Privacy policy

1. Introduction

Here you can read about how Bramidan A/S (hereinafter “Bramidan”, “we”, “us”, and “our”) collects, processes, and stores your personal data as part of our operations and the activities described in section 3 below.

Responsible handling of personal data is crucial to our business goals and reputation. Therefore, this privacy policy describes how and why we collect personal data about you, how the data is used, when it is deleted, and how you can, among other things, access your personal data.

 

2. Data controller

Bramidan A/S is the data controller for the processing activities described in this privacy policy, unless otherwise stated in the activities in section 3 below. Bramidan A/S is headquartered in Denmark with offices around the world. You can see a list of our Bramidan Group offices here: Bramidan Headquarters and production plant are placed in Denmark. If you have any questions about this privacy policy or our processing of your personal data as described in section 3 below, please contact us at:

Bramidan A/S
VAT number: 82 11 61 17
Address: Industrivej 69, 6740 Bramming
Email: bramidan@bramidan.dk

 

3. How do we process personal data about you as part of our activities?

We collect and process personal data in different situations, and the purposes of the collection, what the personal data is used for and when it is deleted can vary. The individual activities where Bramidan (as data controller) can collect personal data about you are therefore described separately below.

 

3.1 When you visit our website (Cookies)

When you visit our website www.bramidanusa.com, we process, store, and disclose personal data about you for various activities through cookies and your personal data may be used for the purposes specified below.

You can read more about cookies, the different types of cookies we use, how to change your cookie settings, delete cookies, and more in our cookie policy which is available here: Cookies (bramidan.com). Our website may contain links to other websites or to integrated websites. We are not responsible for the content of websites from other companies or their processing practices of personal data, and we refer you to read their privacy policy as well as other relevant policies relevant for other websites.

 

3.1.1 What personal data is processed and where does it come from?

We expect to collect the following personal data about you through cookies on our website:

  • Digital footsteps such as IP-address, language, browser type, operating system etc.
  • Information about which device you use (pc, tablet, mobile phone etc.)
  • Information about your behaviour on our website (such as clicks, interests, and browsing history).
  • Why do we process the personal data?
  • We process your personal data for the following purposes:
  • For administration, maintenance, and development of the website
  • To analyse the use of our website and collect statistics about visitors
  • For marketing purposes, such as our newsletter service

 

3.1.2 Why do we process the personal data?

We process your personal data for the following purposes: 
  • For administration, maintenance, and development of the website
  • To analyze the use of our website and collect statistics about visitors
  • For marketing purposes, such as our newsletter service 

 

3.1.3 What is the legal basis for our processing?

Our processing of personal data is based on the following legal bases:

  • Consent: When you visit our website, we ask for your consent to place cookies in accordance with our cookie policy. We process your personal data to offer functions on the website, collect statistics and promote products for marketing purposes based on your consent. This legal basis is found in Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by contacting us (see section 2 above).
  • Legitimate Interest: We may collect personal data about you to be able to run the website, perform statistics and analytics, maintenance, development of the website, and for security reasons. This legal basis is found in Article 6(1)(f) of the GDPR. The legitimate interests are our legitimate interests in providing and optimising our website to you and providing you with the best online experience and products. You can object to this processing at any time by contacting us (see section 2 above).

 

3.1.4 Who do we share your personal data with?

Your personal data may be shared with online service and ad providers. We may also share your personal data with any of our company group entities, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA if necessary to carry out the relevant task. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacyframework.gov).

 

3.1.5 For how long do we store your personal data? 

The retention period depends on the cookie. Your personal data is stored in accordance with our cookie policy which is included in our cookie solution.
We may store and process data for longer in anonymised form meaning we can no longer identify you.

 

3.2 When you subscribe to our newsletter

When you subscribe to our newsletter for direct marketing purposes, we process different personal data about you.

