Thank you for visiting the website www.gpv-group.com (“website”) owned and published by GPV International A/S, Lysholt Allé 11, DK-7100 Vejle, Denmark, company registration no. 66945715.
This privacy notice describes how your personal data will be processed when you use the website by GPV International A/S (“GPV DK”), who is the data controller for the processing activities regarding the website according to the General Data Protection Regulation (“GDPR”).
This privacy notice further describes how your personal data will be processed in case you communicate with one of the companies within GPV group in EU/EEA listed below. In these cases, the GPV company, which you communicate with, will be the data controller for your personal data according to the GDPR:
- GPV Group A/S
- GPV International A/S
- GPV Austria GmbH
- GPV Austria Cable GmbH
- GPV Germany GmbH
- GPV Slovakia s.r.o
- GPV Estonia AS
- GPV Finland Oy
- Enics Raahe OY [name change of this legal entity to “GPV Finland (Oulu) Oy” is currently ongoing]
- Enics Slovakia s.r.o [name change of this legal entity to “GPV Slovakia (Nova) s.r.o” is currently ongoing]
(collectively referred to as ”we”, ”us”, ”our”)
If you have any questions about or comments to this privacy notice, you are welcome to contact us by using the following contact details:
GPV International A/S
Lysholt Allé 11
Types of personal data processed, processing purposes as well as legal basis and storage period for the personal data processed
When you visit the website, GPV DK will collect and process personal data about you for the purpose of generating statistics to improve the website and optimize your browsing experience, including:
a. IP address
b. Approximate location at the city or zip-code level.
c. Information about your device and browser as well as your search behaviour and use of the website
If you consent to receive our News & Magazine, we will collect and process personal data about you for the purpose of sending you direct marketing, including:
a. Full name
b. Email address
These personal data is processed in accordance with your consent, cf. GDPR article 6(1)(a). You can withdraw your consent at any time by using the contact details provided at the top of this privacy notice. If you withdraw your consent, this will not affect the lawfulness of any prior processing.
The personal data will be deleted when you withdraw your consent or after a period of 12 months where we have not had any communication with you. However, documentation for your consent will be stored for a period of up to five years after the consent has been withdrawn or has expired, and the legal basis for such processing is our legitimate interest in being able to document a prior consent, cf. GDPR article 6(1)(f), where it is deemed to override your interest in not having the data processed.
Correspondence with you
If you contact us or communicate with us , we will process the personal data that you provide to us for the purpose of replying to your query. The personal data may in addition to the subject matter of your query include:
a. Full name
b. Contact details
c. Title and working place
The processing is based on our legitimate interest in being able to reply to your query, cf. GDPR article 6(1)(f), where it is deemed to override your interest in not having the personal data processed.
The personal data will be deleted when there is no longer any reason to believe that further correspondence will be necessary, however, no later than 5 years from the latest correspondence, unless the communication is used to establish, exercise, and defend our legal rights.
If you have registered for the myGPV customer portal, GPV DK will collect and process personal data about you for the purpose of administering your account, including:
a. Fll name
b. Contact details
c. Username and password
The processing of personal data is necessary for the performance of a contract, and thus the legal basis for GPV DK’ processing is the agreement regarding your access to myGPV customer portal, cf. GDPR article 6(1)(b). You can read more about myGPV customer portal here.
The personal data will be deleted when you cancel your account.
We may also process your personal data in order to establish, exercise or defend our legal rights in connection with a dispute, a complaint or an investigation initiated by a public authority.
In such case, the legal basis for our processing is our legitimate interest in being able to establish, exercise or defend our legal rights, cf. GDPR article 6(1)(f), where it is deemed to override your interest in not having the personal data processed.
The personal data will be deleted (if there is no other legal basis for retaining the data) when, following a specific assessment, it is deemed that the data is no longer considered necessary for the purposes of the dispute, complaint or investigation.
Transfer of personal data to third parties
Your personal data may be transferred to the following third parties:
a. Group companies.
b. Service providers and suppliers assisting in our business activities, including for example hosting providers and suppliers of IT services
c. External advisers.
d. Other third parties involved in a merger or acquisition involving all or part of our business or its assets.
If a third party processes your personal data outside the EU/EEA, this will take place based on the EU Commission’s Standard Contractual Clauses (“SCCs”) and a risk assessment. You may request a copy of the SCCs regulating the transfer of personal data by contacting us via the contact details stated above.
In certain circumstances, you have the following rights under the data protection law:
a. Right to access:
You are entitled to request information about or access to your personal data. However, there are exceptions, and you will not always be entitled to receive all the information that we process.
b. Right to rectification:
You are entitled to obtain rectification of incorrect personal data concerning you. You are also entitled to have incomplete personal data completed.
c. Right to erasure:
In certain instances, you are entitled to request the erasure of personal data concerning you.
d. Right to restriction of processing:
In certain instances, you are entitled to obtain restriction of the processing of your personal data.
e. Right to data portability:
You have the right to receive a copy of your personal data in a structured, commonly used and machine-readable format. If technically feasible, you have the right to request that your personal data be transmitted directly to another company or person acting as data controller.
f. Right to object:
You are entitled to object to the processing of your personal data. This means that you can stop or prevent the processing of your personal data. However, this applies only in certain cases, and we are not compelled to stop the processing of your personal data if there are legitimate grounds for continuing such processing.
How to exercise your rights :
If you wish to exercise the above rights, you are welcome to contact the GDPR team at GPV on firstname.lastname@example.org.
In order for us to process your request appropriately and in due time, we kindly ask you to specify and describe your request in detail, including by providing the relevant identification, so we are able to identify you. We will on the basis of your request process your personal data to the extent possible and required in order to comply with our legal obligations, cf. art. 6(1)(b) of the GDPR and to protect our legal rights, cf. art. 9(2)(f) of the GDPR.
Your request will be handled at our costs, unless the request assess is considered abused or non-justified use.
The right to complaint:
You also have the right to complain if you disagree with or disapprove our processing of your personal data. If you wish to complain about our processing of your personal data, you should contact the national data supervisory authority within the country, where you are located, which are:
- In Austria: Österreichische Datenschutzbehörde (www.dsb.gv.at)
- In Denmark: Datatilsynet (www.datatilsynet.dk)
- In Estonia: Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) (www.aki.ee)
- In Finland: Office of the Data Protection Ombudsman (www. tietosuoja.fi)
- In Germany: Der Bundesbeauftragte für den Datenschutz und die In-formationsfreiheit (www.bfdi.bund.de)
- In Slovakia: Úrad na ochranu osobných údajov (www.dataprotection.gov.sk)
- In Sweden: Datainspektionen (www. imy.se/en/)