As a data controller company, we attach great importance to data protection. We take care of the personal information we manage and ensure that we live up to data protection legislation.
We provide the persons we process data about (“the data subjects”) information about our data processing and the rights of a data subject.
Our processing of personal data:
The data we process about you may include:
- General personal identification data, such as IP address, company address, telephone number and e-mail
- Data that is included in our correspondence with you.
You provide us with most of the data we collect. We collect data and process data when you:
- Register online or place an order for any of our products or services.
- Contact or corresponds with us via e-mail or otherwise.
- Provide personal data in job applications, or declarations or agreements with us.
- Voluntarily complete a customer survey or provide feedback on any of our message boards or via e-mails
- Use or view our website via your browser’s cookies.
We securely store your data as follows:
Name of Data Processor Scope of storage Security precautions
FELLOWMIND Operates Red Horse’s IT and stores encrypted backups thereof. Red Horse has entered data processing agreement with FELLOWMIND.
Backup data are encrypted.
Microsoft 365 Stores and manages information and documents regarding job candidates, employees, customers, suppliers and partners. Stores and manages information and documents regarding job candidates, employees, customers, suppliers and partners. Red Horse has entered data processing agreement with Microsoft 365.
Purpose and legal basis
Our data processing has the following purpose:
- Assessment of candidates for posted positions and being able to contact interested candidates regarding vacancies;
- Administration of customer and supplier relationships, maintenance and development of customer and supplier relationships and continuous trade;
- Statistical purposes: We perform trade and reporting analyses on the general customer and supplier data we collect.
The legal basis for our processing of personal data is:
- The legal basis for our collection and registration of the additional personal data is section 6(1) of the data protection law, cf. Article 6(1)(f) of the Data Protection Regulation concerning processing that is necessary for a legitimate interest not exceeding the interests of the data subjects. The legitimate interest that justifies the processing is the need to promote Red Horse’s business and offer customers the best service and good offers.
- Information about you will only be disclosed in compliance with the processing rules of data protection legislation and other Danish legislation. In each case, we will assess whether the disclosure requires your express consent or whether the disclosure may be carried out on another legal basis.
- In the event that we disclose general customer data to other companies in Red Horse’s name for marketing purposes, we will comply with the legal requirements for the specific procedures to be followed, including the possibility for you to raise objections. Our disclosure will made in accordance with the provisions in Article 6(1)(f) of the Data Protection Regulation concerning processing that is necessary for a legitimate interest not exceeding the interests of the data subjects. The legitimate interest that justifies the processing is the need to promote Red Horse’s business and offer our customers the best service and good offers.
- Statistic. The legal basis for data processing operations solely for statistical and scientific purposes is section 6(1) of the data protection law, cf. Article 6(1)(e) of the Data Protection Regulation concerning processing that is necessary for the performance of a task in the public interest. Only data required for the study is used and the data is used exclusively for statistical purposes.
Categories of recipients
We disclose or transfer personal data to the following categories of recipients:
- Other companies in the Red Horse group as part of our marketing efforts in compliance with applicable rules thereof
- Our data processors based on data processing agreements
Retention and deletion
Your data will be deleted when it is no longer required to retain the data in question.
In general, Red Horse follows the retention period applicable under the Danish Limitation Act. In order to ensure the correct processing of recurring customer relationships, potential complaint cases and liabilities under guarantees, as well as fulfil our obligations, we have estimated that it is necessary to retain data for up to ten years after the current business relationship has ended.
You have a number of rights in relation to our processing of data about you under existing laws.
You can exercise your personal data rights by contacting us. You can find our contact information at the bottom of this policy.
Once you have requested to have access to your personal data, to have it rectified or deleted or have raised an objection to our data processing, we will investigate the possibility of accommodating your request. We will reply to your request as soon as possible and no later than one month after we have received it.
Your rights include
- Right to view data (right of access):
You have the right to access the data we process about you.
- Correction of data (right of rectification):
You have the right to have the personal data we collect about you corrected if you believe that it is inaccurate. You can do this by contacting us and telling us where the inaccuracies are and how they can be corrected. When you contact us with a request regarding the correction or erasure of your personal data, we will investigate whether or not the request is justified and if so, implement the changes or deletions as soon as possible.
- Right to deletion:
Personal data will generally be erased when it is no longer required to retain the data. In some specific cases, you have the right to have specific data about you deleted prior to our normal date for deletion. This applies, e.g. if you withdraw your consent and we have no other basis for processing the data. You may ask to have your data deleted if you believe that it is no longer necessary for the purpose, we acquired it for. You may also contact us if you believe that your personal data is being processed in violation of the legislation or other legal obligations.
- Right to restriction of processing:
If you contest the data we have registered or otherwise process, you may request to restrict the processing of the data until we have been able to determine if the data is correct. You may also request restriction instead of deletion if you believe our processing of the data to be unlawful, that we no longer require the data or if you believe your legitimate interests precede the interests of the data controller. If the request to restrict the processing of your data is upheld, henceforth, we may only process the data with your consent or for the purpose of determining, establishing or defending legal requirements, or for protecting a person or important public interests.
- Right to transmit data (right to data portability):
You have the right to receive personal data you have made available to us, as well as data we have obtained about you from other operators based on your consent. Your data may also be forwarded to you if we process data about you as part of a contract in which you are a party. You also have the right to transfer this personal data to another service provider. You can also ask us to send the data directly from the data controller to another authority or company. If you wish to exercise your right to data portability, you will receive your personal data from us in a widely used and machine-readable format.
- Right to object:
You have the right to object to our processing of data about you. You may also object to our disclosure of your data for marketing purposes. You can submit your objection by using the contact information at the top of this policy. We will terminate the processing of your data if your objection is justified.
- Right to receive information about new purposes:
- Right to withdraw your consent:
You may withdraw your consent at any time if our processing of your data is carried out on the basis of your consent. We will no longer be able to process the data if you withdraw your consent. The lawfulness of the processing carried out on the basis of your consent prior to the withdrawal is not affected by your withdrawal. If we have a different legal basis for the processing other than consent, which pursues a specific objective – such as the retention of data for reasons of compliance with accounting rules – this processing may continue to be carried out.
You have the opportunity to appeal to the Danish Data Protection Agency if you are not satisfied with our response. This generally means that if you are not satisfied with the way your personal data has been processed, you may appeal to the Danish Data Protection Agency, who then investigates the matter and makes a decision.
Contact information for the Danish Data Protection Agency can be found at www.datatilsynet.dk.
You can write to the Danish Data Protection Agency via Digital Post at Borger.dk, where your enquiry will be sent securely (encrypted). We recommend that you use Digital Post if your enquiry contains confidential or sensitive personal information.
At any point, you have the right to request that we do not process your personal information for any marketing purposes.
You can opt-out and remove the cookies from your PC by using these guides:
Clear cookies for Safari: https://www.laptopmag.com/articles/safari-delete-cookies
Clear cookies for Chrome and Firefox: https://www.thewindowsclub.com/clear-cache-cookies-specific-website
Clear cookies for Internet Explorer: https://www.thewindowsclub.com/delete-internet-cache-particular-website
Contact regarding data protection
You are always welcome to contact us at firstname.lastname@example.org with any queries you may have regarding the processing of your data.
Please bear in mind that regular e-mail is not a secure form of communication. Do not write anything in your e-mail, which is private or sensitive, or which you otherwise believe should be protected.