 

3.2.1 What personal data is processed and where does it come from?

We process the following personal data about you in relation to our newsletter services:

  • Contact information (name, email) 
  • Marketing preferences, interests, and click behaviour on published content through pixels
  • Your consent and the date of your consent

 

3.2.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • For direct marketing purposes, and to provide you with our newsletter service

3.2.3 What is the legal basis for our processing?

Our processing of general personal data is based on the following legal bases:

  • Consent: When you subscribe to our newsletter, we ask for your consent for direct marketing purposes. This legal basis is found in the Danish Marketing Act s. 10. You can withdraw your consent at any time by contacting us (see section 2 above), or by unsubscribing to our newsletters in the bottom of the email.

 

3.2.4 Who do we share your personal data with?

We may share your personal data and/or make them available to other suppliers and/or service providers in connection with the general operation of our business, e.g. in connection with the administration of our newsletter solution, analysis, and marketing tasks. We may also share your personal data with our company group entities, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA if necessary to carry out the relevant task. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers – European Commission (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacyframework.gov).

 

3.2.5 For how long do we store your personal data?

Your personal data is stored as long as your consent to receive newsletters is active and for a period thereafter to document the validity of the consent.

In accordance with the recommendations of the Danish Consumer Ombudsman, we keep documentation of your marketing consent for at least two years after you have withdrawn your consent and in any case for as long as it is relevant for us to be able to document the validity of the consent.

The retention period is based on our legitimate interest in being able to demonstrate that direct marketing has taken place in accordance with applicable legislation (Article 6(1)(f) of the GDPR).  

We may store and process data for longer in anonymised form meaning we can no longer identify you, or if we are obliged to do so by law or as part of a specific case.

 

3.3 Courses, webinars, and other events

When you participate in our courses, events, seminars (online or in person) etc., we process different personal data about you to deliver these services.

 

3.3.1 What personal data is processed and where does it come from?

We process the following personal data about you:

  • Contact information (name, phone number, and email) 
  • Title and employer information
  • Communication history
  • Video recordings if the event takes place online
  • Other information you may provide us with in connection with the event

3.3.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • To analyse the use of our services and collect statistics to improve our services and products
  • For administration, maintenance, and development of our (existing or future) relationship
  • To communicate with you, such as providing service info and support
  • For marketing purposes, such as providing info about relevant topics and the events
  • For financial purposes

 

3.3.3 What is the legal basis for our processing?

Our processing of general personal data is based on the following legal bases:

  • Contractual obligation: When you enter into a contract with us for our event services, we process your personal data in accordance with the rights and obligations agreed between us and to offer you the services. This legal basis is found in Article 6(1)(b) of the GDPR.
  • Legitimate Interest: The personal data may also be processed based on our legitimate interests (GDPR Article 6(1)(f)) where the legitimate interests are to administer seminars, communicate, send out evaluation forms, and for marketing purposes on our website and social media (not being direct marketing) etc.

 

3.3.4 Who do we share your personal data with?

We may share your personal data and/or make them available to other suppliers and/or service providers in connection with our events, e.g. if external lecturers are included in the event.

We may also share your personal data with our company group entities, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA if necessary to carry out the relevant task. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacyframework.gov).

 

3.3.5 For how long do we store your personal data?

Your personal data is stored as long as we are in a contractual relationship. Personal data is deleted no later than 3 years after the end of the event.

We may store and process data for longer in anonymised form meaning we can no longer identify you, or if we are obliged to do so by law or as part of a specific case.

Accounting material, including personal data, which we are obliged to store, is deleted no earlier than 5 years after the end of the financial year to which the information relates according to the Danish Book-keeping Act.

 

3.4 When you communicate with us, e.g. by e-mail, phone, or use our contact form

When you contact us for support, or otherwise communicate with us, we collect and process your personal data.
We urge you not to disclose any sensitive or confidential personal data to us unless it is strictly necessary for your inquiry. For security reasons, we encourage you to send the information in encrypted form if you submit confidential or sensitive personal data via email.

