2. Data controller
Contact person: ID® Identity A/S
Address: Lægårdvej 138, DK-7500 Holstebro
CVR no.: 16278874
Telephone no.: +45 97492144
3. Processing of personal data
We use data about our customers to provide them with products and services and to improve the quality thereof. The data include ordinary personal data.
3.1 Collection of data
Our digital solutions are based on different technologies with the objective of ensuring user friendliness and security. These technologies can automatically collect data in order to offer the best possible solution, either directly by us or by a third party on our behalf. Cookies and data flow analysis are examples of this; see below.
3.1.2 Data flow
Data about your computer can be collected for system administration and internal marketing-related analyses. These data are statistical information about user behaviour in digital solutions.
The following are examples of data:
- date and time of visit
- the pages visited in the solution
- the visitor’s IP address
- information about the browser and computer used
- URL from referrer
The purpose of these data is to optimise our digital solutions. The data are collected via a third party on our behalf.
3.2 Data actively provided by you
In addition to automatically collected data, we also process data that users have actively given us. Examples are name, address, email and telephone number. If you provide data on behalf of another person, you are responsible for ensuring that you have the right to share the data with us.
There may also be data which we obtain in connection with your inquiries to, for example, our Customer Service or Finance Department.
3.3 Purpose of collection
We collect and store your data for specific purposes or other lawful business purposes. These may, for example, be the following:
- Execution of orders in webshop, by email or telephone
- Personal data in connection with placing of orders
- Info about registered products
- Purchase history
- Order processing and communication in connection with your order or other inquiries
- Confirmation of your identity in your communication with us
- Customisation of content of digital solutions
- We can target offers and campaigns at the individual customer based on customer behaviour history and demographic data combined with third-party solutions and data.
- Marketing purposes, including the collection of data about your activities on id.dk to optimise the user experience and targeted communication directly to you – this may be in the form of personal and electronic contact (See section 6 for more information).
3.4 Relevant and necessary personal data
We only process personal data that are relevant and sufficient in relation to the purposes defined above. We do not process more personal data than needed for the specific purpose. Before we process your personal data, we check whether it is possible for us to minimize the amount of data about you.
We only collect, process and store the personal data that are necessary to meet our stated purpose. In addition, there may be statutory requirements for the type of data that it is necessary to collect and store for our business activities. The type and extent of the personal data we process may also be necessary to perform a contract or other legal obligation.
We use solutions that ensure that data are only accessible to relevant employees, so that you are protected from unauthorised access to your personal data.
3.5 Checking and updating of your personal data
We check that the personal data we process about you are not misleading or incorrect. Your personal data will be updated regularly.
It is important to us that your data are correct, so please inform us if there are any changes to your data. You may notify us of the changes via the contact details at the top of this policy.
3.6 Erasure of your personal data
We keep your personal data for as long as necessary for a legitimate purpose, or for as long as required by law. We therefore erase your personal data on a continuous basis when the purposes for which they were collected or subsequently processed no longer necessitate the processing.
3.7 No disclosure of your personal data without your consent
If we disclose your personal data to partners and players, including for marketing purposes, we will obtain your consent and inform you about what your data are used for. You may object to such disclosure at any given time.
If we are legally obligated to disclose your personal data, we do not obtain your consent. This may, for example, be in connection with reporting to a public authority.
We use service providers and data processors which perform work on our behalf. These services may, for example, be server hosting and system maintenance, analysis, payment solutions, email service etc. These partners may be granted access to data to the extent necessary to provide their services. The partners will be contractually obligated to treat all data as strictly confidential and thus do not have permission to use the data for any other purpose than what is covered by the contractual obligation between the partner and ID® Identity.
We obtain your consent before we disclose your personal data to third country partners as defined in the General Data Protection Regulation. In this case, we ensure that their level of protection meets the requirements we have laid down in this policy based on the current legislation.
3.7.1 Special information about Google Analytics
We use Google Analytics as a web analysis tool in our digital solutions. In this connection, web analysis data are sent from our digital solutions for analysis in the service provided by Google. Here, Google Analytics acts as ‘data processor’ and ID® Identity as ‘data controller’, and our data may only be disclosed by agreement or to comply with legal requirements.
4.1 Protection of your personal data and data security
We have adopted an internal IT security policy containing instructions and measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to data which have been transmitted, stored or otherwise processed.
Data transfer via the Internet is never 100% secure, but we do our best to protect your personal data and support digital communication.
