data Policy

Why do we have a privacy policy?

We process personal data and have therefore adopted this privacy policy on the
processing of personal data. HallerupNet ApS is a data processor and we ensure that
personal data is processed in accordance with the legislation.

We have a fair and transparent data processing.

The personal data that customers make available to us in connection with the solution of
tasks is used only for this purpose. In principle, we do not collect data on customers from
others, such as a supplier, authorities or business partner. If this happens exceptionally,
we will inform the customer in question within 10 days after. We also disclose the purpose
of the collection and the legal basis that allows us to obtain this personal data.

We only process necessary personal data

We only collect, process and store the personal data necessary to solve the agreed
tasks. In addition, it may be determined by law what type of data is required to collect and
store for our business operations.

To protect customers from unauthorized access to customer data, we have internal

business procedures that ensure that only those employees for whom it is relevant and
necessary in relation to their work function are given access to the customer's personal
data.

We check and update personal data

We make sure that the personal data we process about customers is not incorrect,
incomplete or misleading. We also make sure to update personal data on an ongoing
basis as appropriate.

As our services depend on correct and up-to-date data, we ask the customer to inform us
of relevant changes in data. To ensure the quality of data, we have adopted internal rules
and established procedures for checking and updating personal data.

Security
We have adopted internal information security rules, which contain instructions and
measures that protect personal data from being destroyed, lost or altered, from
unauthorized disclosure, and against unauthorized access or knowledge.

We have established procedures for granting access rights to those of our employees
who process personal data. We control their actual access through logging and
supervision. To avoid data loss, we continually back up our data sets.

Our IT vendor continuously ensures that our IT equipment is up to date and has installed
appropriate security measures including firewall and virus protection.

In the event of a security breach that results in a high risk to the customer of
discrimination, ID theft, financial loss, reputation loss or other significant disadvantage,
we will notify the customer of the breach as soon as possible.
Cookies, purpose and relevance
We do not use cookies on our website.

Customer has the right to object to our processing of

personal data
Customer has the right to object to our processing of personal data. The customer may
also object to our disclosure of data for marketing purposes. If the customer's objection is
justified, we will stop processing and delete the customer's data unless we are required
by law to keep them.

Contact information if they wish to complain

Datatilsynet
Borgergade 28, 5
1300 Copenhagen K

Contact information on data controller

Lukas Holmbom Hansen
HallerupNet ApS
Overgaden Oven Vandet 48 E
1415 København K

We use this type of data about the customer

We use the personal data that the customer gives us so that we can solve the agreed
task. It also includes the data that appears in the customer's tax file to the extent that the
customer gives us access to it.

We only process relevant personal data

We only process customer data that is relevant and sufficient in relation to the purposes
underlying the collection. The objectives are to solve the tasks that have been agreed with
the customer.

The purpose is decisive for what types of customer data are relevant to us. The same
applies to the extent of the personal data we use. For example, we do not use more data
than the ones we need for the specific purpose, and we minimize the amount of data that
the customer must disclose.

If we wish to use personal data for a purpose other than the original, we inform the
customer of the new purpose and ask for the client's consent before we begin the data
processing with the new purpose in mind. If we have another legal basis for the new
treatment, we will inform the customer about this.

We delete personal data when they are no longer

needed
We delete the customer's personal data after the expiry of statutory deadlines, when they
are no longer necessary for the purpose that was the reason for the collection
We do not disclose personal data without the consent
of the customer
We do not disclose personal data to affiliates and other parties - for example, for use in
their marketing - unless we have agreed with the customer in connection with the
collection or obtain the consent of the customer after informing the client about what the
customer's data will be used for. The customer may at any time ask us to stop the
transmission of personal data, regardless of whether it has been agreed or the customer
has otherwise agreed to it.

However, we do not obtain the customer's consent if we are legally required to disclose
personal data, for example as part of a statutory reporting to an authority.

We use the following suppliers

The customer has the right to access his personal

data
The customer has the right at any time to be informed what data we process about the
person, where they originate and what we use them for. The customer can also be told
how long we keep personal data and who receives data about the customer to the extent
that we pass on data in Denmark and abroad.

However, access may be restricted for the privacy of other persons, for trade secrets and
intellectual property rights. The customer can make use of rights by contacting us.

Customer has the right to have inaccurate or deleted

personal data
If the customer believes that the personal data we process about the customer is
inaccurate or incorrect, the customer can of course contact us and have them corrected.

In some cases, we will have an obligation to delete personal data. This applies, for
example, if the customer withdraws their consent. If the customer believes that data is no
longer necessary for the purpose for which we obtained it, the customer may request that
it be deleted. The customer may also contact us if the customer believes that personal
data is processed in violation of the law or other legal obligations.

If the customer wishes to exercise his right to data

portability, the customer will receive personal data
from us in a commonly used format
The customer has the right to receive the personal data that the customer has made
available to us and those we have collected about the customer from other players based
on the customer's consent.

Generally about the customer's use of his rights

If the customer wants to access data, have it corrected or deleted, or object to our data
processing, we will investigate if possible and respond to your inquiry as soon as
possible and no later than one month after we have received the inquiry. .