‘Personal data’ means any information relating to an identifiable natural person, such as the person’s name, e-mail address, civil registration (CPR) number and home address as well as information about the person’s physical, mental, economic, cultural or social situation. The definition of ‘personal data’ does not extend to information about legal persons.
The relevant data protection rules currently governing our processing of personal data are laid down in the General Data Protection Regulation (Regulation 2016/679 of 27 April 2016) and the Danish Data Protection Act (Act no. 502 of 23 May 2018).
The legal entity which is the data controller in respect of the processing of the personal data we have received about you is:
Loeven Advokatfirma P/S
Company reg. (CVR) no.: 37 34 96 74
1256 Copenhagen K
Tel.: +45 70 60 50 26
If you have any questions regarding our processing of personal data or your rights, please contact Attorney Michael Lund Nørgaard on tel. +45 24 93 02 68 or by e-mail to firstname.lastname@example.org.
For purposes of your inquiry, please provide sufficient information for us to process it, including your full name and your e-mail address, so that we can identify you and reply to your request. We will reply to your inquiry as soon as possible.
DESCRIPTION OF PROCESSING
‘Processing’ of personal data means any operation which is performed on personal data, such as collection, recording, structuring, organisation, storage, adaptation, alteration, consultation, use or disclosure.
For purposes of providing services to our clients, Loeven collects, processes and stores certain general personal data about you, including contact information such as your name, position, e-mail address, telephone number and home address. We collect information directly from you or from a third party, such as our clients, public authorities or databases.
Job applications will be answered in the form of an invitation to a job interview or a rejection. If we do not have any vacant positions but wish to keep your application, we will retain your application.
BASIS FOR PROCESSING
The legal basis for our processing of general personal data is section 6(1) of the Danish Data Protection Act, see article 6(1)(b) of Regulation 679/2016, if you, in your capacity as a client, are a person, as the processing is necessary for the execution or performance of the agreement for legal assistance with our client. In other cases, including if you are employed with our client, are a counterparty or another person of relevance to the processing of a case, the basis for the processing is section 6(1) of the Danish Data Protection Act, see article 6(1)(f) of Regulation 679/2016, the legitimate interest being to advise on, enforce or defend our client’s interests.
For purposes of recording information in the databases of public authorities (e.g. virk.dk, tinglysning.dk or minretssag.dk) or assisting you in connection with a transaction, we need to process certain general personal data about you, including your civil registration (CPR) number, to be able to identify you. The basis for processing civil registration (CPR) numbers is Loeven’s obligation to comply with the provisions of the Danish Anti-Money Laundering Act, the Danish Registration of Property Act and/or the Danish Companies Act, see section 11(2)(i) of the Danish Data Protection Act, cf. article 87 of Regulation 679/2016, and that processing is necessary for the establishment, exercise or defence of legal claims, see section 11(2)(iv), cf. section 7(1), of the Danish Data Protection Act, cf. article 87 of Regulation 679/2016.
For purposes of processing criminal cases, we will in some cases process data concerning criminal convictions and offences. The basis for processing data concerning criminal offences is that it is necessary for the pursuit of a legitimate interest which clearly overrides the interests of the data subject, see section 8(3), second sentence, of the Danish Data Protection Act, cf. article 10 of Regulation 679/2016.
Under certain defined circumstances, Loeven will process sensitive personal data about you, such as data concerning your health or trade union membership. We will only process such data if and to the extent that processing is necessary for the establishment, exercise or defence of legal claims, see article 6(1)(a) and (e) and article 9(2)(a) and (f) of Regulation 679/2016.
We will treat your personal data as confidential.
In the course of our case processing, we will exchange your data with counterparties and courts. Furthermore, we will exchange your data with public authorities if we have obtained your data for the purpose of exchanging data with public authorities, for example in connection with the registration of changes in companies.
We will store your data for as long as is required to fulfil the purpose for which your personal data were obtained, following which the data will be erased.
If we decline your job application, we will immediately erase your personal data. If we do not decline your application right away, we will store your application for a maximum period of six months, following which your data will be erased.
We use Visma e-conomic A/S for the handling of invoices, DocuSign, Inc. for electronic signing of agreements and Microsoft Ireland Operations, Ltd. and UNIX Hosting for electronic document management. A list of our data processors may be obtained by contacting the contact person stated above.
As a data subject, you have the right to request access to the personal data we process about you and information about the source from which they originate, the purpose of our processing, the recipients of data concerning you and the extent to which they are disclosed.
You have the right to object to our processing of your personal data and the right to request rectification or erasure of your personal data if they are incorrect, incomplete or irrelevant.
However, in exercising your rights, you may be restricted by law or by any essential private interests deemed to override your interests.
If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of your consent will not prejudice the legitimacy of any consent-based processing prior to the withdrawal. If you withdraw your consent, the processing of your personal data will cease and your personal data will be erased unless, for purposes of e.g. documentation, there is a legitimate basis for continued storage.
For more information about your rights, go to: https://www.datatilsynet.dk/media/6565/registreredes-rettigheder.pdf.
If you disagree or are dissatisfied with our processing of your personal data, please contact us. You can also lodge a complaint with the Danish Data Protection Agency, which is the Danish data protection supervisory authority:
The Danish Data Protection Agency
Carl Jacobsens Vej 35
Tel.: +45 33 19 32 00
CHANGES TO THE POLICY
We reserve the right to change the policy as required by material legislative changes, new technological solutions or new or improved functionalities or for purposes of optimising our website.
The policy was most recently updated on 15 December 2021.