The company responsible for processing your personal data is:
Focus Advokater P/S
Company Registration (CVR) No.: 34 04 56 66
5000 Odense C
+45 63 14 20 20
We have appointed an employee as internal personal data coordinator. If you have any questions regarding our processing of your personal data, please contact Stefan Juvald Stade at firstname.lastname@example.org or by phone at +45 63 14 45 19.
We process your information for one or more specific purposes under the General Data Protection Regulation and the Danish Data Protection Act. You can get an overview of the different types of processing that we perform in the table below. You have the opportunity to read more about the specific processing below the table.
When we initiate a customer relationship with you for the purpose of providing specific legal assistance, we need to process your personal information. We record your information on a case in our internal case management system. We process your general contact information, including name, address and email, so we have the opportunity to contact you about your case. Depending on the circumstances of your case and the services you want, we can also process other categories of personal information, including your Personal Identification (CPR) No.
We process your personal information on the basis of an agreement for the provision of legal services to you. The legal basis in that connection is GDPR article 6(1)(b). We process information about your Personal Identification (CPR) No. or other confidential or sensitive personal data if it is necessary to establish, enforce or defend a legal claim, cf. DDPA article 11(2)(4) and GDPR article 9(2)(f).
If you are a counterpart in our case, we process your information based on our legitimate interest with regards to GDPR article 6(1)(f) of the Regulation. Our legitimate interest is to establish or defend a legal claim on behalf of our customers. The information will generally come from you but we can also obtain information from publicly available registers and public authorities, as well as counterparties, parties or by-persons on relevant cases.
If we need or are required to register your personal data in public records, this can be done to a number of public authorities via their submission portals. Which authorities are involved will depend on your specific case, but will, for example, be the Court of Justice, the Danish Business Authority and the Danish Registration Court.
We store your personal information safely for up to 10 years after we have concluded the respective case and if there has been no further activity on the case. The retention period is determined for the sake of our advisory responsibilities and insurance conditions.
When we as a company establish a business relationship with a company or a private person and help the company or the private person in cases that deal with transactions or money transfers, we are obligated under the Danish Money Laundering Act to identify and obtain legitimacy from our customers. This means that for our corporate customers, we are obligated to identify and legitimize the company's real owner(s). For this reason, we will be processing your personal information by virtue of your direct customer relationship with us or because you are a real owner of a company that is a customer of us. The information that will be collected and registered is your identity information, including your ordinary personal information, such as your name, address, place of birth and nationality, and your Personal Identification (CPR) No., if you have one. For this, we need to obtain a copy of your passport or driver’s license and your health card.
We process your personal data, including your Personal Identification (CPR) No., in accordance with GDPR article 6(1)(c) and DDPA article 11(2)(1), as we are subject to a legal obligation in the Danish Money Laundering Act. The information is generally obtained directly from you, but there may be cases where we are required to obtain additional information from international registers.
If we are aware of, suspect or have reasonable presumptions to believe that a transaction, funds or an activity has or has been related to money laundering or terrorist financing, we are obligated to inform the Danish State Prosecutor of Special Economic and International Crime (SØIK). In particular, it is noted that you do not have the right to know whether there has been notification to SØIK or the right to access the content of the notification.
We keep your personal data in relation to money laundering documentation for 5 years after the end of the customer relationship, as prescribed in the Danish Money Laundering Act, after which they are deleted.
In connection with arranging, holding and evaluating courses and seminars, we process personal information about you in order to register your registration and contact you. For this purpose, we need to process your ordinary personal information, including contact information such as name, position and email. We will also process your bank details if you have to pay for the course or seminar.
We process your information based on an agreement between you and us to participate in our courses and seminars. The legal basis in this connection is GDPR article 6(1)(b). The processing of your personal data can also take place on the basis of our legitimate interest in being able to evaluate the courses and share your contact information with the other participants when handing out participant lists. The legal basis for this processing is GDPR article 6(1)(f). The personal information comes from you or the person who has registered for the course on your behalf, e.g. your employer.
As a starting point, we store your information until we have evaluated the course/seminar. We keep your payment information for at least 5 years in accordance with the rules in the Danish Bookkeeping Act.
When we publish newsletters and other marketing initiatives, we need to process your personal information. In this connection, we only process information about your name, position and email. We only collect the information from you and we do not share it with third parties.
We process your information based on your consent. The legal basis is GDPR article 6(1)(a). You can withdraw your consent at any time by writing to email@example.com, by calling us at +45 63 14 45 19 or by unsubscribing via the link that appears on each newsletter.
We keep documentation for your original consent for 2 years after you unsubscribe from our newsletter, as any criminal liability becomes obsolete after this period.
In cases where we process your personal information on the basis of a legal obligation or a contract or claim that must be met to enter into a contract, you are required to provide us with the information so that we may maintain the customer relationship, fulfil the contract and invoice you for our services etc. If you do not wish to provide us with the information we need to comply with our obligations, the consequence may be that we may not be able to initiate or continue the relationship or fulfil a contract with you.
You are not obligated to provide us with your information in other cases, e.g. for use in marketing materials and sending out newsletters. However, the consequence of not giving us your information will result in you not being able to receive marketing material and newsletters from us.
As a law firm, our employees are subject to professional secrecy pursuant to the Danish Administration of Justice Act and the Lawyers Code of Professional Ethics. We only disclose information about you to third parties once we have obtained your consent or when we are required by law. These third parties may, for example, be counterparties and their advisors, external advisors and public authorities, including the tax authorities and the courts.
We may entrust personal information to our system providers, who process personal information for us and only in accordance with our specific instructions.
We do not transfer your personal data to countries or organizations outside the EU/EEA. If we need to transfer information outside the EU/EEA, e.g. to fulfil an agreement with you, we ensure this with a legal transfer basis. This can e.g. be necessary for business transfers where the buyer is established outside the EU/EEA.
When we collect information about you, you have a number of fundamental rights in accordance with the data protection rules that you can use. Your rights include the right to request access to and rectification or deletion of your personal information, limitation and objection to our processing, as well as the right to receive your information in a structured, commonly used and machine-readable format (data portability).
The above mentioned rights may be associated with conditions and limitations. Whether you as a data subject can, for example, request getting your personal data deleted will in all cases depend on a specific assessment.
If you are dissatisfied with our processing of your personal data, you may file a complaint to the Danish Data Protection Agency via their website www.datatilsynet.dk or by calling them at +45 33 19 32 00.