PRIVACY POLICY

This privacy policy is established by DILLING A/S, CVR no. 218 715 83, "DILLING", "we", "us", or "our" in this privacy policy.

1. Information on the Processing of Personal Data

Your data security is important to us, and we prioritise handling your personal data responsibly. Below, you can read about how we process personal data when we act as a data controller. You can also learn about your rights regarding our processing of your personal data.

2. DILLING’s Role as Data Controller

As part of running our business, we process a range of personal data. This is done to provide you with the best possible service. We mainly collect and process ordinary (non-sensitive) personal data.

If you have any questions about our processing of your personal data, you can contact DILLING here:

DILLING A/S
CVR: 218 715 83
Sundsvej 62, 7400 Herning, Denmark

Contact Person:
Name: Merete P. Bilberg
Telephone: +45 97 12 05 88
E-mail: hello@dilling.com

3. What Personal Data We Collect and the Purpose

We process personal data about you in various situations. Read more about our processing in the different situations below.

3.1 Visitors to DILLING’s Websites and Users of DILLING’s Online Services

When you visit DILLING’s websites (e.g., www.dilling.com) or use our other online services (e.g., Facebook, Instagram), DILLING may process information about your IP address, as well as data about your computer, device, and browser.

We also process data about your visit (e.g., information about how you enter our websites, how you navigate them, which pages you visit, the content you view, your searches, the ads you have seen, etc.). This personal data is collected through cookies, log files, and other technologies (you can read more about our use of cookies here).

We also process personal data you provide to us when using the website or our online services, for example, when using our online chat, including your name, address, phone number, email address, product interest, and any other information you give to us.

We use your personal data to make relevant products, deliveries, services, and offers (“Services”) available to you, to improve your experience on our websites and online services, and the Services we offer. We also use personal data to show you content on our and others’ websites based on your activities and preferences, and to limit the number of times you see the same content.

Our basis for processing is our legitimate interest in making our website (and online services) available to you (GDPR Article 6(1)(f)) or your consent (GDPR Article 6(1)(a) and the Cookie Order § 3).

We store personal data collected in connection with your visit to our website for 24 months.

3.2 Customers at DILLING

When you are a customer of DILLING and make a purchase via our webshop, DILLING processes personal data such as your name, address, email address, purchases, payment information, and any other information you provide to us.

We process personal data to fulfill our agreement with our customers, for delivering the Services, invoicing, keeping statistics, conducting quality management, maintaining our customer register, and providing general service, marketing, and sales to our customers.

Our basis for processing is the agreement with you (GDPR Article 6(1)(b)) or our legitimate interest in managing your information as a customer (GDPR Article 6(1)(f)).

We store personal data about our customers for 5 years after the last contact.

3.3. Recipients of Marketing

When you receive marketing, including newsletters from DILLING, we process personal data such as your name, address, phone number, email address, and product interests. We also process information about your preferences regarding marketing or communication, your use of the marketing we send (e.g., whether you have opened an email from us, whether the email has been read, and which links you have clicked), as well as any other information you provide to us.

We process your personal data for the purpose of marketing our business and its Services, creating and managing your subscription to marketing. We use personal data about your preferences and usage to understand how our customers engage with our marketing and to improve marketing for you and other customers going forward.

We only send marketing material to you via email or other electronic channels when we have obtained your consent, as required by marketing law.

We also use personal data about you to display content on our and others’ websites based on your activities and preferences, limit the number of times you see the same content, and measure the effectiveness of our content and marketing. For this purpose, we may upload your email address to advertising tools such as Google or Facebook to send targeted marketing.

Our legal basis for processing is our legitimate interest in fulfilling your request to receive marketing from us, for which you have given consent under The Danish Marketing Practices Act (GDPR Article 6(1)(f)).

We retain personal data about recipients of marketing for 1 year after unsubscribing.

3.4. Competition Participants

When you participate in competitions, we process personal data such as your name and responses to the given competition.

