Data Controller

We are the data controller for the processing of personal data that we handle regarding our customers and business partners. You can find our contact information below:

Nordic Oily Waste A/S
G-vej 3
2300 Copenhagen S
VAT: 70727528

If you have any questions about how we process your personal data, you are welcome to contact us at the email address: [email protected]

Processing Activities

As the data controller under the GDPR, we carry out the following processing activities

Website Visits

When you visit our website, we use cookies to ensure its functionality. You can read more in our cookie policy.

If you contact us by email or phone with questions or to request information about our services, we will process your personal data for the purpose of entering into a dialogue with you. This includes responding to your inquiries and providing relevant information. We only process the personal data that you voluntarily provide in connection with the communication.

In connection with inquiries, we typically process the following general personal data: name, email address, and phone number.

The legal basis for our processing is Article 6(1)(f) of the General Data Protection Regulation (GDPR), as the processing is necessary for the purposes of our legitimate interest in communicating with you and responding to your inquiry.

For private inquiries, if you do not wish to use our services, we will delete the communication as soon as this is clear. For business-related inquiries, we retain your personal data for up to 24 months. In exceptional cases, it may be necessary to store your data for a longer period, for example if required to safeguard legal interests.

Clients

We need to communicate with our customers to ensure the correct delivery of our services. In this context, we may process personal data such as name, address, service details, special agreements, payment information, and similar data.

The legal basis for this processing is Article 6(1)(b) of the General Data Protection Regulation (GDPR), as the processing is necessary for the performance of a contract.
Once the service has been delivered and any outstanding matters have been resolved, we will delete your personal data.

Accounting

We are required to retain all accounting records in accordance with the Danish Bookkeeping Act. This means we store invoices and similar documentation for accounting purposes. These documents may contain general personal data such as name, address, and service descriptions.
The legal basis for this processing is Article 6(1)(c) of the General Data Protection Regulation (GDPR), as the processing is necessary for compliance with a legal obligation.
We retain this information for a minimum of five years after the end of the current financial year.

Data Processors

No one can do everything alone - and neither can we. We therefore collaborate with partners and use external suppliers, some of whom act as data processors.
External vendors may, for example, provide systems that help us organize our work, deliver services, offer consultancy, provide IT hosting, or assist with marketing.
It is our responsibility to ensure that your personal data is handled properly. That’s why we place high demands on our partners. Our partners are required to guarantee the protection of your personal data. We enter into data processing agreements with all partners who process personal data on our behalf, to ensure a high level of security and compliance.

Disclosure of Personal Data

We do not disclose your personal data to third parties.

Transfers to Third Countries

As a general rule, we use data processors located within the EU/EEA or who store data within the EU/EEA.
In some cases, this may not be possible. In such instances, we may use data processors outside the EU/EEA, provided they can ensure an adequate level of protection for your personal data.

Data Processing Security

We ensure the security of personal data processing by implementing appropriate technical and organizational measures.

We have conducted risk assessments of our data processing activities and, based on these assessments, implemented suitable technical and organizational measures to enhance data processing security.

Data Subject Rights

Under the General Data Protection Regulation (GDPR), you have several rights in relation to our processing of your personal data.
If you wish to exercise your rights, please contact us so we can assist you.

Right of Access

You have the right to access the personal data we process about you, as well as certain additional information.

Right to Rectification

You have the right to have inaccurate personal data about you corrected.

Right to Erasure

In certain circumstances, you have the right to have personal data about you deleted before our general retention period expires.

Right to Restriction of Processing

In some cases, you have the right to request that the processing of your personal data be restricted. If you exercise this right, we may, apart from storage, only process the data with your consent, or for the establishment, exercise, or defense of legal claims, or for the protection of another person or important public interests.

Right to Object

In certain situations, you have the right to object to our otherwise lawful processing of your personal data. You also have the right to object to the processing of your data for direct marketing purposes.

Right to Data Portability

In some instances, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have this data transferred from one data controller to another without hindrance.

You can read more about your rights in the Danish Data Protection Agency’s guidance on the rights of data subjects, available at www.datatilsynet.dk.

Withdrawal of Consent

If our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time.

Complaint to the Danish Data Protection Agency

You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find the Agency’s contact information at www.datatilsynet.dk.