 

3.4.1 What personal data is processed and where does it come from?

We collect, process, and store the following types of personal data about you:

  • Contact information (name, email, and phone number)
  • The subject of your inquiry, including date, and any attachments you include
  • Employer information
  • Country
  • Communication history
  • Customer ID
  • Other personal data that you provide in connection with your inquiry

 

3.4.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • To process your inquiry or request
  • Customer service and sales
  • Marketing purposes
  • General communication with you and administration of our contractual relationship
  • Statistics and analysis to improve our products and service

 

3.4.3 What is the legal basis for our processing?

Our processing of general personal data is based on the following legal bases:

  • Consent: When you sign up for any campaigns or the like, we ask for your consent for direct marketing purposes. This legal basis is found in the Danish Marketing Act s. 10. You can withdraw your consent at any time by contacting us (see section 2 above).
  • Contractual obligations: If your enquiry concerns a (potential) agreement, we process your data to implement contractual measures or fulfil the agreement with you (Article 6(1)(b) of the GDPR).
  • Legitimate Interest: We may collect personal data about you to be able to handle your inquiry, communicate with you, provide customer service, and develop our products and services. This legal basis is found in Article 6(1)(f) of the GDPR. You can object to this processing at any time by contacting us (see section 2 above).

 

3.4.4 Who do we share your personal data with

The personal data may be shared with our IT suppliers (data processors) who process and store the personal data on our behalf and in accordance with our instructions and based on a data processing agreement.

We may also share your personal data with our company group entities, if your request requires us to forward your inquiry. You can find a list of our company group entities here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA if necessary to carry out the relevant task. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacyframework.gov).

 

3.4.5 For how long do we store your personal data?

Your personal data will be deleted when we no longer need to process it for the fulfilment of one or more of the above purposes. In most cases, we will delete your inquiry once we have handled and completed your inquiry.

Depending on the nature of the inquiry, we may retain your personal data for up to 3 years from the response to your inquiry for the purpose of documentation and with reference to the statute of limitations rules on the limitation of ordinary monetary claims.

Accounting material, including personal data, which we are obliged to store, is deleted no earlier than 5 years after the end of the financial year to which the information relates according to the Danish Book-keeping Act.

The personal data may be processed and stored for longer if we are obliged to do so by law.

We may store and process data for longer in anonymised form meaning we can no longer identify you.

 

3.5 When you visit our office

When you visit our physical offices, we process your personal data.

 

3.5.1 What personal data is processed and where does it come from?

We collect, process, and store the following types of personal data about you:

  • Contact information (name, email, and phone number)
  • Work information
  • Visit history, including date, time, and purpose of visit
  • Other personal data that you provide in connection with your visit.

 

3.5.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • To provide you access to our office facilities and to administer your visit with us
  • To ensure the safety of our employees.

 

3.5.3 What is the legal basis for our processing?

Our processing of personal data is based on the following legal bases:

  • Legitimate interest: Pursuing our or a third party’s legitimate interests, which outweigh your fundamental rights and freedoms. This legal basis is found in Article 6(1)(f) of the GDPR. The legitimate interests referred to are our legitimate interests in providing you with access to our office and in protecting our employees. You can object to this processing at any time by contacting us (see section 2 above).

 

3.5.4 Who are the personal data shared with?

The personal data may be shared with our IT suppliers (data processors) who process and store the personal data on our behalf and in accordance with our instructions and based on a data processing agreement.

 

3.5.5 For how long do we store your personal data?

Your personal data is deleted when we no longer need to process it to fulfil one or more of the above-mentioned purposes, for example, if we intend to enter into a collaboration with you or if we need to have follow-up meetings. However, personal data may be kept for up to 3 years after our latest interaction.

The information may be processed for a longer period in anonymized form, or if we are required to do so by law.

