HOT WOK’s GDPR / Data Protection Policy
This policy describes how we apply and protect personal data, and how to make sure that employees have knowledge of the rules applied for use of personal data of which they have access in the course of their employment. This policy is complimentary to our other policies on IT-safety, internet and email etc.
The purpose of this policy is to comply with the demands of the Data Protection Regulation, sep. art. 13.
Maya Mortens from The Danish Data Protection Agency is responsible for update and control of this policy.
When this policy refers to legal acts is hereby meant the Data Protection Regulation, and when referring to clauses, clauses in the Data Protection Act is implicit.
Handling personal data in general
Handling personal data in our company takes place due the principles of lawfulness, fairness and transparency. Personal data are collected solely to explicitly mentioned and legal purposes just as we comply with the principle of datamining. We aim to make sure that all information is correct and updated, just as the principles of storage limitations, integrity and non-disclosure and last but not least responsibility is a high priority.
Should you have any questions regarding our handling of personal data and this Data Protection Policy, you are welcome to contact Leif who has the superior responsibility in this respect.
HOT WOK ApS is data controller, and we make sure that your personal data is handled according to law.
HOT WOK ApS
Telephone: +45 7370 9662
Handling purposes, categories of information to be handled
The purpose of handling personal data can be various, but the following examples are the most common ones. If, exceptionally, we have to handle personal data for purposes which cannot comply with the below mentioned, we will inform you regardingly. Correspondingly, the same goes if we collect or handle personal data from other people.
- Completing orders,
- Registration of orders and statistics / behaviour.
- Handling insurance- and financing payments.
- Meeting complaint- and guarantee commitments.
- Follow-ups on sales, handling of orders, returning etc.
- Communication in connection with your order or other questions for us.
- Securing user-friendliness and safety.
- Optimization of our digital solutions and marketing.
- Option to participate in customer surveys, competitions, drawing lots etc. through digital solutions.
- Files regarding registrated products and personal information.
WHICH DATA ARE COLLECTED
We use data about you in order to meet up with our agreement with you and to improve our service and secure quality in our products and services. The personal data which we handle include:
- Automatically collected data
We have a series of digital series solutions based upon different technologies aiming to secure user-friendliness and safety. These technologies can automatically collect data in order for us to be able to offer you the optimal solution, either directly by us or by a third party on our behalf. Examples in this regard are analyzes of clicks and cookies. The same applies for our contact functionality on our website and the automatic arrangement for appointment.
All visits to a digital solutions leads to the fact that information is sent from the browser used and onto a server. We are optimizing our digital solutions through analysis of these data. Data are collected through a third party on behalf of us. Data about your browser can be collected to administrate our system and to carry through internal, marketing related analyzes based upon your behavior. Examples of data which are collected and analyzed:
- Date and time for visits
- The pages which have been visited in the solution
- The IP-address used by you
- The geografical situation of the IP-address
- Information on the browser and computer used (type, version, operating system etc.)
- URL from the place of referral (the page from where the visitor has come to our solution)
We use carinfo that works as data controllers for us. We are responsible for the collected data, and the collected date will not be passed on the other parties, unless a consent is present or a legal demand exists.
- Information given from yourself.
Naturally, we write down the information which you pass on to us yourself when you visit us in person or when you visit our website.
Examples of data which you actively pass on yourself, are usually common data like name, address, phone number, email account etc. and often come from:
- Information which you share with us in social media
- Information sent per email
- Information which we receive from you in connection with placing orders
- Information which you share with us when you participate in survey, events and competitions
The list is not complete.
Basis of handling
Personal data are mainly handled regarding art. 6.1.b., as handling is necessary due to compliance with the legal commitments between us.
Certain information, including delicate information, is handled based upon a consent to the largest extend, see below.
Recipients and passing on personal data
We can pass on your information if we are obligated to passing on or sharing this information in order to comply with a legal commitment. Passing on information can also take place after the orders from a legal court or similar authority, or in order to protect trademarks, rights or property. This includes exchanging information with other companies and organizations with the goal of protection against scams.
We use service agents and data controllers who carry out our work on our behalf. The service can e.g. be server hosting and system maintenance, analysis, payment solutions, address- and finance control, email service etc. The cooperation partner can have access to data to the extend which is necessary in order for them to deliver their services. The cooperation partners will be contractually obligated to handle all data in full confidentiality, and consequently they have no permission to use the data for other purposes than the purposes included in the contractual commitment with us. We make sure that our cooperation partners within handling of data comply with their commitments. If we pass on your data onto a service provider or a data handler outside EU, we make sure that we comply with legal requirements regarding such transfers.
We never collect personal data without having these data from you personally e.g. by registration, purchase or participation in surveys etc.