We process your personal data for the purpose of administering competitions, selecting winners, etc.

Our legal basis for processing is our legitimate interest in running the competition and contacting the winner (GDPR Article 6(1)(f)).

We delete the above-mentioned information after the competition ends.

3.5. Visitors to DILLING's Office(s)

Where we have CCTV surveillance, we inform you in accordance with section § 3 (1) of Danish law regarding CCTV. All recordings are stored securely and only viewed if necessary, for example, in the event of a security breach. Recordings are only viewed by individuals who have a work-related need. The recordings are typically automatically overwritten after a short period, unless an issue requiring investigation, such as theft, is identified.

We retain material collected through CCTV for 30 days.

3.6. Partners and/or Suppliers to DILLING

When you are a partner or supplier to DILLING, or a contact person for a partner/supplier, we process personal data such as name, company address, work phone number, email address, job title, publicly available information, and any other information you provide to us.

We process the personal data for contract management and to receive goods and services from our suppliers and partners, and where relevant, to fulfil agreements with our customers.

Our legal basis for processing is the agreement with you (GDPR Article 6(1)(b)) or our legitimate interest in managing the relationship with you/the company you represent as a partner/supplier (GDPR Article 6(1)(f)).

We retain the above information about partners and/or suppliers for 5 years after the last contact.

4. SHARING YOUR PERSONAL DATA WITH OTHERS

DILLING may share your personal data with other suppliers and/or service providers in connection with the regular operation of our business.

DILLING may also disclose your personal data to a public authority in situations where we are specifically required to do so by law or other legal obligations.

We strive to limit the disclosure of data in personally identifiable form and thereby limit the sharing of information that can be attributed to you personally.

DILLING also transfers your personal data to data processors. Our data processors only process your personal data for our purposes and under our instructions.

5. TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EU/EEA

Your personal data will not be transferred to countries outside the EU/EEA.

6. STORAGE, DATA INTEGRITY, AND SECURITY

When your personal data is no longer necessary, we will ensure it is securely deleted.

It is our policy to protect personal data by taking appropriate technical and organisational security measures.

We have implemented security measures to ensure data protection for all the personal data we process. We conduct regular internal reviews of the adequacy and compliance of policies and measures.

7. YOUR RIGHTS

As a data subject, you have a number of rights under the General Data Protection Regulation. If you wish to exercise your rights, you should contact us.

You may – unconditionally and at any time – withdraw any consent. This can be done by sending us an email (see the email above). Withdrawal of your consent will not have any negative impact. However, it may mean that we can no longer fulfil specific requests from you. Withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal. Furthermore, it will not affect any processing carried out on another legal basis.

You may also – unconditionally and at any time – object to our processing when it is based on our legitimate interest.

Your rights also include the following:

• Right of access: You have the right to access the personal data we process about you.
• Right to rectification: You have the right to have inaccurate personal data about yourself corrected and incomplete personal data completed.
• Right to erasure (the right to be forgotten): In certain cases, you have the right to have personal data about you deleted before we would normally delete your personal data.
• Right to restriction of processing: In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to restrict processing, we may in future only process the personal data – apart from storage – with your consent, or for the establishment, exercise, or defence of legal claims, or to protect a person or important public interests.
• Right to object: In certain cases, you have the right to object to our processing of your personal data, and always when the processing is for direct marketing purposes.
• Right to data portability: In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to have these personal data transferred from one data controller to another.
• Right to file a complaint: You can at any time file a complaint with the Data Protection Authority about our processing of personal data. See more at www.datatilsynet.dk, where you can also find additional information about your rights as a data subject.

8. UPDATING OUR PRIVACY POLICY

From time to time, it will be necessary for us to update this privacy policy. We regularly review our privacy policy to ensure it is up-to-date, accurate, and in compliance with applicable law and principles for the processing of personal data. We will publish new versions on our website.

This policy is version 10 and is effective from 1 May, 2024.