We are committed to protecting the confidentiality, integrity, and availability of our customers’, suppliers’, partners’, and employees’ data, including personal data.
The protection of personal data is essential to us and we work continuously to ensure compliance with applicable data protection legislation, including the General Data Protection Regulation (GDPR).
1. Data Protection
In certain cases, Process Factory is the data controller for the processing of personal data. Our data are as follows:
Vesterbrogade 149, Building 8, 1. Floor
1620 København V
Phone: (+45) 93 95 90 60
2. Process Factory as Data Processor
When Process Factory processes personal data in connection with the provision of consulting services, we are data processors, as we process personal data on behalf of our clients and in accordance with the client’s instructions. The customer and Process Factory enter into a data processing agreement that contains instructions, terms, and conditions for Process Factory’s processing of personal data.
This data protection policy contains information about processing personal data by Process Factory when we are the data controller. You can find more details below.
3. Purpose of Processing Personal Data
The processing of personal data is necessary for the performance of contracts with the customer. The processing is also necessary for Process Factory to pursue its legitimate interests in administering contracts, invoicing and evaluating the customer relationship, administering and maintaining IT systems, administering and managing our website, systems and applications, statistics, and business development, pursuant to GDPR Article 6(1)(f).
Data security is a high priority at Process Factory. We work seriously and professionally with information security, and we base our work on internationally recognized security standards. We have implemented security measures to ensure data protection of customer data, personal data, and other confidential data. We conduct regular internal follow-ups on the adequacy of and compliance with policies and measures.
We occasionally use other third parties, such as subcontractors, in connection with the provision of our services. Such third parties may have access to personal data in order to provide the agreed service. Process Factory enters into data protection agreements necessary to ensure that there is security to protect data and comply with our data protection obligations.
Process Factory also uses sub-processors as part of our daily IT operations. This means that personal data is processed by Process Factory’s sub-processors. These sub-processors are located in the EU. Data processing agreements are in place between Process Factory and all sub-processors to ensure that all processing takes place in accordance with Process Factory’s instructions and is subject to the necessary security requirements.
5. Storage and Deletion
We will delete your personal data when we no longer need to process it to fulfill one or more of the purposes set out above.
6. Disclosure to Third Parties
Personal data may be disclosed to subcontractors who are directly involved in the project for the client. The customer is informed of this prior to the conclusion of the contract.
7. Third Countries
Process Factory does not transfer personal data to third countries, and our subcontractor has a data center in Denmark.
9. Your Rights as a Data Subject
As a data subject, you have certain rights under the General Data Protection Regulation. Your rights can be summarised as follows:
The data subject’s right of access. You have the right to access the personal data we process about you.
The right to rectification of inaccurate personal data. You have the right to have inaccurate personal data about you corrected without undue delay.
The right to have personal data deleted. You have the right to have your personal data deleted at an earlier time than the time when our normal deletion takes place, if applicable.
The right to restriction of data processing. You have the right to restrict our processing of your personal data, where applicable. In such cases, we may only process your data with your consent or in some very specific situations as described in the General Data Protection Regulation.
The right to object to the processing of personal data, if our processing is based on Article 6(1)(e) and (f). In such cases, we may only process your personal data if we can demonstrate compelling legitimate grounds to do so.
The right to data portability. You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You may also request that we transfer your personal data to another data controller without hindrance.
For further information on your rights as a data subject, please refer to the website of the Data Protection Authority (www.datatilsynet.dk), where you can find further guidelines.
Where we process personal data on the basis of your consent, you have the right to withdraw your consent at any time. Please contact us to withdraw your consent to our processing of your personal data.
If you wish to complain about our processing of personal data, please send an email with details of your complaint to firstname.lastname@example.org. We will process your complaint and get back to you.
You also have the right to lodge a complaint about your rights and Process Factory’s processing of your personal data with the Data Protection Agency. For more information on how to lodge a complaint with the Data Protection Authority, please visit their website: www.datatilsynet.dk.
Carl Jacobsens Vej 35
Tlf.: (+45) 33 19 32 00
11. Legal Rules
The applicable legal rules for Process Factory’s processing of your personal data can be found in: