Data privacy notice

Protection of personal data is of high priority at Bitten & Mads Clausen’s Foundation. This data privacy notice provides information about our processing of personal data when Bitten & Mads Clausen’s Foundation is acting as a data controller.

Bitten & Mads Clausens Foundation is the data controller
Bitten & Mads Clausen’s Foundation, company registration no. 41815612, located at Nordborgvej 81, 6430 Nordborg, is the data controller for the personal data we process. If you wish to exercise your rights – as described below – or if you have any questions about our processing of your personal data, please contact:

Bitten & Mads Clausen’s Foundation
Tel. no. 2963 6410
info@bmcfond.dk

The personal data we collect and the purposes of and legal basis for our processing activities
In the sections below, you can read more about what types of personal data we collect, for what purposes and the legal basis for our processing activities:

Distribution in accordance with the Foundation's trust
Purpose
The personal data is processed for administrative and communicative purposes in relation to  the Foundation’s distributions.

Categories of Personal Data
The personal data we collect include: name, title, email address and telephone number.

The legal basis for Processing
We process personal data in accordance with article 6, section 1, paragraph f of the General Data Protection Regulation, because we have a legitimate interest in processing contact information for communicative and administrative purposes in relation to the foundation’s distributions. If a contract has been made following the distribution, personal data will be processed as necessary to fulfil the contract in accordance with article 6, section 1, paragraph b of the General Data Protection Regulation.

We also process personal data contained in accounting material that is necessary in accordance with the legal obligation to comply with section 10, subsection 1 of the Accounting Act on storage in accordance with article 6, subsection 1, paragraph c of the General Data Protection Regulation.

Storage and Deletion
Personal data is deleted when they are no longer relevant for out purposes.

As contact information is only processed for the purpose of communication and administration of distributions, an ongoing assessment will be made as to whether there is still a work-related need for storing the information. Personal data included in accounting records will be stored for 5 years from the end of the financial year to which the records relates, cf. section 10 (1) of the Danish Bookkeeping Act.

Recipients
In principle, we do not disclose personal data to third parties, but we use data processors, including IT providers, to whom we entrust personal information. We enter into data processing agreements with all data processors to ensure adequate security for the personal data..

Visitors to our Domicile
Purpose
We process personal data about visitors for administrative purposes, including  meeting management and for security and access control purposes.

Categories of Personal Data
The personal data we collect include: name and workplace/organisation and job title of visitors as well as the name of the host with us. In addition, we process personal data through video surveillance.

The legal basis for Processing
Our processing of personal data is necessary for us to pursue a legitimate interest in managing and holding meetings and to ensure a high level of security, cf. article 6 (1), paragraph f of the General Data Protection Regulation.

Our processing of personal data takes place in accordance with section 3 (1) of the Act on Video Surveillance.

Period of Storage
Our guest registration at the reception is stored for 1 month from the time of visit.

Both recordings and video recordings are safely stored and reviewed and played back only if there is a legal basis for this, e.g. an incident, and only to selected persons. The video recordings are automatically deleted after 14 days from the time of recording, unless a condition that requires investigation such as theft has been identified.

Recipients of your personal data
Personal data will only be disclosed to the police if a situation requires investigation, such as theft, has been identified. We use data processors, including IT providers, to whom we entrust personal information. We enter into data processing agreements with all data processors to ensure adequate security for the personal data.

Visitors to our website bmcfond.dk
Purpose
We process personal information about visitors to our website in order to collect statistics about the use of the website, so that we can continuously improve the user experience by seeing what type of content is requested. Personal data is collected from cookies in accordance with our cookie policy, which you will find here: https://www.bmcfond.dk/cookiepolitik/

Categories of Personal Data
We only process personal data that the visitor consents to, which includes information about website traffic and IP address.

Read more about our use of cookies: https://www.bmcfond.dk/cookiepolitik/

The legal basis for Processing
Personal data collected from cookies is processed based on the visitor's consent in accordance with Article 6 (1), paragraph a of the General Data Protection Regulation.

Period of Storage
We store the personal data for 2 years, from the date on which the visitor gave his/her consent.

Recipients of your personal data
We provide traffic data and IP addresses to third parties with the use of third-party cookies on our website. Read further in our cookie policy: https://www.bmcfond.dk/cookiepolitik/

In addition, we make use of data processors, including IT providers, to whom we entrust personal data. We enter into data processing agreements with all data processors to ensure adequate security for the personal data.

Recruitment (unsolicited applications)
Vacancies at the Bitten & Mads Clausen’s Foundation will be posted on Danfoss A/S' website, which is why we recommend that you keep an eye out for open vacancies on Danfoss A/S' website: https://www.danfoss.com/da-dk/about-danfoss/careers/

In relation to recruitment, Danfoss A/S is the data controller for the processing of your personal data. Please read Danfoss A/S' data privacy notice for further details. 

If you submit an unsolicited application directly to the Bitten & Mads Clausen’s Foundation, we are obliged to provide you with the following information:

Purpose
The purpose of our processing of personal data is assess whether you are a qualified candidate for a future position with us.

Categories of Personal Data
The personal data we collect include: the personal data that you submit yourself in your unsolicited job application (e.g. name, address, email, job application and CV).

We do not need to process personal data such as social security no. and/or special categories of personal data such as information about physical health etc. We therefore ask you not to provide any of the above information when you apply for a position.

