Processing of personal data.
According to the general data protection regulation, the data subjects must be informed of processing of personal data and the rights of the data subjects.
1. Data controller
JENSEN NEUGEBAUER Advokater, Frederiksgade 21, 3rd floor, 1265 Copenhagen K, has shared office facilities.
The individual data controllers of the respective participants in the shared office are as follows:
- CNP Advokater, CVR no. 33116993, Lawyer Christina Neugebauer, firstname.lastname@example.org
- JBM2-law, CVR no. 25175425, Lawyer Rasmus Nyhold Møller, email@example.com
- Lawyer Peter Frederiksen, CVR no. 21683744, firstname.lastname@example.org
If you have any questions to our processing of your personal data, you can contact us at email@example.com, telephone +45 33 34 80 00, after which you will be contacted by the relevant data controller.
2. In general about the collection of data
When we provide advice, we receive various information, including documents from our clients. This data is kept digitally (in an individual file), and in some situations also in a physical (individual) file. There will often be personal data in the documents which we receive. The information may concern our clients or other persons who are involved in the cases that we handle. In connection with the hearing of cases, supplementary information may appear. It can come from opposing parties, other advisers, authorities and courts of law. It may also be publicly available information that we collect ourselves. It may be general personal data such as name and contact information. It may also be civil registration numbers or information about criminal offences. Certain information may be sensitive personal data, for example information about health matters and trade union membership.
3. Purpose and basis
The purpose of processing the information that we receive is to safeguard the clients' interests in the actual cases in which the information is included.
Depending on the nature of the assignment and the information, the processing is made based on article 6(1)(b), (c) or (f), article 9(2)(f) of the general data protection regulation, or section 8(3) of the Danish Act on Processing of Personal Data.
Usually, the basis for collecting and processing the information would be (1) that it is necessary to perform the agreement with our clients, (2) to safeguard our clients' legitimate interests, or (3) to determine, rely on or defend their legal claims. When we process civil registration numbers, this is done under section 11 of the Danish Act on Processing of Personal Data.
In cases that are covered by the Danish Act on Money Laundering, we obtain identity information etc. about our clients for the purpose of complying with the requirements of this act. The basis for this processing follows from section 11 of the Danish Act on Money Laundering.
4. Disclosure etc.
We do not make personal data available to others for the purpose of marketing or similar purposes.
We only disclose personal data if that is necessary for us to safeguard our clients' interests in the actual cases, or to process the cases in which the information is included.
The typical recipients of personal data will be authorities, courts of law and in that connection e.g. experts who are to give their opinions, the opposing parties and their advisers. In cases covered by the Danish Act on Money Laundering, we disclose identity information etc. to the extent that we are obliged to do so under the act.
Usually, we do not transfer data outside the EU. If such transfer must take place, we will comply with the data protection legislation and take all necessary security measures.
We disclose personal data to our system suppliers according to data processing agreements and only for the purpose that we can work in our IT systems.
We have appropriate technical and organisational measures to ensure against unauthorised access to, loss or destruction of the personal data and other data subject to our responsibility. We develop our security policies and procedures on an ongoing basis to ensure that our systems are safe and protected. Only persons with a legitimate need to process personal data for the said purposes have access to the personal data.
5. Retention period
We retain personal data for as long that there is a relevant legal interest, which is usually determined based on an actual assessment of the importance of the information to the individual case compared with the applicable statutes of limitation. If there is a relevant legal interest, the retention can be for a longer period.
In cases covered by the Danish Act on Money Laundering, according to the rules applicable to the area, we retain all relevant identify information for five years after the case had been concluded.
6. Rights of the data subjects
According to the general data protection regulation, the data subjects are entitled to:
- get access to the information that we process
- have incorrect information rectified or erased
- in special cases, have information erased before the time for our ordinary general erasure
- in certain cases, to have the processing limited, so that in future - except for retention - it may only take place following consent or for the purpose that legal claims can be determined, be relied on or defended, or to protect a person or important public interest
- in certain cases object to our otherwise lawful processing of the data, and
- receive the registered personal data in a structured, commonly used and machine-readable format, and have the personal data transferred to another data controller without hindrance.
In connection with the data subject's exercise of rights, we may demand relevant identification.
You can read more about your rights in the guidelines of the Danish Data Protection Agency on the rights of data subjects, which you find at www.datatilsynet.dk.
You can file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way in which we process your personal data. You will find the contact information of the Danish Data Protection Agency at www.datatilsynet.dk.
This information is updated most recently on 25 May 2018 and will be updated according to applicable rules, practice or adjustments of our business procedures.