GPDR Policy

Table of contents

Company Information. 1
Data controllers, possibly representatives of data controllers. 2
General information about data protection in A.C.Perc’s Thehandel. 2
Transparent data processing.. 2
For information provided on the basis of consent: 2
Disclosure of personal data does not take place without consent. 2
Rights of data subjects. 2
Rights of the data subject (Art. 19). 2
Information on data subjects’ rights (Art. 15). 3
How to exercise your rights. 3
Data controllers’ duty to provide information. 5
What we use your data for (processing of personal data). 5
Processing security – organizational and technical. 6
Technical security measures. 6
Security on the website. 6
Security of receiver systems: 7
Organisational measures: 7
Transfer to third countries. 7
Cookies 7
What is a cookie?. 7
What do we use cookies for?. 7
How can I avoid or delete cookies?. 8

Company information

Company name:

A. C. Perch ́s Thehandel
Kronprinsensgade 5
1114 Copenhagen K

Telephone number: (+45) 33 15 35 62
Email: store {@} perchs.dk
Website: www.perchs.dk

Data controllers, possibly representative of data controllers:
Name: Christian Hincheldey
Telephone number: (+45) 33 15 35 62
Email: rights {@} perchs.dk

General data protection in A. C. Perc’s Thehandel

As part of the website and webshop activities, we process personal data. This privacy policy describes how we process your data as well as the purpose, legitimate processing basis and your rights as registered.

Transparent data processing

In this personal data policy, you can read how we process data about you and for what purposes it is processed. You have received or receive part of the same information when you register your information on our website.

Regarding information provided on the basis of consent:

Consent before processing your personal data

Before we process information about you, we obtain consent for the specific purposes, unless these are obtained and processed on other legitimate grounds.

We may inform you of such a basis and of our legitimate interest in processing your personal data.
Consent is voluntary and you can withdraw it at any time. See below how you can withdraw your consent.
The transfer of personal data does not take place without consent.
We will not disclose personal data to other players.
Rights of data subjects
Rights of the data subject

As registered with A.C.Perch’s Thehandel, you have the following rights. Below is an indication of how A.C.Perch’s Thehandel handles these rights, as well as how you as a data subject can exercise your rights.

Information on data subjects’ rights

As a data subject, you have the following rights, which were also communicated to you when registering.
Your rights are:

• Right of access
• Right to rectification
• Right to erasure
• Right to object
• Right to restriction
• Right to data portability
• Right to withdraw consent
• Right to lodge a complaint with the supervisory authority

Without undue delay, controllers inform the data subject of how the company handles the data subject’s exercise of data subject rights.

How to exercise your rights

Right of access:

You have the right at any time to know what data we process about you, where it comes from and what we use it for. You can also be informed how long we store your personal data and who receives data about you, to the extent that we disclose data in Denmark and abroad. If, as a data subject, you wish to exercise your right of access in connection with the personal data provided for a given purpose, you as a data subject must do as follows:

You must send an email to rights {@} perchs.dk, and inform about the request for access.

Right to rectification
As a data subject, you have the right to have the information we process about you corrected.
If, as a data subject, you wish to exercise your right to rectification in connection with the personal data provided for a given purpose, you must do as follows:

You must send an email rights {@} perchs.dk and state what information is to be corrected and the reason and identification, so that the Data Controller has certainty about the correctness.

Right to erasure

In certain cases, as a data subject, you have the right to erasure of the information we process about you. However, there are cases where we have a legal obligation to keep them.
We have routines that mean that we delete personal data that no longer serves the purpose or that we are legally obliged to store and process. We delete your personal data when they are no longer necessary in relation to the purpose that was the reason for our collection, processing and storage of your data.

If you believe that the personal data we process about you is not correct, you have the right to have it corrected or deleted.

If, as a data subject, you wish to exercise your right to erasure for the personal data provided in connection with a given purpose, you must do as follows:

You must write an email to rights {@} perchs.dk stating what information you want deleted.

