Stenhøj Holding A/S, reg.no. 6174394, Barrit Langgade 188 – 190, 7150 Barrit, tel. 76 82 12 22, firstname.lastname@example.org and Stenhøj A/S, reg.no. 16926191, Barrit Langgade 188 – 190, 7150 Barrit, tel. 76 82 12 22, email@example.com (hereinafter "Stenhøj") are the data controllers regarding the information we receive in connection with the management of our companies in relation to customers and suppliers.
Our contact information is tel. 76 82 12 22 and e-mail address of Stenhøj Holding A/S: firstname.lastname@example.org and Stenhøj A/S: email@example.com.
If you have any questions regarding the processing of your personal information, please contact us at firstname.lastname@example.org and email@example.com.
Purpose and legal basis
Stenhøj operate within the automotive industry and thus enter into contracts with customers and suppliers and provide tenders for our customers. The personal data processed also relates to any natural persons representing the customer or supplier, including their employees.
The purpose of the processing of personal information is to fulfill contractual relationships with customers and suppliers in the form of deliveries and services, including in connection with tenders. The legal basis for processing personal information is that the processing is necessary for Stenhøj's conclusion, negotiation and fulfillment of contractual relations with customers and suppliers, including delivery of services, as well as the legitimate interest in processing personal information which Stenhøj may have in this regard.
Categories of personal information
As part of the customer and supplier administration, Stenhøj process personal information, including name, contact information, email, address, telephone and mobile number, organization number as well as bank details. The processing of personal information will only take place to the extent necessary for the performance of the contract that the customer or supplier has entered into with Stenhøj or for the safeguarding of a legitimate interest of the customer, the supplier or Stenhøj in connection with the general customer and supplier administration.
Recipients of personal information
Stenhøj do not make personal information available to others for marketing or similar purposes.
Stenhøj only disclose personal information if required for the purpose of fulfilling the contract that the customer or supplier has entered into with Stenhøj or to safeguard the interests of the customer and supplier. Typical recipients of personal information will be third parties, such as intra-group companies within the EU, carriers, consultants, public authorities, subcontractors, if required by law, that personal information must be disclosed or if required for the purpose of safeguarding a legitimate interest of the customer, the supplier or Stenhøj.
Stenhøj leave personal information to suppliers according to data processing agreements with the purpose of using various IT systems.
Stenhøj retain personal information up to 5 years after the termination of the contract, unless a relevant legal interest justifies the retention of personal information. This is determined based on a factual assessment of the importance of the information in conjunction with the applicable limitation regulation.
The rights of the data subjects
The data subjects have according to the GDPR:
- Right to gain insight into the personal information being processed,
- Right to get incorrect personal information corrected,
- In special cases right to be allowed to have personal information deleted before the retention period has expired,
- In certain cases right to have the processing of the personal information restricted so that in future, apart from storage, it may only be processed with prior consent or for the purpose of determining, enforcing or defending legal requirements, or for protecting a person or important public interest.
- In certain cases right to object to otherwise legitimate processing of the personal information, and
- Right to receive the personal information in a structured, commonly used and machine-readable format, or to have the personal information transferred to another data controller.
Stenhøj have implemented data security measures that contain instructions and security procedures that protect personal information from being destroyed, lost or modified and against unauthorized access, disclosure or unauthorized persons gaining knowledge of them.
Stenhøj continuously develop security policies and procedures to ensure that Stenhøj’s systems are secure and protected.
In case of a security breach resulting in a high risk of IT theft, financial loss, reputation loss or significant disadvantage for the customer or supplier, Stenhøj will report the security breach as soon as possible.
Any request for access to personal data, correcting or deleting or objecting to Stenhøj's data processing will be responded to as soon as possible and no later than one month after receipt of the request. Complaints about Stenhøj's processing of personal information can be submitted to the Danish supervisory authority; Datatilsynet, Borgergade 28, 1300 Copenhagen K, tel. 33193200 or via e-mail: firstname.lastname@example.org