Identity and contact details
Ejby Industrivej 91
2600 Glostrup, Denmark
Data Protection Officer (DPO): email@example.com
Our DPO will be able to answer questions concerning our data protection compliance, your rights, your clients' rights, and our security measures if you can’t find the information here. If you'd like to use our services, and this includes that we process personal data on behalf of you, we need to enter a Data Processing Agreement (DPA). Fiftytwo always has an updated DPA available.
Purpose and legal basis
The purpose of our data processing is separated in two:
- When we process your client data on behalf of you, we are the processor, and you are the controller. The purpose of the processing is to fulfill the agreed service, and the legal basis for the processing is contractual (Art. 6(1) b).
- When we process data that we collect about you, we are the controller. The purpose is to give you the best experience at our website, to adjust our content to your preferences, to keep track of our customers and potential customers (CRM), and to send you relevant newsletters. The legal basis is legitimate interests (Art. 6(1) f). You can always withdraw your consent, and you can decline our cookies if you do not want us to place them on your device. If you decline our cookies, please note that this will affect your user experience on the website. Please read the following for more information about cookies. We also monitor our site with Google Analytics.
We wish to give you the best possible experience on our website and only show relevant content. That’s why we use first and third-party cookies to collect information about your interactions with our website. You can decline cookies at any time and read more about how we store your data here.
We cannot do everything ourselves, but we do wish to give you a fantastic service meeting the functional requirements you have. This means that we use third-party vendors to help us. We asses all our third-party vendors and make sure that they deliver state of the art functions and that they are reliable when it comes to meeting our security requirements. If they are placed outside the EEA, we make sure to have the right legal basis for the transfer. Our current third-party vendors are:
Retention of data
When we process data on behalf of you, we have a strict policy of retention. We delete your data within three months of ended support, or on the agreed frequency you have given as an instruction. Regarding data we collect about you, we evaluate case by case if there is a legal basis (work-related purpose) to keep the data. If not, we delete them at our yearly record retention day. If you want us to delete your data, please contact our Data Protection Officer, then she will assess if there are conflicting demands or if we can meet your request.
When processing your data, you have the right to gain insight into the personal information we keep, and you can object to how we process your data. You also have the right to ask us to hand out, correct, or delete your data if it isn't in conflict with other governing legislation. Furthermore, you have the right to ask us to transfer your data to another service provider. If our processing of your personal information is based on your consent, you have the right to retract your consent, which means that processing will terminate. It applies unless we, according to current legislation, are required to process personal information.
The same rights are applicable when it comes to your client data (the end data subject). Still, the process differs in a sense, that we will never initiate fulfilling the data subject's rights unless we have a written approval from the controller. This means that the end data subject will have to contact the controller (our customer) before we can meet the requirement.
Fiftytwo works continuously on meeting a high degree of data- and IT security, physically and digitally, by ensuring our facilities and our networks according to applicable standards. We only collect and process data when there is a clear work-related purpose. We collect data for common CRM, newsletter mailing lists, and statistics of website traffic and, of course, when you entrust us with your client data. To ensure that data are accordingly protected, we do not differentiate between customers in relation to the security level but enforce the highest standard from the collection of DPA's we have with all our clients and from state-of-the-art technology. We base our products on Microsoft technology and carefully pick out our cooperation partners when utilizing third party services. Your client data are encrypted at all times both at rest and in transit, and your data are based at a secure location in Denmark.
If you have any questions or have objections to our data collection and processing, please contact our Data Protection Office at firstname.lastname@example.org
Contact the Data Protection Agency if you have any complaints at www.datatilsynet.dk