Upon receipt of the data subject’s request for deletion, the controller shall assess whether there are exceptions to erasure. In the event that the controller finds an exception for deletion, the controller shall without undue delay provide the reasons and legal basis for the exemption. In the absence of exceptions, the controller shall erase the data subject’s personal data provided in the context of this declaration of consent and inform the data subject accordingly.

Video surveillance in physical stores.

Parts of Perch’s physical devices are video-monitored for security reasons. The material is stored for 30 days. You can exercise your rights for deletion by contacting us at rights {@} perchs.dk

Right to object

As a data subject, you have the right to object to our processing of your personal data.

If, as a data subject, you wish to exercise your right to object to processing for the personal data provided in connection with a given purpose, you as a data subject must do as follows:

You must write an email to rights {@} perchs.dk stating that you wish to exercise your right to object. Data controllers then ensure that personal data are not processed for the purpose for which they were collected, as long as there is an unresolved objection to processing.

If your objection is justified, data controllers ensure that the processing of your personal data is terminated until a decision on the outcome of the objection has been made.

Right to restriction of processing

As a data subject, you have the right to request restriction of our processing of your personal data.
If, as a data subject, you wish to exercise your right to restriction of processing for the personal data provided in connection with a given purpose, you must do as follows:

You must write an email to rights {@} perchs.dk stating that you wish to exercise your right to restriction against processing. Data controllers then ensure that personal data is no longer processed by the company or by any data processors until the restriction ceases.

Right to data portability

As a data subject, you have the right to request porting of your personal data to another provider of the same service.
If, as a data subject, you wish to exercise your right to data portability for the personal data provided for a given purpose, you must do as follows:

You must write an email to rights {@} perchs.dk stating that you wish to exercise your right of data portability. Data controllers then ensure that personal data are provided to the data subject in a common and machine-readable format.

Right to withdraw consent

You have the right to withdraw your consent at any time.
If, as a data subject, you wish to exercise your right to withdraw a declaration of consent, you must do as follows:

Newsletter: As a data subject, you can withdraw your declaration of consent at any time by unsubscribing from the newsletter. This is done by pressing the unsubscribe button in the newsletter. When this has been done, a final email will be sent stating that the declaration of consent has been withdrawn and that the personal data provided will be deleted.

As a data subject, you can write an email to rights {@} perchs.dk stating that you wish to withdraw your consent and for what purpose the consent has been given. Data controllers then ensure that the personal data is not processed for the purpose for which it was collected. If there are no exceptions or legal obligations for deletion, data controllers will ensure that the personal data is deleted.

Right to lodge a complaint with the supervisory authority

The data subject may lodge a complaint with the supervisory authority by contacting the supervisory authority. In Denmark, the supervisory authority is the Danish Data Protection Agency. On the Danish Data Protection Agency’s website it is possible to file a complaint.

Data controllers’ duty to provide information

If, as a data subject, you have exercised your rights to any rectification or erasure of the personal data or restriction of processing carried out pursuant to Articles 16, 17(1) and 18, the controller shall inform all recipients to whom personal data have been disclosed so that the necessary actions are taken by the parties to safeguard the rights of the data subject.

What we use your data for (processing of personal data)

We only process relevant personal data about you.
We only process personal data about you that is relevant and sufficient in relation to the purposes for which it was collected. It depends on the purpose for which information is sufficient and relevant, you will be informed when submitting your information why we collect the individual information. There may be legal obligations that apply to the data controller and are the reason why we collect, process, and store personal data. You can always request access according to the process specified under “data subjects’ rights”.

We only store and process general information about you, you can see below what information we use, for what purpose and on what basis for processing

Cookies:

Before we use cookies, you must accept this, you will also be informed about what we use cookies for and how you can delete them if you no longer want to accept them.