Storage time and delete policy
We save information about you as long as we have a legitimate and an objective basis for this in order for us to serve you and your car in the best possible way.
As a starting point all personal data will be deleted after 5 years after the end of the customer relationship meaning the last active transaction. Personal data may be saved longer than this, should there be an objective need regardingly, e.g. if a legal claim is to be determined, claimed or defended, cf. art. 17.3.e.
Cookies, though, cf. art. 4, will be deleted 12 months after use at the latest.
Right of access, correction and deletion (art. 13.2.b, art. 15.)
You are entitled to request insight regarding the data which we handle. The data which you can ask for are:
- that personal data are handled
- what is handled
- the purposes of data handling
- the involved categories of personal data (ordinary or delicate)
- the period of time when data are handled and stored
- the right to
- request for correction or deletion
- lodge a complaint at the Data Protection Authority
You are entitled to have incorrect data about yourself corrected without unnecessary delay. You have to take the initiative yourself regarding such a correction.
Furthermore, you can request to be deleted (”the right to be forgotten”), however, not earlier than the end of legally stipulated storage obligation, cf. The Accounting Law. Also, you can contact us if you feel that your personal data are handled contrary to the law or other legal obligations.
When you approach us after a request to have your personal data corrected or deleted, we will investigate whether the conditions are met, and in this case we carry through the changes or deletion as soon as possible.
If you need to have access to the data which have been registrated about you by means of our cookies, you shall approach us by telephone: 7370 9662 or mail: firstname.lastname@example.org. Have incorrect data been filed or should you have other complaints, you can contact us through the same contact options. You have the option to achieve insight on which data have been filed about you, and you can make objections regarding a registration like mentioned above.
Dataportability and profiling
You are entitled to receive the personal data which you have passed on to us and the data which we have collected about you through other providers based upon you consent. If we handle data about you as part of a contract in which you are an involved party, you can also have your data sent to you. You are also entitled pass the personal data onto another service provider.
If you want to use your right to dataportability, you can receive your personal data from us in a commonly used data format.
In general, we do not do profiling, i.e. automatized determination for use for analyzes or the like.
When consent is required as a handling basis, we have to be able to document that consent is present. This is why we always ask for your written consent.
A consent is a volunteer, specific, informed unambiguous statement of will regarding handling personal data. At any time, you can withdraw your consent, and if this is the only handling basis, all future handling will stop. Our storage obligation and –right will not be affected by this, though.
Your consent can be withdrawed by approaching us by the contact options mentioned in art. 1.
- What are cookies?
Cookies means small text files consisting of letters and numbers which are left on your computer or similar unit. Cookies are left when you visit a website which is using cookies, and they can be used for controlling which websites you have visited, they can help you to continue where you last left or they can memorize your language settings or other preferences. There are no personal data stored in our cookies, and they can not carry virus.
If we leave cookies, you will be informed about the use and purpose by collecting data through cookies. At the same time, you will be asked to give us your consent. Necessary cookies for securing functionality and setting can be used without your consent, though.
- Types of cookies and their purposes
The purpose of cookies are measuring traffic and facilitating your user experience of the website. The website is using cookies from Google Analytics for measuring the traffic onto the website.
You can skip cookies from Google Analytics here: http://tools.google.com/dlpage/gaoptout
- Delete cookies or turn off cookies in the browser
You can always reject cookies on your computer by changing the setting in your browser. Where you find the setting depends on what kind of browser you are using. However, you should be aware that, should you choose to do so, there will be a lot of functions and services which you then cannot use on the internet.
All browsers permit that you delete your cookies altogether or individually. How you will do it depends on what kind of browser you are using. Please note that in case you are using more browsers, be sure to delete cookies in all browsers.
Read more about deletion and handling here: http://minecookies.org/cookiehandtering
We protect your personal data and we have internal rules regarding data- and IT-safety.
Our internal safety rules include instructions and measures for protecting your personal data against being destroyed, being lost or altered, against unauthorized publication or against authorized persons’ access or knowledge of these data.
We have fixed procedures for allocation of access rights for the employees who are handling personal data, including delicate data. We carry out checks regarding these employees’ actual access through logging, codes and oversight. In order to avoid loss of data we do backup of our data set regularly.
In case of breach of safety leading to high risk for you regarding discrimination, ID-theft, financial loss, loss of reputation or other major disadvantage, we shall notify you of the breach of safety as soon as possible, just as we are subject to a legally stipulated obligation to report.
Complaints (art. 77)
Anybody who has been registered has the right to file a complaint towards the DPA regarding our handling of personal data.
You can file a complaint at
Borgergade 28, 5.
DK-1300 Copenhagen K
tel: +45 3319 3200
VERSION AND UPDATE