5. Your rights
In accordance with the General Data Protection Regulation, you have a number of rights in relation to our processing of data about you.
If you wish to exercise your rights, you need to contact us via the contact details provided at the top of this policy.
5.1 Right of access (right to view data)
You have the right to obtain access to the data we process about you as well as a number of additional data. Access may, however, be restricted to protect other persons’ personal data or business secrets.
5.2 Right to rectification (correction)
You have the right to have incorrect data about you rectified.
5.3 Right to erasure
In exceptional cases, you have the right to have data about you erased prior to the time of our ordinary general erasure of data.
5.4 Right to restriction of processing
In some cases, you have a right to have the processing of your personal data restricted. If you have a right to restriction of processing, we may, in future, only process the data – except for storage – with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.
5.5 Right to object
In certain cases, you have the right to object to our, otherwise lawful, processing of your personal data.
You may also object to the processing of your data for direct marketing purposes.
5.6 Right to transmit data (data portability)
In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit these personal data from one data controller to another without hindrance.
You can read more about your rights in the Danish Data Protection Agency’s guide to the rights of data subjects, which you can find at www.datatilsynet.dk
5.7 Right to withdraw your consent
You have the right to withdraw your consent at any time. You can do so by contacting us via the contact information listed above in clause 2.
If you choose to withdraw your consent, this will not affect the legality of our processing of your personal data on the basis of the consent you have previously given us and up to the time of withdrawal. Consequently, the withdrawal of your consent will not take effect until then.
You can read more about your rights in the Danish Data Protection Agency’s guide about the rights of data subjects, which you can find at www.datatilsynet.dk.
6. Declaration of consent for electronic mail
I have consented to receiving newsletters and similar tailored marketing from Rexholm A/S, including ID® Identity, Seven Seas Copenhagen A/S, as well as the brands Geyser by ID® and PRO Wear by ID®. The marketing relates only to products within the company’s product range. You may withdraw your consent at any time.
6.1 General information
Our use of marketing by electronic mail is a service provided by Rexholm A/S, distributed by:
ID® Identity A/S
Address: Lægårdvej 138, DK-7500 Holstebro
CVR/VAT no.: 16278874
Tel. no.: +45 9749 2144
ID® Identity is responsible for processing the data used for the transmission of electronic marketing. When you visit our website, fill in a contact form or otherwise allow us to store your data, your data will be retained by us and processed as specified in this declaration of consent.
The information we collect and keep on file about you is processed in strictest confidence. You may have the data on file with us amended, withdrawn or deleted at any time – all you need to do is send us an email. See section 6.5 for more information.
6.2 Website traffic and electronic marketing
Based on your consent, ID® Identity collects and analyses data related to your digital behaviour on www.id.dk and www.Sevenseas.dk. This behaviour includes, for example, the specific pages you visit, the products you look at and buy and the actions you take while you are active on these sites. In addition, we register the digital channels you are referred to on the site and your historical data from browsing our site.
We collect data through your customer account and by using cookies. The purpose for collecting data and registering behaviour is to improve your user experience of ID® Identity and Seven Seas Copenhagen in terms of collection, inspiration, product viewing and any purchases.
Based on the data collected, it is possible for us to form a customer profile to which we tailor marketing, newsletters and product information to make the content as relevant for you as possible.
6.3 Purpose and expectation
Rexholm A/S may send marketing to me in the form of newsletters, emails and text messages about product information within the company’s product range. Examples of marketing include promotional campaigns, competitions, business development and marketing on and via social media, the internet or other digital channels.
At ID® Identity, we want to give you the best experience possible. That is why we collect data about your movements and behaviour when you visit our websites. This data enables us to tailor and target the most current and relevant marketing for you to enhance your digital experience.
You can expect to receive something from us three times a month on average. As our marketing is tailored to your behaviour, the number of emails you receive from us will vary. We endeavour to limit our marketing at all times so that you receive only the most relevant content and not too often.
6.4 Data retention
6.5 Subscribing and unsubscribing
You may withdraw your consent, or delete or amend the data we have on file about you at any time. All you have to do is send an email to:
firstname.lastname@example.org and type Declaration of Consent in the subject line. In the email, please explain the purpose of writing to us, and we will take action as soon as possible. Our actions are subject to a processing time, but as soon as an employee has seen your email, we will make the changes you request.
You will receive email confirmation upon both the granting and the withdrawal of your consent.
We are not responsible for breakdowns or technical problems that prevent you from using our online services or receiving our newsletter.
7. Policy update
Updated April 2020