Recipients or categories of recipients
In some cases, Djøf will transfer the personal data we process about you to third parties. Your personal data may be transferred:
- To suppliers and other business partners. For example, this could be service providers and membership discount partners.
- In connection with purchases from our website or the use of our services. For example, when you buy a course on djoef.dk.
- If so required by judicial decision or applicable law. For example, this could be our duty to report your membership dues to the Danish tax authorities.
Data transfers to recipients in third countries, including international organisations
We do not use any non-EU data processors. A few of our suppliers use non-EU sub-processors. We will allow data to be processed outside the EU only if the data processing is carried out in a safe third country or if the basis of transfer provides sufficient guarantees (eg. the standard contractual clauses adopted by the Commission).
If you wish to use one of our services which involves the transfer of your personal data to a recipient in a third country, we will inform you where (country) your data will be processed in connection with your use of the service in question.
Specifically on the use of Deep Lex as supplier
When Djøf reviews an employment contract at the request of a Djøf member, the review will include an automated analysis of the employment contract and feedback to the member in question. In addition, we will use the member's data as provided in the employment contract for data utilisation for statistical purposes as an ongoing part of our advice to members.
Djøf's analysis of the contract will include extraction and analysis of the member's data such as job position, pay level and other terms of employment which are assumed to be included in the employment contract, see section 2 of the Danish Statement of Employment Particulars Act (ansættelsesbevisloven). Djøf will process the member's personal data from the employment contract in connection with the automated analysis. The data in question are name, email address, postal address, civil registration (CPR) number, position, pay and other personal data provided in an employment contract, see section 2 of the Danish Statement of Employment Particulars Act.
Djøf cooperates with the supplier Deep Lex ApS as data processor for purposes of the automated analysis.
Personal data in connection with analysis will be erased no later than after one year.
Personal data
Categories of personal data
The personal data processed by Djøf are mostly general personal data such as name, address, educational background and employment-related data.
However, your membership of Djøf is sensitive personal data, and when we process data which involve your membership, whether directly or indirectly, we will obviously take the sensitive nature of the data into account.
We also process data about your civil registration number, which we use to report information to the Danish tax authorities to ensure the deductibility of your membership dues.
If you receive specific advice from Djøf, the advice may also involve the processing of sensitive personal data such as health data.
Sources of your personal data
We collect data from the following sources:
- Data provided by you. For example, when you join Djøf or if you create a profile on mitdjoef.dk.
- Data obtained through your use of our services. We collect data about the services you use and how you use them, eg. when visiting djoef.dk.
- Data obtained from other sources. In a few cases, we obtain data from other sources such as your union representative or public authorities.
Retention periods
We will store your data for as long as you are a member of Djøf. If you leave Djøf or if you die, we will generally erase your data no later than ten years after your membership ended.
Please note that in some situations other retention periods may apply, depending on the nature of the data in question. If another retention period applies, you will be informed.
Right to withdraw consent
If a processing operation is based on your consent, you have the right to withdraw consent at any time.
You may withdraw consent by contacting us via the contact details set out in "Data controller and contact details" above. If you decide to withdraw consent, this will not affect the lawfulness of our data processing based on consent before its withdrawal. Thus, any withdrawal of consent will take effect on withdrawal. If a processing operation is based on consent, you must have given your consent before the processing starts. We will always inform you when your consent is needed.
Security measures
Djøf will keep your personal data in a safe and secure manner. At Djøf, we have implemented technical as well as organisational security measures to protect your personal data against accidental or unlawful destruction, loss or alteration and against unauthorised disclosure or use or other processing in violation of applicable law.
Djøf's security measures are regularly checked to ensure that your personal data are safe and your rights are observed.
Changes to Djøf's Privacy Policy
This Privacy Policy is subject to change at any time without notice with effect for the future. In case of major changes, Djøf's members will be notified. The new version of the Privacy Policy will become effective on such notification.