Privacy Policy for online events via Zoom
At Djøf, data security and confidentiality are key priorities. This Privacy Policy applies to the personal data you provide in order to participate in online courses and seminars, etc. ('online event(s)') held by Djøf via the website: https://zoom.us/meetings (the ’Website’).
The Privacy Policy lays down the framework for Djøf's processing of your personal data when you participate in webinars, and provides the information you are entitled to receive under current data protection law.
1. Data controller and contact details
Djøf is the data controller of the personal data you provide in order to participate in online events held and hosted by Djøf via the Website (see sections 3 and 5 below):
Djøf
Address: Gothersgade 133, 1123 Copenhagen K, Denmark
Business reg. (CVR) no.: 17 51 71 12
Email: dk¤djoef¤djoef
Tel.: 33 95 97 00
2. Other data controllers etc.
The Website and related services are operated and owned by the company Zoom Video Communications, Inc. ('Zoom'). In some situations, Zoom will therefore act as a data controller in its own right with regard to the processing of your personal data via the Website, among other things to ensure that the Website is secure, to ensure the proper functioning of the Website (including in the form of required cookies) and to ensure compliance with the Website's Terms of Service. In such cases, reference is made to Zoom's own Privacy Statement. Djøf is not responsible for Zoom's processing of personal data as a data controller.
In other cases, Zoom will only process personal data on behalf of Djøf to facilitate the online events. In such cases, Zoom is Djøf's data processor (see section 6 below).
3. Types of personal data
The general personal data which Djøf collects about you in connection with your participation in online events may include:
- user name
- password
- your name
- your email
- your employer
- your job position
- your photo
- your voice
- which webinar you have attended
- any correspondence
- feedback
- user satisfaction survey responses
In cases where the online events are only available to our members (Djøf's members-only events), it will also be possible – in addition to the above data – to indirectly infer personal data in the form of trade union affiliation, which is sensitive personal data.
4. Use of personal data
Djøf collects and processes your personal data for the following purposes only:
- To record your registration for a course or seminar.
- To enter into an agreement with you about participation in an online event, which is a condition to being able to provide the relevant course or seminar.
- To create a profile via the website.
- Service notifications.
- Circulation of subsequent user satisfaction surveys.
- Compliance with requirements under applicable law.
- Surveys, statistical data and development.
- Sharing of data with Zoom to allow them to enforce their terms of service.
- For the establishment, exercise or defence of a legal claim.
5. Legal basis for processing your personal data
For your general personal data, the legal basis of processing for the above purposes is as follows:
- For the performance of an agreement with you for participation in an online event (article 6(1)(b) of the GDPR).
- Legitimate interest in sharing your general personal data with other participants in the online event (article 6(1)(f) of the GDPR).
- Legitimate interest in preparing statistical data, making surveys and improving our own services and products (article 6(1)(f) of the GDPR).
- Legitimate interest in sending out service notifications when necessary (article 6(1)(f) of the GDPR).
- Legitimate interest in sending out customer satisfaction surveys concerning the online events (article 6(1)(f) of the GDPR).
- Legitimate interest in establishing, exercising and defending a legal claim (articles 6(1)(f) and 9(2)(f) of the GDPR).
We will obtain prior consent from you to share information about your trade union affiliation with other participants in connection with members-only online events (article 9(2)(a) of the GDPR).
6. Transfer to data processors and sharing with other data controllers
In order to fulfil the above purposes, we may give access to your personal data to third parties which provide relevant services to Djøf based on a contractual relationship. By way of example, this could be information technology suppliers (including Zoom) and email providers. Such service providers will only process personal data in accordance with our instructions pursuant to data processor agreements concluded.
If your personal data are transferred to data processors located in non-EU/EEA countries which do not provide an adequate level of protection (including Zoom and some of Zoom's sub-processors), such transfer will be safeguarded by the standard contractual clauses of the European Commission or the EU-US Privacy Shield certification.
As a general rule, your personal data will not be disclosed to a third party without your permission. However, it may be necessary in some cases and in accordance with the law to disclose your personal data to:
- the police
- lawyers
- auditors and accountants
- courts
- public authorities
As mentioned above, it should also be noted that some of your personal data will be shared with other persons participating in the online event.
7. Retension of personal data
We will erase your personal data when we no longer need to process them to fulfil one or more of the purposes set out above. As a general rule, your personal data will be erased three years after your participation in an online event. However, personal data in the form of audio, video and your voice will be erased immediately as the online events are not recorded. However, it may be necessary for Djøf to process the above personal data for more than three years and for other purposes than those mentioned above, depending on your affiliation with Djøf.
If you have consented to personal data about your trade union affiliation being shared with other participants in the online event, the consent form will be kept for five years as from the date of your consent.
Furthermore, if depersonalised, the data may be processed and stored longer.
8. Confidentiality
As already stated in a separate notice, participation in online events held by Djøf is strictly confidential. This means in particular that you are not allowed to share personal data about the other participants with third parties. It also means that it is strictly forbidden to film and record the online events via programs installed on the computer or using a mobile telephone.
9. Security
Djøf and Zoom have implemented appropriate security measures to protect the quality and integrity of your personal data. The security measures implemented include policies, procedures and recovery plans as well as confidentiality, encryption, firewalls, audits and training courses for Djøf and Zoom employees.
10. Your rights
- You have the right to access the personal data we process about you.
- You have the right to object to our collection and further processing of your personal data.
- You have the right to rectification or retension of your personal data, subject to certain statutory exceptions.
- You have the right to request restriction of your personal data.
- In some cases, you may also request a copy of your personal data and for your personal data to be transmitted to another controller (data portability).
- You have the right to withdraw any consents given.
11. Right to withdraw consent
If a processing operation is based on your consent, you have the right to withdraw consent at any time. You may withdraw consent by contacting us via the contact details set out in "Data controller and contact details" above. If you decide to withdraw consent, this will not affect the lawfulness of our data processing based on consent before its withdrawal. Thus, any withdrawal of consent will take effect on withdrawal.
12. Questions and complaints
If you have any questions about this Privacy Policy or if you wish to lodge a complaint about our processing of your personal data in relation to the online events, please contact Djøf's Data Protection Officer:
Trine Lund Jensen (DPO)
Tel.: 33 95 01 88
Email: dk¤djoef¤dpo
You may also lodge a complaint with the Danish Data Protection Agency:
Datatilsynet
Tel.: 33 19 32 00
Email: dk¤datatilsynet¤dt
If you have questions of a technical nature concerning webinars, please contact Zoom: https://support.zoom.us/hc/en-us
13. Changes to the Privacy Policy
We reserve the right to change this Privacy Policy from time to time. In case of any changes, the date at the top of the Privacy Policy will also change. In case of material changes, you will be notified by email.