Privacy Policy
Data Controller
Thorsen Group ApS is the data controller for the processing of personal data we handle regarding our customers and business partners. You can find our contact details below:
Thorsen Group ApS
Jupitervej 4, 6000 Kolding
CVR no.: 44452669
Email: kontakt@thorsengroup.dk
It is not a requirement for our company to have an external Data Protection Officer (DPO), but if you have any questions regarding the processing of your personal data, you can contact us via the email above.
Processing Activities
As a data controller in accordance with the GDPR, we have the following processing activities.
Website Visits
When you visit our website, we use cookies to ensure its functionality. You can read more about this in our [cookie policy] (link to cookie policy).
Communication with Potential Customers
If you have any questions regarding our company or portfolio companies, you can contact us via:
- Phone
Through this, we process your personal data to engage in a dialogue with you, such as responding to inquiries about our services. We only process the information you provide us with during our communication.
We typically process the following general data: name, e-mail, phone number.
Our legal basis for processing this data is Article 6(1)(f) of the General Data Protection Regulation (GDPR). We delete our communication with you once it becomes clear whether you wish to use our services. If there is a need for longer retention, it will be assessed on a case-by-case basis.
Customers
We process information about our customers to ensure proper service delivery. This includes name, address, services, payment details, and specific agreements. The legal basis for this processing is Article 6(1)(b) of the GDPR.
Personal data is deleted immediately after the service has been delivered and any outstanding matters are resolved.
Newsletter
You can voluntarily subscribe to Thorsen Group’s newsletter. We will only send you newsletters if you have given your explicit consent. The legal basis for this processing is Article 6(1)(a) of the GDPR.
We will process your personal data as long as you remain subscribed to the newsletter. If you unsubscribe, we will stop sending it to you. If we have not sent you a newsletter for one year, your consent will expire due to our inactivity.
Upon unsubscribing, we will store your previous consent for two years after its last use due to statutory limitation requirements in accordance with the Danish Consumer Ombudsman’s spam guidelines, section 11.3.
Accounting
We store financial records, including invoices, in accordance with the Danish Bookkeeping Act. These records may contain general personal data such as name, address, and service description. The legal basis for this processing is Article 6(1)(c) of the GDPR.
We retain these records for a minimum of five years after the current financial year.
Job Applications
We gladly accept unsolicited job applications to assess whether potential employees match our hiring needs. If you submit a job application to us, our legal basis for processing your personal data is Article 6(1)(f) of the GDPR.
- Unsolicited applications are reviewed and deleted immediately if there is no match.
- Applications for advertised positions are deleted once the right candidate has been found.
- If you are involved in a recruitment process and/or hired for the job, we will provide you with separate information on how we process your personal data in this regard.
Data Processors
We use external suppliers and partners who may act as data processors, for example, for IT hosting, marketing, and accounting systems.
We ensure that all data processors comply with data protection requirements through data processing agreements.
Disclosure of Personal Data
We do not disclose your personal data to third parties without your consent unless we are legally obligated to do so.
Profiling and Automated Decision-Making
We do not perform profiling or automated decision-making.
Transfers to Third Countries
As a general rule, we use data processors within the EU/EEA or those who store data within the EU/EEA. In exceptional cases, data may be stored outside the EU/EEA, but only if an adequate level of protection is ensured.
Processing Security
We have implemented appropriate technical and organizational measures to ensure the security of your personal data, including risk assessments, awareness training, and GDPR procedures.
Your Rights as a Data Subject
Under the GDPR, you have several rights concerning our processing of your personal data. If you wish to exercise your rights, please contact us.
- Right of Access
You have the right to access the personal data we process about you, as well as additional information. - Right to Rectification
You can request correction of incorrect information. - Right to Erasure
In certain cases, you can request that your data be deleted. - Right to Restriction of Processing
In certain cases, you have the right to have the processing of your personal data restricted. If you have this right, we may only process your data – apart from storage – with your consent, for legal claims, to protect a person, or for important public interests. - Right to Object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing purposes. - Right to Data Portability
In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have this data transferred from one data controller to another without hindrance.
You can read more about your rights in the Danish Data Protection Agency’s guide on data subjects’ rights at www.datatilsynet.dk.
- Withdrawal of Consent
If our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time.
Complaint to the Danish Data Protection Agency
You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with how we process your personal data. You can find their contact details at www.datatilsynet.dk.