Privacy Policy

Data Controller

We are the data controller for the processing of the personal data we handle concerning our customers and business partners. You can find our contact information below:

Natex of Scandinavia A/S
Blangstedgaardsvej 1 TV
DK-5220 Odense SØ, Denmark
CVR/VAT no.: 27925669

It is not a requirement for our company to appoint an external Data Protection Officer (DPO), but if you have any questions regarding the processing of your personal data, you are welcome to contact us at info@natex.dk.

 

Processing Activities

As a data controller under the GDPR, we carry out the following processing activities:

Website Visits
When you visit our website, we use cookies to ensure its functionality. You can read more about this in our [cookie policy].

Communication with Potential Customers
If you have questions about our website or would like to learn more about our services, you can contact us via:

• Contact form
• Email
• Telephone

In this context, we will process your personal data to engage in dialogue with you – for example, to respond to inquiries about our services. We only process the information you provide us as part of the communication.

We typically process the following general data: name, email address, and phone number.

Legal basis: GDPR Article 6(1)(f).

We delete our communication with you once it is clear whether or not you wish to proceed with our services.
In special cases, it may be necessary to retain your personal data for a longer period.

Customers

We need to communicate with our customers to ensure that our services are delivered correctly. In this context, we may process data such as name, address, services provided, special agreements, payment information, and similar details.

The legal basis for processing this personal data is Article 6(1)(b) of the General Data Protection Regulation (GDPR).
Once the service has been delivered and any outstanding matters have been resolved, we will delete the personal data shortly thereafter.

Newsletter

We offer a newsletter that you can subscribe to voluntarily – and you can unsubscribe at any time.

The purpose of the newsletter is to send subscribers emails with updates from the company, which may include new website content or announcements about our services.

We will only send you emails if you have actively given your consent. This requires you to enter your email address, after which we will send you a confirmation email to verify your subscription. This ensures that you have indeed subscribed to the newsletter – i.e. provided active consent.

The legal basis for processing your personal data (i.e., your email address) in connection with the newsletter is Article 6(1)(a) of the General Data Protection Regulation (GDPR).

We will process your personal data for as long as you remain subscribed to the newsletter. If you unsubscribe, we will immediately stop sending it to you. If we have not sent you a newsletter for 12 months, your consent will expire due to inactivity.

In the event of unsubscription, we will retain your previous consent for 2 years from the last use, due to statute of limitations requirements, in accordance with section 11.3 of the Danish Consumer Ombudsman’s Guidelines on Spam.

 

Accounting

We are required by the Danish Bookkeeping Act to retain all accounting records. This means we store invoices and similar documents for bookkeeping purposes. These may contain general personal data such as name, address, and a description of services.

The legal basis for processing personal data for accounting purposes is Article 6(1)(c) of the GDPR.

We retain this data for a minimum of 5 years after the end of the financial year in question.

Job Applications
We gladly accept job applications for the purpose of assessing whether they match any employment needs within our company.

If you send us a job application, the legal basis for processing your personal data is Article 6(1)(f) of the General Data Protection Regulation (GDPR).

If you submit an unsolicited application, our HR manager will immediately assess whether your application is relevant. If not, your data will be deleted.

If you apply for a published job opening and are not selected, your application will be deleted once the appropriate candidate has been hired.

If you are involved in a recruitment process and/or hired for a position, we will provide you with separate information regarding how your personal data is processed in that context.

 

Data Processors

No one can do everything alone – and neither can we. We work with external partners and use service providers, some of whom act as data processors.

External providers may deliver systems that help us organize our work, services, consultancy, IT hosting, or marketing.

We are responsible for ensuring that your personal data is handled properly. Therefore, we impose strict requirements on our partners, and they must guarantee the protection of your personal data.

We enter into formal data processing agreements with any company that processes personal data on our behalf, to ensure high levels of data security.

 

Disclosure of Personal Data

We do not disclose your personal data to any third parties.

 

Profiling and Automated Decision-Making

We do not perform profiling or make decisions based solely on automated processing.

 

Transfers to Third Countries

As a rule, we use data processors located within the EU/EEA or who store data within the EU/EEA.

In some cases, this may not be possible. In such cases, we may use data processors located outside the EU/EEA, provided that they offer adequate protection of your personal data in accordance with GDPR requirements.

Data Security
We ensure the security of personal data processing by implementing appropriate technical and organizational measures.

We have conducted risk assessments of our data processing activities and, based on these, implemented relevant safeguards to increase data security.

One of our most important measures is to keep our employees up to date on GDPR through continuous awareness training, formal GDPR courses, and regular reviews of our internal data protection procedures.

 

Your Rights as a Data Subject

Under the General Data Protection Regulation (GDPR), you have a number of rights concerning the processing of your personal data.
If you wish to exercise any of these rights, please contact us so we can assist you.

Right of Access
You have the right to access the data we process about you, as well as additional related information.

Right to Rectification
You have the right to have inaccurate personal data about you corrected.

Right to Erasure
In certain cases, you have the right to have your personal data deleted before our general retention period expires.

Right to Restriction of Processing
In some situations, you have the right to request that we restrict the processing of your personal data.
If processing is restricted, we may only process the data (except for storage) with your consent, or for the establishment, exercise, or defense of legal claims, or to protect another person or important public interests.

Right to Object
In certain circumstances, you have the right to object to our otherwise lawful processing of your personal data.
You can also object to the processing of your data for direct marketing purposes.

Right to Data Portability
In some cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have it transferred from one controller to another without hindrance.

You can read more about your rights in the guidance from the Danish Data Protection Agency, available at www.datatilsynet.dk.

 

Withdrawal of Consent

If our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time.

 

Complaint to the Danish Data Protection Agency

If you are dissatisfied with how we process your personal data, you have the right to file a complaint with the Danish Data Protection Agency.
You can find their contact information at www.datatilsynet.dk.