information about you. You may also object to our disclosure of your data for marketing purposes. You can use the contact information at the top to send an objection. If your objection is justified, we will ensure to cease the processing of information.

➢ Right to receive information about new purposes. If we wish to use information about you for a purpose other than the purposes which we have previously disclosed to you, for example in this privacy policy, you have the right to receive information about this before we process the information further for the other purpose.

➢ Right to withdraw your consent. If our processing of your information takes place on the basis of your consent, you may withdraw the consent at any time. If you withdraw the consent, we may be no longer process the information. Withdrawal of consent does not affect the legality of the processing that is based on consent prior to the withdrawal. If we have another legal basis for processing than consent with an independent purpose – for example retention of information for compliance with the rules concerning accounting – this processing will still continue to take place.

If you are not satisfied with our response, you have the possibility to appeal to the Danish Data Protection Agency. In general, if you are dissatisfied with the way in which your personal information has been processed, you may appeal to the Danish Data Protection Agency, which will then investigate the matter and make a decision. You can find the Danish Data Protection Agency’s contact information at www.datatilsynet.dk.