Data controller
Nordic Pet Care Group
Birkegårdsvej 3
8361 Hasselager
Reg: 19319970
On behalf of the following companies:
Nordic Pet Care A/S (reg: 32881718)
Best Friend Group OY (reg: 1073893-0)
Best Friend AB (reg: 556183-3764)
Best Friend Danmark A/S (reg: 25622588)
Best Friend Hong Kong Ltd (reg: 51873535)
Best Friend Norway A/S (reg: 911 862 719)
Vital Petfood Group A/S (reg: 63840610)
VPG Norway AS (reg: 971 116 730)
Best Sales A/S (reg: 31873231)
In the following mentioned as the ’’Company’’
The Company is data controller and thereby responsible for the data we collect about you and we ensure that your personal data is processed in accordance with the current and existing legislation. The information is shared between the relevant departments and companies within the Company.
We take your data protection seriously and have therefore adopted this privacy policy that informs you of how we process and treat your data.
Contact information
If you wish to contact us regarding our processing of personal data, you can do that by sending an email to: Group CFO/ gdpr@nordicpetcare.com
Processing of personal data
Personal data is every kind of information which in some way can be assigned to you. If you do not wish for us to process data about you, it may be difficult for us to adequately maintain or comply with the duties laid upon us in contracts or by legislation.
Potential clients
For you to become our client it is necessary that we gather the following data about you:
-
Name, e-mail address, phone number, company, title, IP-address and bank details if the web shop is used
We gather personal data about potential clients for the following purposes:
-
Possible cooperation or purchase transactions in the future
-
Administration of your relation to us
We gather the data about you on the following legal basis:
-
The company’s legitimate interest, which is to potentially create a new customer, necessi-tates the processing of these personal data and the company assures that meeting this le-gitimate interest will not hurt the data subjects’ rights.
We store the data in the period established by legislation and deletes the data when they are no longer relevant. The period depends on the character of the data and the reason for the pro-cessing. The data regarding potential clients will be deleted at the end of the agreement or when the correspondence is no longer relevant.
Clients
For you to be our client it is necessary that we gather the following personal data about you:
-
Name, e-mail address, phone number, company, title, IP-address and bank details if the web shop is used
We gather personal data about clients for the following purposes:
-
Processing of your purchase and delivery of our service
-
Administration of your relation to us
We gather the data on the following legal basis:
-
Processing happens on behalf of the purchase order
-
Processing happens on behalf of a legal obligation in the laws regarding accounting and book keeping
We store the data in the period established by legislation and deletes the data when they are no longer relevant. The period depends on the character of the data and the reason for the pro-cessing. The data regarding clients will be deleted at the end of the agreement.
Suppliers and partners
To be our supplier and partner it is necessary that we gather the following personal data about you:
-
Name, title, company, phone number, bank details
We gather personal data about suppliers and partners for the following purpose:
-
Processing of our purchases/services
-
Administration of your relation to us
We gather the data on the following legal basis:
-
Processing happens on behalf of the purchase order
-
Processing happens on behalf of a legal obligation in the laws regarding accounting and book keeping
We store the data in the period established by legislation and deletes the data when they are no longer relevant. The period depends on the character of the data and the reason for the pro-cessing. The data regarding suppliers and partners will be deleted at the end of the agreement.
Job applicants
When we receive your application, it will be read and processed by the following procedures:
The application with attachments is shared between the relevant employees in the recruiting process.
Personal data that appears in the recruiting process will be processed as follows:
-
Consent is given by the applicant in connection with the resume and application in recruit-ment system
-
Balancing of interests, as it is in both the company’s and the applicants interest that per-sonal data is processed in the recruiting process
We store your application with attachments until we find the right candidate for the job, and the recruiting process in ended. Then your application with attachments gets deleted.
We store unsolicited applications with attachments in a maximum of 6 months whereafter they get deleted.
If we want to store your application with attachments in more than 6 months, we will contact you to get you consent.
Your consent is voluntary, and you can withdraw it at any time by contacting us using the contact information above.
Other information about processing
Security
We have taken the necessary technical and organizational measures to prevent that your data ac-cidentally or illegally gets deleted, released, lost, impaired or is disclosed to unauthorized persons, abused or in any way processed without legal grounds. The data controller ensures that processing only takes place, when all principles of data protection are fulfilled (GDPR, art. 5).
Such methods include the use of firewalls, encryption technologies and safe server rooms, proper access control systems, the controlled provision of user rights and supervision of their use, provid-ing instructions for data processors, and the thorough selection of competent subcontractors who comply with industry standards for information security management.
Data minimization
We only collect, process, and store the personal data necessary to fulfill our purpose. Furthermore, it may be determined by law, what type of data it is necessary to collect and store in connection with our business practices. The type and the extent of the personal data we process can be de-termined by the need to comply with a contract or any other legal obligation.
Data is up to date
Since our service depends on the fact that your data is correct and up to date, we ask you to inform us about relevant changes in your personal data. You can make use of the contact information pro-vided above to inform us about your changes, then we will make sure to update your data. If we notice that any data is incorrect, we will update the data and inform you about this.
Passing on data
We use several third parties for storage and processing of data, including suppliers of IT solutions, accounting services, suppliers etc. These only process data on our behalf and may not use it for their own purposes. In relevant situations data is passed on to banks, delivery services, public au-thorities etc.
We only use data processors in the EU or third countries that has the necessary security guaran-ties, and companies in countries that can provide your data proper protection.
Joint Data Controllers (Social Media)
We use several social media platforms, i.e Facebook and Instagram, which is categorized as joint data controllers. Joint data controller means that no personal information is passed on, however both par-ties are responsible for the purpose and processing of the personal data done by them.
If customer statements are published, the legal basis is: consent.
Your rights
-
At any time, you have the right to be informed of what data we process concerning you, from where we have collected it and what we use it for. You may also be informed about how long we store your data, and who receives data concerning you, to that extent that we pass on data in Denmark and to foreign countries.
-
Upon request, we can inform you about what data we process concerning you. The access might be limited with respect to privacy protection, business secrets and immaterial rights.
-
If you think that the personal data, we process concerning you is incorrect, you have the right to have it corrected. In that case you must contact us and inform us what the correct information is. Make sure to be as precise as possible with your corrections, otherwise it may make it difficult or even impossible to comply with your request.
-
In some cases, we will have an obligation to delete your personal data. This is for instance the case if you withdraw your consent. If you think that your data is no longer necessary for the purpose for which we collected it, you can request for it to be deleted. You can also con-tact us if you believe that your data is processed in contravention of the law or other legal obligations. When you contact us with a request to have your personal data corrected or de-leted, we examine whether the requirements are fulfilled, and if that is the case, we make the changes or delete your data as soon as possible.
-
You can lodge a complaint with a supervisory Data Protection Agency in your country.
-
You have the right to object to the processing of your personal data. You can also object to our passing of your data for marketing purposes. You can make use of the contact infor-mation at the top to object. If your objection is justified, we make sure to stop the pro-cessing or passing of your personal data.
-
You can make use of data portability if you want your data transferred to another data con-troller or data processor.
-
On our own initiative, we delete your personal data, when it is no longer needed for the purpose for which we collected it.
When you contact us with a request to have your personal data changed or deleted, we look in to if the requirements are fulfilled, and if so change or delete the data as fast as possible.
You can make use of your rights by contacting us. You can find our contact information at the top.