Privacy Policy

What is personal data?

Personal data is any type of information relating to an identified or identifiable natural person, i.e. all types of information that can be directly or indirectly linked to a person such as a name, private address, e-mail address or a social security number.

Where does your data come from?

The Danish Competition and Consumer Authority processes the personal data that you provide to us or that we receive about you from other authorities, companies, citizens or others.

The Danish Competition and Consumer Authority can also obtain your personal data from other authorities, companies, citizens or others when it is necessary for the performance of our tasks.

When may we use your data?

The Danish Competition and Consumer Authority primarily processes your personal data in order to carry out its tasks and legal obligations, cf. article 6(1)(c) and article 9(2)(f) and (j) of the General Data Protection Regulation (GDPR), or as part of the exercise of authority, cf. article 6(1)(e) of the GDPR.

Our newsletters are sent on the basis of consent, cf. article 6(1)(a) of the GDPR.

Where is your data processed?

At the Danish Competition and Consumer Authority, your personal data may be processed in the authority’s IT systems, e.g. in the case management system and joint state IT systems.

Who has access to your data?

Employees of the Danish Competition and Consumer Authority have access to your personal data to the extent that it is necessary for processing your inquiry or carrying out the Authority’s tasks. The employees are subject to a duty of confidentiality during and after their employment to ensure the confidentiality of your personal data.

The Agency for Governmental IT Services is the data processor for the majority of the Danish Competition and Consumer Authority’s processing of personal data. The Agency for Governmental IT Services and other data processors only have access according to instructions from the Danish Competition and Consumer Authority and only to the extent that is necessary to carry out the Authority’s tasks.

How and for how long do we retain your data?

Your personal data is stored securely and confidentially in IT systems with controlled and restricted access and on servers located on specially secured premises. We work continuously to protect the confidentiality of the data we process and to secure data against unauthorized access, alteration, publication or destruction.

Your personal data is stored for as long as it is necessary to be able to fulfill our obligations as a public authority and to be able to comply with applicable legislation, including the Danish Archives Act.

When do we pass on your data?

The Danish Competition and Consumer Authority only passes on your personal data when it is necessary for the authority’s general performance of tasks, e.g. in connection with a hearing of parties to a case, or if it is necessary for other authorities’ tasks. At the same time, we pass on your personal data if it is required by law, e.g. the rules on access to documents in the Danish Public Information Act.

Moreover, we will pass on your personal data to other public authorities when it is necessary for the processing of your inquiry or case.

What are your rights?

The General Data Protection Regulation provides you with a range of rights in articles 13-18 and articles 20-22.

In the following, your rights are described more generally. If you would like a more detailed description of your rights, you can read the regulation or the Guidelines on the rights of data subjects from the Danish Data Protection Agency or contact our Data Protection Officer at dpo@em.dk.

The right to be notified that your data is being processed

The Danish Competition and Consumer Authority must provide you with a range of information if we process your personal data. This applies both when we receive your data from you but also when we receive the data from others than yourself.

You must be given information concerning:

The data controller
Contact information of the Data Protection Officer
The purposes of and legal basis for the processing of your personal data
The categories of personal data we process about you
Where your personal data originates
Who receives your personal data
How long your personal data will be stored or the criteria used to determine that period
Your right to request rectification or erasure of your personal data or restriction of the processing of your personal data
Your right to complain about our processing of your personal data

The Danish Competition and Consumer Authority can refrain from providing the information if it is impossible or will require a disproportionately large effort, or when it is assessed that you can be assumed to be familiar with the information.

In addition, the obligation to provide information in the General Data Protection Regulation do not apply to cases and investigations under the Danish Competition Act, cf. section 13 a of the Danish Competition Act.

The right to access to your data

You can request access to the personal data that the Danish Competition and Consumer Authority processes about you. This entails that you have the right to access the personal data we have about you and receive the following information about how and why we process your data:

The purposes of and legal basis for the processing of your personal data
The categories of personal data concerned and, if possible, where they originate
The recipients of your personal data
How long your personal data will be stored or the criteria used to determine that period
Your right to request rectification or erasure of your personal data or restriction of the processing of your personal data

The Danish Competition and Consumer Authority can decline your request for access if you will thereby obtain information that may infringe the rights and freedoms of others.

In cases and investigations under the Danish Competition Act, you do not have the right to access, cf. section 13 a of the Danish Competition Act.

Furthermore, the right to access is restricted when we receive your personal data in connection with the preparation of general analyses whereby the processing is exclusively for statistical or scientific use, cf. section 22, subsection 5 of the Danish Data Protection Act.

The right to rectification of your data

You have the right to rectification of inaccurate personal data concerning you without undue delay and you have the right to have incomplete personal data completed.

However, the right to rectification is restricted when we receive personal data in connection with the preparation of general analyses whereby the processing is exclusively for statistical or scientific use, cf. section 22, subsection 5 of the Danish Data Protection Act.

The right to erasure of your data

You have the right to erasure of your personal data without undue delay. However, as a general rule, it is not possible to delete information as a result of the Danish Administrative Act, Public Information Act and Archives Act which apply to public authorities. Therefore, you cannot have your data deleted as long as it is necessary to fulfill the purposes of the Danish Competition and Consumer Authority’s processing of it or if erasure would conflict with our obligations under applicable laws.

The right to restriction of processing of your data

In certain circumstances, you have the right to have our processing of your personal data restricted, e.g. while it is being investigated whether your data is correct or if the data is necessary to establish a legal claim.

Information security

It is a high priority for the Danish Competition and Consumer Authority to protect citizens, companies and the Authority against unauthorized access, alteration, publication or destruction of the information we process. We pay particular attention to securing your data and therefore have a sufficient level of information security for all employees and business partners as well as in all of our IT resources, e.g. IT systems, hardware and electronic data media.

The right to appeal

You can complain to the Danish Data Protection Agency or the Danish courts about the Danish Competition and Consumer Authority’s processing of your personal data if you believe that the processing is in breach of the data protection regulation. You can find the Danish Data Protection Agency’s contact information at datatilsynet.dk.

The Data Protection Officer

The Ministry of Industry, Business and Financial Affairs has appointed a Data Protection Officer who is also the Data Protection Officer for the Danish Competition and Consumer Authority. The Data Protection Officer’s task is, among other things, to inform and advise us about our obligations in the General Data Protection Regulation and Danish Data Protection Act. At the same time, the Data Protection Officer monitors the Danish Competition and Consumer Authority’s compliance with the GDPR and ensures that the Authority complies with the rules.

The Data Protection Officer can provide further information about the rules for data protection and guide you about your rights in relation to the processing of your personal data by the Danish Competition and Consumer Authority.

The Data Protection Officer can be contacted at the e-mail address dpo@em.dk or on the phone number +45 33 92 33 50. You should be aware that if you wish to send secure digital mail, you must send it to the Ministry of Industry, Business and Financial Affairs’ main mailbox em@em.dk which forwards it to dpo@em.dk.

Cookies

The Danish Competition and Consumer Authority’s use of cookies on its websites is described in the cookie policy.