 

3.6 When you engage with us as a Customer

When you engage with us as a customer, we collect and process personal data about contact persons and employees in your organisation.

We do not process any sensitive personal data unless it is strictly necessary for our services. For security reasons, we encourage you to send the information in encrypted form if you submit confidential or sensitive personal data.

 

3.6.1 What personal data is processed and where does it come from?

We collect, process, and store the following types of personal data about you:

  • Contact information (name, email, and phone number)
  • Work, title, and employer information
  • Location data
  • Digital footsteps, such as user profile information and activity logs related to relevant systems, such as the Bramidan
  • BRA-IN monitoring portal
  • Communication and order history
  • Other personal data that you provide us with during our professional relationship

We usually collect this data directly through you, but we may collect the data from your employer.

 

3.6.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • To administer our contractual relationship and provide you with our services and products
  • To communicate with you
  • For customer service, support, and sales
  • To improve our products and services and perform statistics and analytics
  • To comply with any applicable law, court order, other judicial process, or the requirements of a regulator
  • To assert or defend legal claims in case of any disputes.

3.6.3 What is the legal basis for our processing?

Our processing of general personal data is based on the following legal bases:

  • Consent: We may ask for your consent to collect personal data related to our it platforms, such as Bramidan BRA-IN monitoring portal. This legal basis is found in Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by contacting us (see section 2 above).
  • Contractual obligations: We process your data to implement contractual measures or fulfil the agreement with you (if you are a privately owned company) when providing our Services (Article 6(1)(b) of the GDPR).
  • Legal obligation: We have to comply with a legal obligation to which we or you are subject to. This legal basis is found in Article 6(1)(c) of the GDPR. The legal obligations, among others, include, depending on our relationship: the Danish Bookkeeping Act & the Danish Statute of Limitations Act
  • Legitimate Interest: We may collect personal data to manage our professional relationship, to defend or pursue legal claims, communicate with you, and develop our services and products. This legal basis is found in Article 6(1)(f) of the GDPR. You can object to this processing at any time by contacting us (see section 2 above).

 

3.6.4 Who do we share your personal data with

The personal data may be shared with our IT suppliers (data processors) who process and store the personal data on our behalf and in accordance with our instructions and based on a data processing agreement entered into. We may also share your personal data with government entities  such as Danish Courts.

We may, depending on the scenario, share your personal data with our company group entities, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA if necessary to carry out the relevant task. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacyframework.gov).

 

3.6.5 For how long do we store your personal data?

Your personal data will be deleted when we no longer need to process it for the fulfilment of one or more of the above purposes. In most cases, we retain your personal data for up to 5 years from the end of our contractual relationship and for the purpose of documentation and with reference to the statute of limitations rules on the limitation of ordinary monetary claims.

Accounting material, including personal data, which we are obliged to store, is deleted no earlier than 5 years after the end of the financial year to which the information relates according to the Danish Book-keeping Act.

Corporate documents are kept for 5 years after the corporate documents are dated.

The personal data may be processed and stored for longer if we are obliged to do so by law.

We may store and process data for longer in anonymised form meaning we can no longer identify you.

 

3.7 When you engage with us as a supplier

When you communicate with us, as a supplier, we process personal data about contact persons in your organisation, such as employees, interns, and other staff who communicates with us.

 

3.7.1 What personal data is processed and where does it come from?

We collect, process, and store the following types of personal data about you:

  • Contact information (name, work email, and phone number) when your employer enters into a contract with us
  • Communication history when you work, communicate with, and visits us at our office
  • Contractual relationship info, such as agreements, invoices etc.
  • Employer information, title, workplace, and area of expertise
  • Other personal data that you provide in connection with our relationship

 

3.7.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • To administer our contractual relationship
  • General communication with you
  • Financial purposes
  • To assert or defend legal claims in case of any disputes.

