GDPR Privacy Policy
Data Controller
We are responsible for the processing of personal data related to our customers and business partners. Our contact details are as follows:
Studio LP ApS
Slugten 18
7100 Vejle
Phone: 26653284
CVR: 45140687
Our company is not required to appoint an external Data Protection Officer (DPO). However, if you have any questions regarding the processing of your personal data, you can contact us at lp@studiolp.dk.
Processing Activities
As the data controller under the GDPR, we carry out the following processing activities:
Website Visits
When you visit our website, we use cookies necessary for the website to function. You can read more about this in our [cookie policy].
Communication with Potential Customers
If you have any questions about our website or services, you can contact us via:
- Contact form
- Phone
We process your personal data to engage in a dialogue with you, such as responding to inquiries about our services. We only process the information you provide in connection with our communication.
Typically, we process the following personal data: name, email address, and phone number.
Our legal basis for processing these personal data is Article 6(1)(f) of the General Data Protection Regulation.
We delete our communication with you once it is clear whether you wish to use our services. In specific cases, we may retain your personal data for a longer period if necessary.
Customers
We need to communicate with our customers to ensure that services are delivered correctly. In this regard, we may process personal data such as name, address, services provided, special agreements, payment details, and similar information.
Our legal basis for processing these personal data is Article 6(1)(b) of the General Data Protection Regulation.
Once the service has been delivered and any outstanding matters resolved, we will delete the personal data.
Accounting
We are required to store all accounting records in compliance with the Danish Bookkeeping Act. This means that we retain invoices and similar records for accounting purposes, which may contain personal data such as name, address, and a description of services.
Our legal basis for processing personal data for bookkeeping is Article 6(1)(c) of the General Data Protection Regulation.
We store these records for at least five years after the end of the relevant fiscal year.
Job Applications
We gladly accept job applications for consideration in our hiring process.
If you submit a job application to us, our legal basis for processing your personal data is Article 6(1)(f) of the General Data Protection Regulation.
For unsolicited applications, our HR department will immediately assess their relevance and delete the application if no match is found.
For applications submitted for a specific job posting, we will delete your application once the recruitment process is completed unless you are hired.
If you are involved in a recruitment process or hired, we will provide separate information about how we process your personal data in this regard.
Data Processors
We collaborate with partners and use external suppliers, some of whom may act as data processors.
External suppliers may provide systems for organizing our work, services, consulting, IT hosting, or marketing.
Slyde ApS – Hosting
We are responsible for ensuring that your personal data are handled securely. Therefore, we impose strict requirements on our partners, who must guarantee that your personal data are protected.
We enter into agreements with companies (data processors) that handle personal data on our behalf to enhance security.
Disclosure of Personal Data
We do not disclose your personal data to third parties.
Profiling and Automated Decision-Making
We do not perform profiling or automated decision-making.
Transfers to Third Countries
As a rule, we use data processors within the EU/EEA or those that store data within the EU/EEA.
In some cases, this is not possible, and we may use data processors outside the EU/EEA if they provide adequate protection for your personal data.
Data Security
We keep the processing of personal data secure by implementing appropriate technical and organizational measures.
We have conducted risk assessments of our personal data processing and implemented necessary security measures accordingly.
One of our key measures is keeping our employees updated on GDPR through ongoing awareness training, GDPR courses, and internal reviews of our GDPR procedures.
Your Rights as a Data Subject
Under the General Data Protection Regulation, you have several rights concerning our processing of your personal data.
If you wish to exercise your rights, please contact us.
- Right to Access: You have the right to access the personal data we process about you.
- Right to Rectification: You have the right to have incorrect data about yourself corrected.
- Right to Erasure: In certain cases, you may request that we delete your personal data before our regular deletion period.
- Right to Restriction of Processing: In certain cases, you may request that we limit the processing of your personal data.
- Right to Object: In some cases, you can object to our otherwise lawful processing of your personal data. You can also object to direct marketing.
- Right to Data Portability: In some cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and transfer them to another controller.
You can read more about your rights in the Danish Data Protection Agency’s guide at www.datatilsynet.dk.
Withdrawal of Consent
If our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time.
Complaint to the Data Protection Agency
If you are dissatisfied with our handling of your personal data, you have the right to lodge a complaint with the Danish Data Protection Agency. You can find their contact details at www.datatilsynet.dk.
We encourage you to stay informed about GDPR to ensure compliance with regulations.