GDPR Compliance
Privacy Policy
As an organizer of Denmark's largest IT-Career fair we are committed to protecting the personal data of our IT candidates, company partners, and other stakeholders, in compliance with the General Data Protection Regulation (GDPR) and Danish data protection laws.
Data Controller
We are the data controller for the processing of personal data that we handle about our customers and partners. You can find our contact details below.
IT-DAY ApS
Fredrik Bajers Vej 300
CVR-no.: 44149249
It is not a requirement for our company to have an external DPO, but if you have questions about the processing of your personal data, you can contact us via info@itday.dk.
Processing Activities
As a data controller according to GDPR, we have the following processing activities.
Website Visits
When you visit our website, we use cookies to make the website function, which you can read more about in our [cookie policy].
Communication with Potential Customers
When you have questions about our site or wish to learn more about our services, you can contact us via:
-
Contact form
-
Email
-
Phone
Through this, we will process your personal data so we can engage in dialogue with you, for example, answering questions about our services. We only process the information that you provide us in connection with our communication.
For users of our services, we typically process the following common information: name, email, phone number, educational institution, year of graduation, education, and areas of interest.
Our legal basis for processing these personal data is Article 6(1)(f) of the GDPR.
We delete our communication with you once it is clear whether you want our services or not.
In special cases, there might be a need to store your personal data for a longer period.
Customers
We need to communicate with our customers to ensure that the service is delivered correctly. Through this, we can process information about name, address, services, special agreements, payment information, and similar.
The legal basis for processing these personal data is Article 6(1)(b) of the GDPR.
Once the service is delivered and any outstanding issues are resolved, we will immediately delete the personal data.
Newsletter
We have a newsletter that is voluntary to sign up for – and you can always unsubscribe from it.
The purpose of the newsletter is to send registered emails with new information from the company, which may include new content on the website, advertising of our services.
We will only send you emails if you have given your active consent to this. Initially, it requires that you provide your email address, to which we will then send an email so that you can confirm the subscription. In this way, we ensure that you have actually subscribed to the newsletter yourself, i.e., given active consent.
Our legal basis for processing your personal data (i.e., the email address) in connection with the newsletter will be Article 6(1)(a) of the GDPR.
We will process your personal data as long as you are still subscribed to the newsletter. Upon unsubscribing from the newsletter, we will also stop sending it to you. If we have not sent you a newsletter in 1 year, then your consent will lapse due to our inactivity.
Upon unsubscribing from the newsletter, we will retain your prior consent for 2 years after it was last used due to limitation requirements according to the Consumer Ombudsman's spam guidance, section 11.3.
Accounting
We must retain all accounting vouchers in accordance with the Accounting Act. This means that we store invoices and similar documents for accounting purposes. These documents may include common personal data such as name, address, and description of services.
Our legal basis for processing personal data for accounting purposes is Article 6(1) of the GDPR.
We store these data for a minimum of 5 years after the current fiscal year has ended.
Job Applications
We happily accept job applications to assess if they match an employment need in our company.
If you send your job application to us, our legal basis for processing your personal data is Article 6(1)(f) of the GDPR.
If you send an unsolicited application, we will immediately assess if your application is relevant and thereafter delete your information again if there is no match.
If you have applied for a posted job, we will dispose of your application if you are not hired, and immediately after the right candidate is found for the job.
If you are involved in a recruitment process and/or are hired for the job, we will provide you with separate information about how we process your personal data in this context.
Data Processors
Few can do everything themselves, and the same applies to us. Therefore, we have partners and use suppliers, some of whom may be data processors.
External suppliers may, for example, provide systems to organize our work, services, consultancy, IT hosting, or marketing.
It is our responsibility to ensure that your personal data are properly processed. Therefore, we set high standards for our partners, and our partners must guarantee that your personal data are protected.
We, therefore, enter into agreements with companies (data processors) that handle personal data on our behalf to enhance the security of your personal data.
Disclosure of Personal Data
We reserve the right to disclose information to third parties if necessary to maintain the services you request. This includes, for example, our IT-Job Accelerator where you actively choose to be contacted by companies with IT opportunities. We only disclose information if you have expressly accepted this either by filling out our forms or by registering for our events.
Profiling and Automated Decisions
We do not engage in profiling or automated decision-making.
Transfers to Third Countries
We primarily use data processors in the EU/EEA, or those that store data in the EU/EEA.
In some cases, this is not possible, and here we may use data processors outside the EU/EEA if they can provide your personal data with appropriate protection.
Processing Security
We keep the processing of personal data secure by implementing appropriate technical and organizational measures.
We have conducted risk assessments of our processing of personal data and have subsequently implemented appropriate technical and organizational measures to enhance processing security.
One of our key measures is to keep our employees updated on GDPR through ongoing awareness training, GDPR courses, and by reviewing our GDPR procedures with employees.
Rights of the Data Subjects
Under the General Data Protection Regulation (GDPR), you have several rights regarding our processing of information about you.
If you wish to exercise your rights, please contact us so we can assist you.
Right of Access (Right to Inspection)
You have the right to access the information we process about you, as well as a number of additional pieces of information.
Right to Rectification (Correction)
You have the right to have incorrect information about yourself corrected.
Right to Erasure
In special cases, you have the right to have information about you deleted before the time of our regular general deletion occurs.
Right to Restriction of Processing
In certain cases, you have the right to have the processing of your personal data restricted. If you are entitled to restriction of processing, in the future we may only process the information - apart from storage - with your consent, or for the establishment, exercise, or defense of legal claims, or to protect a person or important public interests.
Right to Object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing purposes.
Right to Data Portability
In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have these personal data transferred from one data controller to another without hindrance.
You can read more about your rights in the Danish Data Protection Agency's guide on the rights of the data subjects, which can be found at www.datatilsynet.dk.
Withdrawal of Consent
When our processing of your personal data is based on your consent, you have the right to withdraw your consent. Withdraw your consent by writing to info@itday.dk