Persondata — Your Site Title

PERSONAL DATA POLICY

1 GENERAL

1.1 This personal data policy describes NordicTrust Advokatfirma's processing of personal data as data controller.

1.2 The policy is based on rules for the processing of personal data, set out in the General Data Protection Regulation (regulation no. 2016/679 of 27 April 2016) and the Danish Data Protection Act (law no. 502 of 23 May 2018).

1.3 NordicTrust Advokatfirma is the data controller in a number of situations, i.a. when handling clients' cases, hiring new employees and marketing activities.

1.4 NordicTrust Advokatfirma, as data controller, processes personal data in accordance with the applicable personal data legislation at all times.

2 INFORMATION ABOUT WHO

2.1 NordicTrust Advokatfirma processes personal data about clients, counterparties, suppliers, employees, business partners, users of NordicTrust Advokatfirma’s website and apps, recipients of marketing information, etc.

3 WHAT INFORMATION

3.1 Personal information in the sense of the legislation includes any type of information about an identifiable natural person, e.g. the person's name, email address, CPR number and address as well as information about the person's physical, psychological, financial, cultural or social circumstances. Information about legal entities is not covered.

3.2 Depending on the nature of the case or inquiry, we process general information, identification information, information about criminal matters and sensitive information.

4 COLLECTION OF THE INFORMATION

4.1 NordicTrust Advokatfirma primarily collects the personal data from you, but we can also collect personal data from third parties such as public authorities, business partners, etc.

5 PROCESSING OF INFORMATION

5.1 Processing personal data includes any activity to which the data is subject, e.g. collection, registration, systematization, organization, storage, adaptation, modification, search, use or disclosure.

5.2 NordicTrust Advokatfirma only processes personal data to the extent that it is necessary for the specific purpose, and there is a legal basis for this. It will be to process general personal data in the form of name, title, telephone number and e-mail address, so that NordicTrust Advokatfirma can deliver its services, invoicing as well as quality assurance and control, and so that we can meet the requirements for documentation under the Money Laundering Act, where it applies. In certain cases, it may also be necessary to process information about criminal offenses and sensitive information such as e.g. health information

6 TRANSFER

6.1 Disclosure of personal data takes place internally to the employees who need the information in order to carry out their work. Disclosure to external parties takes place if necessary and there is a legal basis for this. External parties are public authorities, private companies or individuals, foundations, associations, etc. In addition, our data processors have access.

7 LEGAL BASIS

7.1 When providing legal services

7.1.1 The General Data Protection Regulation art. 6 pieces. 1, letter f (the balancing of interests rule), and the regulation's art. 9, subsection 2, letter f. The processing is i.a. justified by an interest in establishing, invoking or defending legal claims and safeguarding the interests of clients.

7.1.2 The regulation's art. 6 pieces. 1, letter b, in cases where the processing is necessary to enter into or fulfill the agreement on legal assistance.

7.2 For courses, teaching and other events

7.2.1 Art. of the General Data Protection Regulation. 6 pieces. 1, letter b, or art. 6 pieces. 1, letter f, in order to be able to register participants, administer the event and send out material.

7.3 Marketing and sending of newsletters

7.3.1 Art. of the General Data Protection Regulation. 6 pieces. 1, letter a), if there is express consent.

7.4 Disclosure of personal data about employees etc. on NordicTrust Advokatfirma's website and on social media platforms

7.4.1 Art. of the General Data Protection Regulation. 6 pieces. 1, letter f, as part of NordicTrust Advokatfirma's interest in making content available to users.

7.5 Processing of personal data when we are legally obliged to do so (e.g. under the Money Laundering Act).

7.5.1 Art. of the General Data Protection Regulation. 6 pieces. 1, letter c.

7.6 Processing of information about criminal matters

7.6.1 The General Data Protection Regulation art. 10 and Section 8 of the Data Protection Act.

7.7 CPR numbers

7.7.1 Section 11, subsection of the Data Protection Act. 2.

8 STORAGE AND DELETION OF INFORMATION

8.1 NordicTrust Advokatfirma has internal guidelines for storage periods, etc. They are determined in accordance with applicable law, and at the same time take into account the documentation requirements to which a law office is subject, including documentation and audit requirements.

8.2 Personal information is deleted when it is no longer necessary for the purpose or purposes for which the information was collected.

9 RIGHTS

9.1 You have the following rights in relation to which you can make use of by contacting us:

9.1.1 Right to insight: You have the right to gain insight into the information that is processed about you, as well as a range of additional information.

9.1.2 Right to rectification: You have the right to have incorrect information about yourself corrected.

9.1.3 Right to deletion: In special cases, you have the right to have information about you deleted before the time of our general general deletion occurs.

9.1.4 Right to restriction of processing: In certain cases, you have the right to have the processing of your personal data restricted.

9.1.5 Right to object: In certain cases, you have the right to object to our otherwise lawful processing of your personal data.

9.1.6 Right to data portability: In certain cases, you have the right to be given a copy of your personal data or to have personal data transmitted directly from nordictrust Advokatfirma to another data controller.

9.1.7 Right to withdraw consent: If processing is based on your consent, you have the right to withdraw your consent at any time. You can do this by contacting us and requesting it. See below for contact details. The withdrawal only takes effect from the time you inform us of your wish.

9.2 You can read more about your rights in the Data Protection Authority's guidance on data subjects’ rights, which you can find at www.datatilsynet.dk

10 CONTACT US

10.1 You can contact us at

NordicTrust Law Firm

Strandvejen 16A

7120 Vejle East

Tel. +45 51999005

Email: info@nordic-trust.dk

11 COMPLAINT

11.1 You can complain to the Data Protection Authority about our processing of your personal data. See more at www.datatilsynet.dk.

12 CHANGES

12.1 The personal data policy was last drawn up on 20 February 2024.

12.2 It can be updated continuously.