Privatlivspolitik - wismogroup.com

WISMO GROUP A/S
Hovedvejen 1
2600 Glostrup
Denmark

The purpose of this privacy policy is to inform you about what information we process about you and what your rights are in this regard. We therefore encourage you to read the policy and familiarize yourself with the processing.

PROCESSING OF YOUR DATA

Contact form
When you contact us.
Purpose: To support or inform you.
Category: General personal data: Name, e-mail, other information you provide in connection with your inquiry.
Source: The data subject themselves.
Basis for processing: Article 6(1)(f)
Sensitive data: Article 6(1)(a)
Disclosure: Within the group if necessary to fulfill the purpose, see section “Disclosure”.
Storage: Your data will be deleted when no longer needed to fulfill the purpose.

Applications
When you register in our job database or submit applications through our career database Emply.
Purpose: Recruitment and hiring.
Category: Name, email, phone number and other information provided in the CV or application.
Source: The data subject themselves.
Legal basis: Article 6(1)(f) – our interest in reviewing data in order to recruit and our interest in retaining data in case of a dispute regarding the recruitment process.
Disclosure: The data is disclosed internally within the group if necessary to fulfill the purpose, including relevant manager.
Storage: 6 months from the end of the recruitment process.

When you send applications to our email, via contact form, by letter and the like.
Purpose: Recruitment and hiring.
Category: Name, email, phone number and other information provided in the CV or application.
Source: The data subject themselves.
Legal basis: Article 6(1)(f) – our interest in reviewing data in order to recruit and our interest in retaining data in case of a dispute regarding the recruitment process.
Disclosure: The data is disclosed internally within the group if necessary to fulfill the purpose, including to the relevant manager.
Storage: 6 months from the end of the recruitment process.

Website
When you visit our website.
Purpose: To keep statistics on the use of our website to improve the website.
Category: General personal data: IP address.
Source: The data subject himself.
Legal basis: Article 6(1)(a) – cookie consent
Disclosure: The data is disclosed internally within the group if necessary to fulfill the purpose.
Retention: Deleted according to our cookie policy, which you can find in the bottom left corner

Disclosure
Wismo Group is the parent company for a number of car-related divisions with several cross-collaborations.
Your data is therefore shared internally within the company to the extent necessary to ensure the fulfillment of your agreement. Disclosure within the group is based on Article 6(1)(b) and (f) of the General Data Protection Regulation, balancing our legitimate interest in disclosing general personal data within the group to perform tasks across the group against the data subject’s interest in data not being disclosed. Our interest is paramount, as it does not seem to be of particular importance to the data subject whether it is one group company that performs the task or the other. However, it must be important to the data subject that the right competence handles the task in which personal data is to be processed. Personal data is only shared to pursue or support the above purposes.

We also disclose your data at the request of authorities and in contexts where we are required to do so by law. We use a number of data processors to pursue the stated purposes. The data processors may therefore have access to your data to the extent necessary to perform a given task. Data processing agreements have been entered into with all data processors so that your data is processed according to our instructions. In addition, we share data with partners where it is necessary to fulfill the purpose.

Your rights
Below you can read about your rights. If you want to exercise your rights, you can contact us via info@wismogroup.com.

Right of access: You have the right to know what personal data we process about you and to receive information about the processing.
Right to rectification: You have the right to have inaccurate information about yourself corrected.
Right to erasure: In some cases, you have the right to have information about you erased before our established erasure deadline.
Right to restriction of processing: You have the right to have the processing of your personal data restricted.
Right to object: You have the right to object to our processing of your personal data.
Right to data portability: You have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transferred from one controller to another.
Right not to be subject to automated decision-making: You have the right not to be subject to automated decision-making based solely on automated processing, including profiling.

Complaints to the Danish Data Protection Agency
You have the right to file a complaint with the Danish Data Protection Agency if you disagree with our processing of your personal data. You can read more about your rights, how to complain and find the Danish Data Protection Agency’s contact details at www.datatilsynet.dk

Data Ethics Policy
At Wismo Group, we are aware of the data ethical responsibility that comes with the rapid technological development and have therefore defined an ethical framework for the use and processing of data that is in line with the legal requirements for data handling found in the EU General Data Protection Regulation (GDPR) and data protection legislation.

Data ethical values
Propriety and responsibility are part of our DNA, and therefore it is also our duty to protect the right to privacy and ensure that registered data is protected. Wismo Group processes different types of data, including data that is confidential for business reasons and personal data that is both common and sensitive. All collected personal data is stored securely using measures to prevent theft and unauthorized access – for example, we encrypt data during transport and storage. In our data handling, we always strive to live up to the values of “lawfulness, data integrity and transparency”.

Legality
We have a constant focus on optimizing our digital business models for both internal and external stakeholders. Therefore, we place great value on the lawful processing of personal data to effectively deliver a professional and targeted experience and service.

Data integrity
We receive and collect data in connection with the operation of our companies, including everything from general contact information to information necessary to complete our processing of purchases such as the purchase of service agreements where invoicing is ongoing. We store consents and information on people who wish to receive news and offers. Our business and our processing activities are dependent on data quality, which is why it is important for us to ensure full integrity and confidentiality of the data being processed and that we follow the GDPR principles for processing personal data. When launching new activities or developing new digital solutions, we take a privacy by design approach. This means that we consider the design of the digital solution in order to effectively implement the data protection principles. We only process personal data that is necessary for the stated purposes. In relation to our employees, we only process the data that is necessary for us to fulfill our employment obligations. We only collect the personal data that is necessary and sufficient to ensure the well-being and rights of our employees. Employees’ personal data is only accessible to the people who help ensure our obligations to them.

Transparency
We focus on creating transparent data management where customers and employees are aware of their rights, including right of access, right to rectification, right to erasure, right to data ethics

Policy for Policies
Ambition Responsibility BUSINESS ETHICS for data minimization, right to object, right to withdraw consent and right to data portability.

Responsibility and follow-up
The companies’ executive management is responsible for ensuring that the Group’s data ethics policy is implemented in all companies at all organizational levels. All employees in the Group must respect the right to privacy and contribute to responsible and ethical data behavior. Everyone is therefore obliged to ensure compliance with Wismo Group’s employee instructions for processing personal data “Personal Data Policy”, which can be found on the Group’s intranet, WiseCom. Always report knowledge or suspected breaches of data protection legislation to the company’s GDPR & Compliance Manager or use our Whistleblower Line, where you can also report anonymously. All inquiries are treated confidentially and seriously. Wismo Group assesses on an ongoing basis and at least once a year whether the policy needs to be updated.

Privacy policy