3.7.3 What is the legal basis for our processing?

Our processing of general personal data is based on the following legal bases:

  • Legal obligation: We have to comply with a legal obligation to which we are subject. This legal basis is found in Article 6(1)(c) of the GDPR. The legal obligations may include the Danish Bookkeeping Act.
  • Legitimate Interest: We may collect personal data about you to be able to administer our contractual relationship, communicate with you, or to defend or pursue any legal claims. This legal basis is found in Article 6(1)(f) of the GDPR. You can object to this processing at any time by contacting us (see section 2 above).

 

3.7.4 Who do we share your personal data with

The personal data may be shared with our IT suppliers (data processors) who process and store the personal data on our behalf and in accordance with our instructions and based on a data processing agreement.

We may also share your personal data with our company group entities, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA if necessary to carry out the relevant task. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacyframework.gov).

 

3.7.5 For how long do we store your personal data?

Your personal data will be deleted when we no longer need to process it for the fulfilment of one or more of the above purposes. In most cases, we may retain your personal data for up to 5 years after the end of our contractual relationship.

Accounting material, including personal data, which we are obliged to store, is deleted no earlier than 5 years after the end of the financial year to which the information relates according to the Danish Book-keeping Act.

The personal data may be processed and stored for longer if we are obliged to do so by law, or for the purpose of documentation and with reference to the Danish Statute of Limitations rules on the limitation of ordinary monetary claims.

We may store and process data for longer in anonymised form.

 

3.8 When you engage with us as a distributor

When you communicate with us, as a distributor of any of our products, we process personal data about contact persons in your organisation, such as employees, interns, and other staff who communicate with us.

 

3.8.1 What personal data is processed and where does it come from?

We collect, process, and store the following types of personal data about you:

  • Contact information (name, work email, and phone number) when your employer enters into a contract with us
  • Country
  • Communication history when you work, communicate with, and visits us at our office
  • Contractual relationship info, such as agreements, invoices etc.
  • Employer information, title, workplace, and area of expertise
  • Other personal data that you provide in connection with our relationship

 

3.8.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • To administer our contractual relationship
  • General communication with you
  • Financial purposes
  • To assert or defend legal claims in case of any disputes.

3.8.3 What is the legal basis for our processing?

Our processing of general personal data is based on the following legal bases:

  • Legal obligation: We have to comply with a legal obligation to which we are subject. This legal basis is found in Article 6(1)(c) of the GDPR. The legal obligations may include the Danish Bookkeeping Act and local tax legislation.
  • Legitimate Interest: We may collect personal data about you to be able to administer our contractual relationship, communicate with you, or to defend or pursue any legal claims. This legal basis is found in Article 6(1)(f) of the GDPR. You can object to this processing at any time by contacting us (see section 2 above).

 

3.8.4 Who do we share your personal data with

The personal data may be shared with our IT suppliers (data processors) who process and store the personal data on our behalf and in accordance with our instructions and based on a data processing agreement.

We may also share your personal data with our company group entities to complete any orders, agreements, service, and for communication purposes, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA if necessary to carry out the relevant task. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu).

We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacyframework.gov).

 

3.8.5 For how long do we store your personal data?

Your personal data will be deleted when we no longer need to process it for the fulfilment of one or more of the above purposes. In most cases, we may retain your personal data for up to 5 years after the end of our contractual relationship.

Accounting material, including personal data, which we are obliged to store, is deleted no earlier than 5 years after the end of the financial year to which the information relates according to the Danish Book-keeping Act.

The personal data may be processed and stored for longer if we are obliged to do so by law, or for the purpose of documentation and with reference to the Danish Statute of Limitations rules on the limitation of ordinary monetary claims.

We may store and process data for longer in anonymised form.

 

3.9 If you apply for a job with us

If you apply for a job with us, we process your personal data in connection with the recruitment process.

We encourage you to not include any sensitive or confidential information, such as health data or social security number, unless this is a requirement or is explicitly requested for the position you are applying for.