The legal basis for Processing
We process your personal data based on article 6 (1), paragraph f of the General Data Protection Regulation because we have a legitimate interest in assessing the candidate and possibly allocating a future position to an appropriate candidate.

When we receive personal data which the applicant actively leaves to us on his/her own initiative, these are considered received with the consent of the applicant, cf. section 12 (3) of the Data Protection Act.

Period of Storage
We process your personal information until the recruitment process is completed. Unsolicited applications are stored for up to 6 months from receipt of the application. If the application is turned down, we will keep your personal data for up to 3 months from the time of the refusal.

In the event that you have consented to us storing the application for an extended period of time, for example in connection with application for other or future positions, you may at any time revoke your consent by contacting us. 

Recipients of your personal data
If we find your application interesting, your personal data will be passed on to Danfoss A/S, which will then be in charge of the recruitment process. In this connection, Danfoss A/S is the data controller for the processing of your personal data. Please read Danfoss A/S' data privacy notice for further details. 

In any case, your personal data will be treated with confidentiality and thus only the employees involved in the recruitment process will have access to your information.

Supplier and Affiliate Management
Purpose
The purpose of processing personal data about contacts with suppliers and partners is to be able to carry out contract management as well as to receive goods and services from our suppliers and partners.

Categories of Personal Data
The personal data we collect include; name, address, e-mail address and telephone number, as well as any bank account information of suppliers and business contacts who are sole proprietors.

In addition, we process the name, title, email address and telephone number of any contacts with suppliers and partners.

The legal basis for Processing
The processing of personal data is necessary in order to fulfil the agreement with the supplier and the partner, in accordance with article 6 (1), paragraph b of the General Data Protection Regulation where it is a sole proprietor.

Processing of personal data on contacts with the supplier and collaborators is necessary in order for us to pursue a legitimate interest in managing and fulfilling the contract with the collaborator, cf. article 6 (1), paragraph f of the General Data Protection Regulation.

Period of Storage
Personal data included in accounting records will be stored for 5 years from the end of the financial year to which the records relates, cf. section 10 (1) of the Danish Bookkeeping Act. Personal information about the contact person at the supplier and partners will be assessed on an ongoing basis if there is still a work-related need for storing the information.

Recipients of your personal data
We disclose personal information to the auditor for audit purposes.

In addition, we use data processors, including IT providers, to whom we entrust personal data. We enter into data processing agreements with all data processors to ensure adequate security for the personal data.

Event Management
Purpose
We collect and process your personal data for the purpose of managing the operation of business events, including the management of attendees, sending out invitations and attendance lists, as well as facilitating and conducting events.

Categories of Personal Data
We process ordinary personal data, including information about name, title, organisation, job title, telephone number and email address.    

The legal Basis for Processing
When we invite you to a professional event that we have considered to be of interest to you, we will do so based on our legitimate interest, cf. Article 6 (1), paragraph f of the General Data Protection Regulation. Note that the event will in no way be intended to engage in any business or commercial activity.  You can always unsubscribe from receiving more invitations by sending an "unsubscribe" reply to the invitation email.

In other cases, the processing of personal data will be based on the participant's consent, in accordance with Article 6 (1), paragraph a of the General Data Protection Regulation.

If you choose to attend the event, the processing is necessary for us to pursue a legitimate interest in managing the event, cf. article 6 (1), paragraph f and a of the General Data Protection Regulation.

Period of Storage
We keep the information as long as we have a genuine need for that data. We also assess whether there are special conditions that require a shorter or longer storage period. 

Recipients of your personal data
As a starting point, we do not disclose your personal data. However, we share the list of participants with the other participants who are registered for the event. The participant list will only show personal data such as name, email address, organisation, and job title. 

If you do not want your personal data to be included in the list of participants, please contact us. You can read more about your rights when we process personal data about you in this data privacy notice.

Security
We protect your information and therefore have high standards of security. Therefore, we have several internal procedures and policies that ensure that we live up to our high safety standards. 

Beneficiaries in third countries, including international organisations
Your information is stored within the European Union (European Union) and the European Economic Area ("EEA"). If we are to transfer personal data to recipients in third countries at a later date, this will be done within the framework of the data protection rules and further details will be provided in this Data Protection Policy.

Your Rights:

Right to Access:
You have the right to gain access to the information we process about you, as well as additional pieces of information.

Right to rectification: 
You have the right to have incorrect information about yourself corrected.

Right to erasure:
In special cases, you have the right to have information deleted about you, before the time of our regular general deletion.

The Right to restriction of processing
In some cases, you have the right to restrict the processing of your personal data. In the future, if you are entitled to limited data processing, we may only process the information – other than storage – with your consent, or for the purpose of establishing, asserting or defending legal claims, or to protect a person or important public interest.

The Right to Object to Our Processing of Data
In some cases, you have the right to object to our or statutory processing of your personal data. You may also object to the processing of your information for direct marketing purposes.

The Right to data portability: 
In some cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to transfer this personal data from one data controller to another without hindrance.

The Right to Revoke your Consent
If you have consented to data processing, you can revoke your consent at any time by contacting us at info@bmcfond.dk.  

Complaints
If you wish to complain about our processing of personal data, please contact us at info@bmcfond.dk.  

You also have the right to file a complaint to the Danish Data Protection Agency. You can find their contact information on their website: www.datatilsynet.dk.

Updating our data privacy notice
We will review and update this our data privacy notice on an ongoing basis.

April 2nd, 2020, version 2.0.