We use cookies to make our service better and ensure quality in our products and services, as well as for statistics and analysis of behavior on the website, when we process cookies it is based on the consent you give when you visit our website. The consent is our legitimate basis for processing your information, cf. Article 6(1)(a) GDPR

We also use cookies for marketing purposes. When we use cookies for marketing purposes, we obtain consent beforehand. The consent is our legitimate basis for processing your information, cf. Article 6(1)(a) GDPR

Newsletters:

We process name and e-mail in connection with subscription to newsletters. When you sign up for our newsletter, you must consent to us processing your information. The consent is our legitimate basis for processing your information, cf. Article 6(1)(a) GDPR

Purchase via our webshop:

When you buy goods on our webshop, we process the following information:
Name, address, zip code, city, country, telephone number, and email. In addition, your purchase history appears under your profile when you are logged in.
We are obliged to register, store and process information about your purchases, cf. the Bookkeeping Act: §7 accuracy of registration and § 10 storage for 5 years. We use your phone number as a customer number. If you do not want us to use your phone number as a customer number, please state this in the comments field with the order.

We continuously update personal data whenever possible. We check that the personal data we process about you is not incorrect or misleading. We also make sure to update your personal data on an ongoing basis.

Several of our services depend on the information being correct and up to date, we therefore ask you to inform us of any inaccuracies or changes in your personal information.

Deletion of information

We do not store your information longer than we are required to or legitimately for.
We delete your information in the following cases:

• Information stored in accordance with the Danish Information Act. Section 10 of the Danish Bookkeeping Act is stored in the current year + 5 years
• Information processed on the basis of consent is stored until one of the following applies:
  • You have pressed the consent back using the button in the newsletter
  • You have requested data controllers to delete your data
  • We no longer offer the service for which you have consented to processing

Security of processing – organisational and technical

Security

We protect your personal data and have internal rules and processes on information security

We have put in place instructions and measures that protect your personal data from being destroyed, lost or altered, against unauthorized disclosure and against unauthorized access or knowledge of it.

Technical security measures

Security on the website

The website uses SSL (Secure Socket Layer), SSL is an encryption protocol and means that only the sender and receiver can read the information sent between them. You can therefore enter your information securely on our website.

Security in receiver systems:

When we receive your information, it will be stored securely. Our website provides the following technical guarantees for technical safety

• Antivirus
• Username and Password protected by OS login
• SQL db with double login
• Firewall that secures traffic in and out

Organisational measures:

In order to secure your information in the best possible way, we have set up the following processes in relation to the people who may have contact with your information.

Only persons acting on direct instructions from data controllers can access information in the systems. This is ensured by internal controls and processes as well as necessary training.

Transfer to third countries
No data is transferred to third countries

Cookies

This website uses cookies. Cookies are small text files that can be used by websites to make a user’s experience more efficient. We use cookies for our content and ads, to show you social media features, and to analyze our traffic. We also share information about your use of our website with third parties. The law states that we may store cookies on your device if they are strictly necessary to ensure the provision of the service you have expressly requested to use. For all other types of cookies, we need to obtain your consent.
This website uses different types of cookies. Some cookies are set by third-party services that appear on our pages. You can change or withdraw your consent at any time on our website.

What is a cookie? A cookie is a small file of data information. A cookie cannot destroy anything on your computer.
They are often used to provide a better user experience and to collect information regarding the use of a website.

What do we use cookies for?
We use cookies on the website, partly for the purpose of ensuring that the website works properly and gives you a better user experience. In addition, we use cookies as a source for statistics and marketing. If we store cookies on your device as part of a service, you will be informed about the use and purpose of collecting data via cookies.

We obtain your consent

Before we store cookies on your equipment, we ask for your consent. However, necessary cookies to ensure functionality and settings can be used without your consent, this depends on the e-privacy regulation)

Below you can find more information about our use of cookies and how you can delete or reject them. If you want to revoke your consent, you can find the instructions under our cookie policy.

How can I avoid or delete cookies?

You can delete cookies in the browser at any time, but you should be aware that there may be functions on the website that subsequently do not work optimally.

The Danish Business Authority has the following guidelines on how to avoid cookies:

https://erhvervsstyrelsen.dk/saadan-undgaar-du-cookies

See cookies and read more about our Cookie Policy here.