SecureFirst Privacy Policy

1. Data Controller

SecureFirst is the data controller for the processing of the personal data we collect about our customers and business partners.

Contact information:
SecureFirst
Lyskær 3CD, 4th floor
2730 Herlev, Denmark

CVR No.: 44238780

Email: info@securefirst.dk

We have not appointed a Data Protection Officer (DPO), but you are always welcome to contact us at the email address above if you have any questions about our processing of personal data.

2. Treatment activities

2.1 Website visits

When you visit our website, we use cookies to ensure that the site functions properly.
You can read more in our Cookie Policy – SecureFirst

2.2 Communication with potential customers

When you contact us via the contact form, email, or phone, we process your personal data in order to respond to your inquiries.

We typically treat:

• Name
• Email address
• Phone number

Legal basis for processing:
Article 6(1)(f) of the General Data Protection Regulation (legitimate interest).

Storage:
Information is deleted once it has been determined whether you wish to use our services, unless there is a legitimate need for longer storage.

2.3 Customer Relationships

In order to provide our services, we process necessary information about our customers.

We typically treat:

• Name and address
• Contact Information
• Order and Delivery Information
• Payment Information

Legal basis for processing:
Article 6(1)(b) of the General Data Protection Regulation (performance of a contract).

Storage:
Information is deleted once the customer relationship has ended and any outstanding matters have been resolved.

2.4 Newsletter

You can sign up for our newsletter.

Purpose:
To provide information about news, services, and content.

Legal basis for processing:
Article 6(1)(a) of the General Data Protection Regulation (consent).

Consent:
We use a double opt-in process to ensure valid consent.

Storage:

• As long as you're signed up
• Consent must be documented for up to 2 years after the most recent use, in accordance with section 11.3 of the Consumer Ombudsman’s spam guidelines
• Consent expires after 1 year of inactivity

2.5 Bookkeeping

We retain accounting records in accordance with the law.

Legal basis for processing:
Article 6(1)(c) of the General Data Protection Regulation (legal obligation), cf. the Accounting Act.

Retention:
for the current year plus 5 years after the end of the fiscal year.

2.6 Job Applications

We process personal data in connection with recruitment.

Legal basis for processing:
Article 6(1)(f) of the General Data Protection Regulation (legitimate interest).

Storage:

• Unsolicited applications will be deleted if they are not relevant
• Applications for posted job openings will be deleted once the recruitment process is complete
• Separate information will be provided upon hiring

3. Disclosure of personal data

As a general rule, we do not share your personal information with third parties.

4. Profiling and automated decisions

We do not use profiling or automated decision-making, as defined in Article 22 of the General Data Protection Regulation.

5. Transfer to third countries

We primarily use data processors located within the EU/EEA.
If data processors outside the EU/EEA are used, this is only done if an adequate level of protection is ensured, for example through:

• The European Commission’s Standard Contractual Clauses (SCC), see Article 46
• EU-U.S. Data Privacy Framework (if applicable)

6. Your rights

As a data subject, you have the following rights under the General Data Protection Regulation:

• Right of access (Article 15)
• Right of rectification (Article 16)
• Right to erasure (Article 17)
• Right to restrict processing (Article 18)
• Right to data portability (Article 20)
• Right to object (Article 21)

If the processing is based on consent, you have the right to withdraw your consent at any time, in accordance with Article 7(3).

Please contact us by email at info@securefirst.dk if you wish to exercise your rights.

7. Complaint Procedure

If you are dissatisfied with how we handle your personal information, please contact us at info@securefirst.dk.

You also have the right to file a complaint with:

The Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
www.datatilsynet.dk

See Article 77 of the General Data Protection Regulation.