Data Controller
We are the data controller for the processing of personal data that we process about our customers and partners. You can find our contact details below:
Uni-Way Solutions A/S
Marselisborg Havnevej 30, ground floor, 8000 Aarhus C
CVR no.: 36076127
Our company is not required to have an external DPO, but if you have any questions about the processing of your personal data, you can contact us at: [email protected].
Processing Activities
As a data controller under the GDPR, we carry out the following processing activities:
Website Visits
When you visit our website, we use cookies to ensure the site functions properly. You can read more about this in our [cookie policy].
Communication with Potential Customers
If you have questions about our website or wish to learn more about our services, you can contact us via:
Contact form
Telephone
Through this, we will process your personal data so we can engage in a dialogue with you, for example, to respond to inquiries about our services. We only process the information you provide in connection with our communication.
Typically, we will process the following general information: name, email, and phone number.
Our legal basis for processing this personal data is Article 6(1)(f) of the General Data Protection Regulation (GDPR).
We will delete our communication with you once it becomes clear whether or not you wish to use our services.
In special cases, there may be a need to retain your personal data for a longer period.
Customers
We need to communicate with our customers to ensure proper delivery of services. Through this communication, we may process information such as name, address, services provided, special agreements, payment information, and similar details.
Our legal basis for processing this data is Article 6(1)(b) of the GDPR.
Once the service has been delivered and any outstanding matters have been resolved, we will promptly delete the personal data.
Accounting
We are required to store all accounting records in accordance with the Danish Bookkeeping Act. This means we retain invoices and similar documents for accounting purposes, which may include general personal data such as name, address, and service descriptions.
Our legal basis for processing personal data for accounting purposes is Article 6(1)(c) of the GDPR.
We store this data for a minimum of 5 years after the end of the current financial year.
Job Applications
We gladly accept job applications to assess whether they meet an employment need in our company.
If you send us a job application, our legal basis for processing your personal data is Article 6(1)(f) of the GDPR.
If you submit an unsolicited application, HR will immediately assess whether it is relevant. If not, your data will be deleted shortly thereafter.
If you apply for a posted job, we will dispose of your application if you are not hired, and shortly after the right candidate is found for the position.
If you participate in a recruitment process and/or are hired, you will receive separate information on how we process your personal data in this context.
Data Processors
Few can do everything on their own, and the same goes for us. We therefore have partners and use suppliers, some of whom may act as data processors.
External suppliers may provide systems to organize our work, services, consultancy, IT hosting, or marketing.
It is our responsibility to ensure your personal data is processed properly. Therefore, we place high demands on our partners, who must guarantee that your data is protected.
We enter into agreements with companies (data processors) that handle personal data on our behalf to enhance the security of your information.
Disclosure of Personal Data
We do not disclose your personal data to third parties.
Profiling and Automated Decisions
We do not perform profiling or make automated decisions.
Transfers to Third Countries
As a rule, we use data processors within the EU/EEA, or those who store data within the EU/EEA.
In some cases, this is not possible, and data processors outside the EU/EEA may be used, provided they offer an adequate level of protection for your personal data.
Processing Security
We keep personal data processing secure by implementing appropriate technical and organizational measures.
We have conducted risk assessments of our data processing activities and subsequently implemented suitable technical and organizational measures to increase processing security.
One of our most important measures is keeping our employees updated on GDPR through ongoing awareness training, GDPR courses, and by reviewing our GDPR procedures with employees.
Rights of Data Subjects
Under the GDPR, you have a number of rights in relation to our processing of your personal data.
If you wish to exercise your rights, please contact us so we can assist you.
Right of Access
You have the right to access the personal data we process about you, along with additional information.
Right to Rectification
You have the right to have inaccurate personal data corrected.
Right to Erasure
In special circumstances, you have the right to have your data deleted before our general retention periods expire.
Right to Restriction of Processing
In certain cases, you have the right to restrict the processing of your data. If you exercise this right, we may only process your data—with the exception of storage—with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of a person or important public interests.
Right to Object
In certain situations, you have the right to object to our otherwise lawful processing of your data. You can also object to the processing of your data for direct marketing purposes.
Right to Data Portability
In some cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have this data transferred to another data controller without hindrance.
You can read more about your rights in the Danish Data Protection Agency’s guide on the rights of data subjects, available at www.datatilsynet.dk.
Withdrawal of Consent
If our processing of your personal data is based on your consent, you have the right to withdraw this consent at any time.
Complaint to the Danish Data Protection Agency
You have the right to lodge a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find the agency’s contact information at www.datatilsynet.dk.
We generally encourage you to read more about GDPR to stay updated on the rules.