Gangsted Advokatfirma (”Gangsted”, ”we”, ”us” or ”our”) protects the confidentiality of the personal data which we process, and we work continuously to ensure that we comply with current legislation on the protection of personal data.
When we act as lawyers for our clients, we determine the character of our advice, including what data is collected, and thus our status is that of data controller.
This personal data policy informs about our processing of personal data and your rights.
THE PURPOSE OF THE PROCESSING ACTIVITIES
We collect and store personal data as part of performing our legal advice to our clients.
In connection with our performance of legal advice, we get possession of personal data, which is primarily related to clients, secondly to adversaries and thirdly to ancillary persons (persons other than clients and adversaries with a relation to the specific advisory task).
As a general rule, the purpose of the use of data is to enable us to offer legal advice. Personal data, irrespective of which party is concerned, will as a general rule not be significant for our advice, as our advice serves to provide advice in specific situations, in which the situation and the subsequent advice are not dependent on the identity of the involved persons, whether or not these are clients, adversaries or ancillary persons.
REGISTERED PERSONAL DATA
We register the following categories of data:
- Identification data (including a.o. name, civil registration no. (CPR), address, telephone number, email address, driver’s license number, passport number).
- Conditions related to job/employment (including a.o. position, work relation, enterprise/employer).
We do not register sensitive personal data such as e.g. ethnic origin, religion etc.
RECIPIENTS OF PERSONAL DATA
We only disclose personal data as part of our case administration. Disclosure of data may take place in connection with information to adversaries, including the opposing counsel or others who have a direct or indirect connection to the case, and where, for our handling of the case, it is necessary or appropriate to disclose personal data.
Furthermore, we disclose personal data to public authorities, for example in connection with the registration of title to properties, registration of company information (authority to bind the company, ownership etc.), enquiries to municipalities etc.
TECHNICAL AND ORGANISATIONAL SECURITY MEASURES
- Physical files: Physical files are kept on the relevant case in the case folder. As a rule, the relevant case must be kept centrally along with the other cases being handled by us. After the closing of the case, cases may either be kept centrally along with the other cases handled by us or in our external case archive, in which the cases are kept under lock and key.
- Digital files: Digital files are stored and handled in our lawyers’ system, which can only be accessed via our IT system by the authorised users with the application of appropriate security measures.
- Internal instructions: Personal data must only be processed where it is part of the handling of a case or where the processing is otherwise necessary or appropriate for our solution of a specific instance of legal advice.
INFORMATION ABOUT ERASURE
Gangsted Advokatfirma deletes personal data at the following times:
- Data collected in connection with the observance of rules on measures to prevent money laundering is deleted at the latest two months after expiry of the period which the current rules on measures to prevent money laundering stipulate that Gangsted Advokatfirma must keep the data (at present, 5 years).
- Files and cases – including both physical and digital files – and thus personal data are deleted/destroyed at the latest 72 months after the closing of the case which was being handled.
- Notwithstanding the above rule on erasure at the latest 72 months after the closing of the case which was being handled, Gangsted Advokatfirma shall reserve the right to keep files and cases, including personal data, for a period of up to 120 months after the closing of the case which was being handled, where Gangsted Advokatfirma assesses that the documents of the case must be kept until the expiry of the absolute deadline for professional liability of advisors.
As a registered person, you have a number of rights which we, as data controller, are required to inform you about.
You may contact us at any time and gain insight into what personal data we are processing about you. In the same manner, you can have your data corrected, where this has not been correctly registered.
Your rights include data portability (that means your right to have control over your own data). If you wish that the data we have registered about you are erased or that we limit the processing of your data, you should contact us. The same applies where you wish to object to our processing of your personal data.
Data controller is Gangsted Advokatfirma, CVR no. 34025339, Borgergade 24B, DK-1300 København K.
If you wish to exercise your rights as described above, or if you have any questions related to our processing of your personal data, you may contact us:
Att.: Gitte Åskov Pedersen
DK-1300 København K
Telephone: +45 33147070
If you wish to complain about our processing of personal data, please send an email with the details of your complaint to firstname.lastname@example.org. We will process your complaint and revert to you.
You also have a right to complain to the Danish Data Protection Agency in relation to your rights and our processing of your personal data. In this connection, we refer to the website of the Danish Data Protection Agency: www.datatilsynet.dk.