 

3.9.1 What personal data is processed and where does it come from?

We process the following personal data about you during our recruitment process:

  • Contact information (name, email, phone number, address)
  • Information included in your resumé, application and any attachments you provide
  • Employment history, including experience, skills, performance, and general appearance
  • Publicly available information, e.g. on the internet and on social media
  • Results from tests, such as personality tests
  • Personal data collected via interviews (physically and online)
  • References you have listed, or you have consented for us to contact
  • Potentially health information if necessary for the position you have applied for, or if you are required to disclose this information due to any special health conditions that may affect your role and work performance, or which may be of special interest to us
  • Potentially your criminal record, if necessary for the position you have applied for
  • Other personal data you may share with us during the recruitment process

 

3.9.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • To assess whether you are the right fit for a position at our organisation

 

3.9.3 What is the legal basis for our processing?

Our processing of your personal data is based on the following legal bases:

  • Consent: We may ask for your consent to collect references from previous/current employers that you have not provided as references. If we cannot offer you employment, we may offer to save your application for later use based on your consent. This legal basis is found in Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by contacting us (see section 2 above).
    If it is necessary to see your criminal records or similar documentation, the processing is based on Section 8.3 of the Danish Data Protection Act. If it becomes necessary for the position you have applied for and in exceptional circumstances, we will ask for your explicit consent to process any health data (Article 9(2)(a) of the GDPR).
  • Legitimate Interest: We may process personal data about you to assess your eligibility and to offer you employment, based on the information you provide in your resumé, application and any attachments, publicly available information, results of personality tests, references you have provided in your application, and other information you provide to us in connection with the recruitment process. This legal basis is found in Article 6(1)(f) of the GDPR. You can object to this processing at any time by contacting us (see section 2 above).
  • Contractual obligation: If we offer you employment, the processing of your personal data will be based on the employment agreement we enter with you (Article 6(1)(b) of the GDPR).

 

3.9.4 Who do we share your personal data with?

We may share your personal data with our data processors, and/or make them available to other suppliers and/or service providers in connection with the general operation of our business, e.g. in connection with the external administration of our IT systems and HR administration.

We may also share your personal data with any of our company group entities, if your role is relevant for other parts of our organisation, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA, including our affiliated companies. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacy-framework.gov).

 

3.9.5 For how long do we store your personal data?

If you are offered a position with us, your application as well as additional relevant personal data collected in connection with the recruitment process will be stored in your personnel file with us.

If you are not offered a position, we will keep your application and any additional personal information collected during the recruitment procedure for a period of six (6) months after our refusal, unless you have given your consent for us to store your personal data for a longer period in case other employment opportunities arise.

Any criminal records and health data will be deleted immediately after review.

We may store and process data for longer in anonymised form meaning we can no longer identify you. We may also store your personal data in case of any disputes related to the recruitment activities.

 

3.10 When you visit our social media profiles

If you visit our social media profiles, we may process your personal data as the data controller. In some cases, we act as joint data controllers together with the provider of the social media platform and has entered into a joint data controller agreement. We refer you to the individual social media providers’ privacy policies for more information about their and our joint processing of your personal data.

We have the following social media profiles:

 

3.10.1 What personal data is processed and where does it come from?

When you visit our social media profiles, we and the social media provider may process the following personal data about you:

  • Publicly available information on the platform such as user information (name, email, phone number, address), gender, workplace, interests etc.
  • Any likes, comments, posts, messages, and other interactions with our social media profile page
  • Other personal data you may share with our profile

3.10.2 Why do we process the personal data?

We process your personal data for the following purposes:

  • For analysis and statistical purposes to improve and develop our business, services, and social media profile pages
  • To communicate with you and general marketing initiatives

The social media providers may process your personal data for their:

  • Adverting and sales initiatives
  • To provide us with statistics data about you visit to our social media profile
  • To improve their social media offerings, features, and products

3.10.3 What is the legal basis for our processing?

Our processing of your personal data is based on the following legal bases:

  • Legitimate Interest: We may process your personal data to communicate with you, for marketing purpo-ses on our social media profiles, and to improve our business, products, and services. This legal basis is found in Article 6(1)(f) of the GDPR. You can object to this processing at any time by contacting us (see section 2 above).

