Privacy policy

Privacy policy

External privacy policy for Andersen Partners Advokatpartnerselskab
Andersen Partners Advokatpartnerselskab respects the need to protect natural persons’ fundamental rights and freedoms, including natural persons’ right of protection of their personal data.

It is natural for us as lawyers to give high priority to data security and confidentiality. We process the personal data that we are entrusted with in a proper and responsible manner.

In this external privacy policy, you can read how we handle the data that we process when you are a client of ours, visit our website and/or otherwise share your personal data with us.

Andersen Partners as a controller
This external privacy policy applies when we process personal data as a controller.

Our legal information is as follows:
Andersen Partners Advokatpartnerselskab
Business reg. no. 34 71 78 50
Jernbanegade 31
DK-6000 Kolding

In the following we use ”Andersen Partners”, ”we”, ”our” and/or ”us” to make the text easy to read.

You can contact us by email at mail@andersen-partners.dk or by phone at +45 76 22 22 22 if you have any questions to our personal data processing.

Andersen Partners as a processor
Very occasionally, Andersen Partners is a processor and acts upon the instructions of a controller and according to a data processor agreement. In such rare cases, this privacy policy does not apply to our processing.

Purpose of processing and categories of personal data
If you are a client of Andersen Partners or a potential client, we will, as a general rule, process your data for the purpose of concluding or performing the agreement that we have with you or the company, organisation or authority that you represent and for the purpose of providing and invoicing our advice.

We may process a number of general personal data about you, e.g. name, email address, telephone number, position, educational background, professional information and other information required in connection with our legal task or our business relation. We may also process data about financial matters, including payment information and tax information. Depending on the circumstances, we may also process data such as your private address and your private contact details. The legal basis for our processing, which depends on our advice, is Article 6(1), paras. (b), (c) and (f) of the General Data Protection Regulation.

In certain cases, we may process special categories of personal data (sensitive personal data), see Article 9(2), para. (f) of the General Data Protection Regulation, and/or data about criminal offences, see Sections 8(3) and 8(4) of the Danish Data Protection Act, if the circumstances in the cases that we are handling so require. For instance, it may be the case in insurance/compensation cases.

If we have to make registrations in public authorities’ databases via portals such as virk.dk or tinglysningen.dk, we may need to process your civil registration number. The legal basis for such processing is Section 11(2) of the Danish Data Protection Act.

We use your personal data to communicate with you, to handle the case that we have taken on and to make registrations through the digital service solutions of various authorities.

The personal data are received from you, third party or our business partners.

If you are an adversary or otherwise involved in a case that we are handling on behalf of a client, we will, as a general rule, process your personal data for the purpose of concluding or performing the agreement that we have with our client and for the purpose of safeguarding our client’s interests.

Depending on the nature of the case, we may process general and sensitive data, identification data and data about criminal offences.

The personal data are received from our client, you, third party and/or our business partners. If we receive your personal data from other sources than you, you are entitled to be informed of our processing of your personal data. However, as lawyers we are bound to observe professional secrecy and we may thus omit to inform you if our processing of personal data has to remain confidential. 

Special information about our duties under the Danish Act on Measures to Prevent Money Laundering and Financing of Terrorism
Being a law firm, we have duties under the Danish Act on Measures to Prevent Money Laundering and Financing of Terrorism that we have to observe relating to some of our legal services. We will process your personal data in that connection, including identity data, e.g. civil registration number, passport number and driver's licence number. We only process identity data collected according to the Danish Act on Measures to Prevent Money Laundering and Financing of Terrorism to observe our duties under the Act. General personal data are processed on the basis of Article 6(1), para. (c) of the General Data Protection Regulation and sensitive personal data are processed on the basis of Article 9(2), para. (g) of the General Data Protection Regulation on the duty to observe legal obligations.

The personal data are received from the affected persons, via publicly accessible portals and via external business partners who may screen for politically exposed persons (PEP) or related parties to a PEP.

Andersen Partners’ newsletters, courses and events
We collect data e.g. to register you for courses or newsletters, to organise events, or to distribute invitations and other information about our services and business.

