Privacy Policy

PRIVACY POLICY for Quinoa Quality ApS

Introduction
In order to be able to service our contracting parties, we need to process important personal data. Our privacy policy contains information about the kind of data, and how we collect data, as well as what the data is used for. Since this is important information, we hope that you will take the time to read it. In case of questions or the need for further information, please feel free to contact our data controller.

Data controller
Quinoa Quality ApS, Teglværksvej 10, 4420 Regstrup – CVR. No.: 40610588

Contact information
Peter Slaatorn, e-mail: admin@quinoaquality.com, telephone: +4520987611

Processing of personal data
We process personal data, made accessible to us by you or a third party.
We process your personal data, in order to be able to fulfil our contractual obligations.
We would not be able to do this without your personal data.
Personal data typically includes:
• Name, address, telephone number, e-mail

Deadlines for deletion/storage
We make every effort to delete (or anonymise) personal data, as soon as it becomes irrelevant. However, we always store data for min. five years, due to the Act on Accounting.

Your rights pursuant to the General Data Protection Regulation
You have the following rights, when we process your personal data:
• The right to information on how we process your personal data (duty of disclosure).
• The right to access your personal data.
• The right to correct incorrect personal data.
• The right to deletion of your personal data.
• The right to object to any use of your personal data for direct marketing purposes.
• The right to object to automatic, individual acts, including profiling.
• The right to transfer your personal data (data portability).

All rights above are handled manually when contacting our data controller
We are entitled to reject requests that are unreasonably repetitive, require excessive technical measures (for instance development of a new system or changing existing practices significantly), affect protection of personal data of others, or are extremely unpractical (for instance requests about data, existing as backup copies).
If we are able to correct information, we will do this free of charge, unless it requires excessive efforts. We try to maintain our services in a manner that protects data from faulty or harmful destruction. Upon deletion of your personal data from our services, it may be impossible for us to immediately delete associated copies from our archive servers and we may not be able to remove the data from our back up copy systems.
You are at any time entitled to lodge a complaint to the Danish Data Protection Agency (https://www.datatilsynet.dk/borger/klage-til-datatilsynet/)

Transferred information
We do not transfer personal data to companies, organisations or individuals, unless:
• With your consent
We transfer personal data to companies, organisations or individuals, if we have your consent. We require an active act of consent for transfer of all personal data.
• For external data processing
We transfer personal data to our partners or other trusted companies or individuals, in charge of external data processing. Their processing is based on our instructions, in compliance with our privacy policy and other applicable confidentiality and security measures, such as our data processing agreement.
• For legal reasons
We transfer personal data to external companies, organisations or individuals, if we in good faith believe that access, use, storage or publication of the data is required in order to:
o fulfil our contract with you.
o comply with applicable laws, regulations proceedings or legal orders from public authorities.
o enforce applicable service conditions, including investigation of possible non-compliance.
o register, prevent or in any other way protect against cases of fraud, as well as security or technical problems.
o indemnify the company from damage, public rights, property or security, which the law may require or allow.

We are entitled to share impersonal data with the public and our partners.

Security information
We do our utmost to protect the company against unauthorised access, change, publication or destruction of stored personal data.
We have implemented the following general, organisational and technical measures:
• Anti-virus on all IT systems, processing personal data.
• Backup of all IT systems, processing personal data.
• Use of acknowledged IT systems for processing, typical for the industry.
• Limited personal data access. Access is only possible if required.
• Data processing agreements with suppliers, processing personal data on behalf of the company.
• Confidentiality agreements with staff, required to process personal data.
• Guide for secure processing of personal data and information archives for staff with access to information systems.
• Implementation of risk assessment and documentation of all systems above, processing personal data, in order to ensure a verified foundation for the security level for processing personal data within the company.

Compliance and cooperation with data protection authorities
We frequently ensure that we comply with our own privacy policy. We further comply with several self-regulatory security policies. When we receive formal written complaints, we contact the sender for follow up. We cooperate with the relevant legislative authorities, such as Danish Data Protection Agency in resolving complaints concerning transfer of personal data, which cannot be resolved with the user directly.


Amendments
Our privacy policy is occasionally subject to change. Possible amendments to this privacy policy are stated on this page, and in case of significant amendments, we will make sure to highlight these in other, more noticeable ways (for some services, we inform about amendments by means of e-mail).

Quinoa Quality Privacy Policy