 

3.10.4 Who do we share your personal data with?

We may share your personal data and/or make them available to other suppliers and/or service providers in connection with the general operation of our business, e.g. in connection with the administration of our IT systems.

We may share your personal data with our company group entities, which can be found here: Bramidan Headquarters and production plant are placed in Denmark.

We may transfer your personal data to countries outside of the EU/EEA, including our affiliated companies. Any transfer will take place subject to valid legal grounds for such transfer (the GDPR Chapter 5), e.g. the Standard Contractual Clauses published by the EU Commission which can be found here: Standard contractual clauses for international transfers (europa.eu). We may also rely on the EU-U.S Data Privacy Framework, if we transfer personal data to the US which can be found here: Home (dataprivacy-framework.gov).

 

3.10. 5 For how long do we store your personal data?

We store your personal data as long as they are active on our social media profiles, and until you delete any “likes”, shared posts, comments, messages etc. on our social media profiles.

The data can be stored for a longer period in anonymised form.

 

4. Disclosure of personal data to other controllers

Disclosures

In certain situations and in addition to above, it is necessary for us to disclose your personal data to third parties. Under specific circumstances and in accordance with the law, it may be necessary to disclose your personal data to the following third parties (data controllers):

  • Lawyers, auditors, banks, insurance companies, and other consultants
  • Courts and other public authorities such as the police
  • Potential buyers of Bramidan.

Our company structure may change as we develop, for example, through the complete or partial sale of Bramidan. In the event of the transfer of assets containing personal data, we disclose your personal data based on our legitimate interest in transferring parts of our assets and making commercial changes (Ar-ticle 6(1)(f) of the GDPR).

 

5. Your rights

You are entitled to exercise your rights under the data protection legislation at any time and under certain conditions:

  • Access: You have the right to obtain access to and receive a copy of the personal data we process about you and several additional data. We respond within a reasonable time and no later than one month after receiving your request.
  • Right to object: In certain cases, you have the right to object to our collection and processing of your personal data.
    Rectification: You have the right to have personal data about you rectified.
  • Erasure: In special circumstances, you have the right to have personal data about you erased before the time for our ordinary erasure.
    Restriction: In certain cases, you have the right to restriction of processing of your personal data. If the right applies, we may then only process the data – except for retention – with your consent or for the establishment, exercise, or defence of legal claims or for the protection of the rights of another person or for reasons of important public interest.
  • Data portability: In certain cases, you have the right to receive a copy of the personal data you have provided in a structured commonly used and machine-readable format.

If you wish to exercise your rights or have questions about our processing of your personal data, please contact us at bramidan@bramidan.dk. Your request will be processed in accordance with the legislation in force at the given time. To the extent necessary, we will contact you and ask for additional information required to handle your request correctly.

If you would like to learn more about your rights, please visit the website of the Danish Data Protection Agency, www.datatilsynet.dk.

 

6. Making a complaint

If you would like to make a complaint about our processing of your personal data, you are welcome to contact us. Our contact details are listed in Section 2 above.

You also have a right to file a complaint to the Danish Data Protection Agency, Carl Jacobsens Vej 35, DK-2500 Valby. A complaint may be filed by email to dt@datatilsynet.dk or through the website of the Danish Data Protection Agency www.datatilsynet.dk.

 

7. Updating our privacy policy

Bramidan may update this privacy policy on an ongoing basis when this is necessary to provide a fair description of our processing of personal data.

In the event of material changes to our processing of your personal data already in our possession, you will be notified of the update (e.g. by email) or we will announce the update on our website.

 

This privacy policy was last updated in May 2024.