If you register for one of our events, we will process your personal data. We process your name, position, business and contact details. The legal basis for such processing is Article 6(1), para. (b) of the General Data Protection Regulation.

If we want to process your data for other purposes such as marketing, we will always inform you and obtain your consent for such processing. The legal basis for such processing is Article 6(1), para. (a) of the General Data Protection Regulation and our legitimate interest in marketing our business.

It is always possible for you to specify that you do not want to receive emails or other information from us in future.

If you register for our newsletters at our website or by email, we will process your name, email address, business, organisation, position and areas of interest. The legal basis is your consent, see Article 6(1), para. (a) of the General Data Protection Regulation.

Our website
You must provide certain personal data to be able to use certain functions at our website. If you choose not to provide the personal data requested, you may not be able to use the desired function. For instance, we need your contact details to be able to reply to an inquiry from you.

We use cookies at our website. You can read our cookie policy here.

Disclosure of personal data
We may disclose your personal data to Andersen Partners’ business partners and suppliers.

Our business partners only process your personal data on behalf of Andersen Partners and in accordance with our instructions.

We may disclose your personal data to external third parties if we are directed to do so or if it is part of our services provided to you. It may be to e.g. the police, the Danish tax authorities, other public authorities, courts of law, arbitration tribunals, other law firms, adversaries in cases, and external business partners.

When we are to deposit client funds into a client account, we are obliged to disclose identity data to the account-holding bank.

Third countries
Andersen Partners does not transfer your personal data to third countries (countries outside the EU/EEA).

Security of processing
We have implemented technical and organisational measures to ensure an adequate high level of security. We have a number of internal security procedures and policies. We do our best to protect your personal data and to secure the quality and integrity of your personal data.

If you need to send us sensitive data, we recommend that you use encryption, e.g. secure email or password protection of attached files.

Storage and erasure
In general, we store personal data collected for our case handling for as long as it is required to serve the purpose(s) for which the data are processed. As a general rule, we store the data for 25 years after the conclusion of the case. In special cases the storage period may be shorter or longer, for instance in order to comply with legal requirements for erasure or storage. 

Personal data collected according to the Danish Act on Measures to Prevent Money Laundering and Financing of Terrorism are stored for five years after the end of the client relationship, after which time they are erased. We are obliged to ensure that the data that we collect and that are still relevant for a transaction are kept up to date continuously and as long as the client relationship exists, we will from time to time contact you to make sure that the data are up to date.

Your rights
As a general rule, you have the right to request access to the personal data that we process about you, you have the right object to the collection and further processing of your personal data, you have the right to rectification of your personal data, the right to have the processing of your data restricted, right to request that we erase the personal data that we have registered about you, in certain circumstances you have the right to request a copy of your personal data in a structured, commonly used and machine-readable format, and to request that we transfer such data to another controller, and if the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time. Your withdrawal of consent will not affect the legality of the processing performed prior to the withdrawal of your consent.

There may be certain conditions or limits relating to your consent. For instance, our professional secrecy limits your rights if you are not or have not been one of our clients.

You may exercise your rights by contacting us. When contacting us about your rights, you must provide the data that are sufficient in order for us to consider your request, including your full name and email address, allowing us to identify you and reply to you. We will reply to your request as soon as possible.

Complaints
If you do not agree with the manner in which we process your personal data or the purposes for which we process the data, you are welcome to contact us.

You may also file a complaint with:
The Danish Data Protection Agency
Borgergade 28, 5th floor
1300 Copenhagen K
Phone +45 33 19 32 00
Email dt@datatilsynet.dk
 

Changes to the privacy policy
A need may arise to change this external privacy policy and we continuously ensure that it is updated, true and in compliance with applicable law and the principles of lawful processing of personal data. 

Contact details
If you want to exercise your rights, if you do not want to receive any further communications from us, or if you have questions to our privacy policy, please contact us by email at mail@andersen-partners.dk or by phone at +45 76 22 22 22.

May 2018