PERSONAL DATA
Privacy Policy for:
Auto Export Denmark ApS, CVR: 44588056
Laurentsvej 25
2880 Bagsværd
Our privacy policy describes how we use and protect personal data, and is intended to ensure that employees are aware of the rules applicable to the use of personal data they have access to in their work. This policy supplements our other policies on IT security, internet, email, etc. The purpose of this policy is to meet the requirements of the General Data Protection Regulation (GDPR).
Processing of Sensitive Personal Data in the Company
Any processing of personal data in the company is carried out with reference to the principles of legality, fairness, and transparency. Personal data is collected solely for explicitly stated and legitimate purposes, and we observe the principle of data minimization. We strive to ensure that all information is correct and up-to-date, just as the principles of storage limitation, integrity and confidentiality, and not least accountability, are of utmost importance. If you have any questions about our processing of personal data and this privacy policy, you are always welcome to contact one of our data controllers in the company.
Information Processed – Purpose
The purpose of registering and processing personal data is relevant to our business dealings with our customers and business partners. If we exceptionally need to process personal data for purposes that are incompatible with the following, you will be informed accordingly. The same applies if we collect or process your personal data from sources other than the individual concerned.
- Execution of purchase, sale, test drive, and export of vehicles.
- Inspection, re-registration, and de-registration of vehicles.
- Handling of insurance and financing services.
- Fulfillment of warranty and guarantee obligations.
- Follow-up on sales.
- Communication regarding your order or other inquiries to us.
- Ensuring user-friendliness and security.
- Optimization of our digital solutions.
- Opportunity to participate in customer surveys, contests, raffles, etc., through digital solutions.
- Archive of registered products and associated personal information.
We collect and use data about our customers to fulfill our agreements and business processes with them, as well as to improve our service and ensure quality in our products and services.
The personal data we process include:
Automatically Collected Data – We use a variety of digital solutions based on different technologies aimed at ensuring user-friendliness and security. These technologies can automatically collect data to provide the best possible user experience. Data is collected either directly by us or by a third party on our behalf. Analysis of clickstream data and cookies are examples of this. This applies, for example, to all contact forms on the website, including details about your car.
Every visit to a digital solution results in information being sent from the user’s browser to a server. It is through the analysis of these data that we optimize the digital solutions. Data is collected via a third party on our behalf. Data about your browser may be collected to manage our system and conduct internal, marketing-related analyses based on the registrant’s behavior.
Examples of data collected and analyzed:
- Date and time of visit.
- The pages visited within the solution.
- IP address and its geographical location.
- Information about the used browser and computer (type, version, operating system, etc.).
- URL from the referring site (the page from which the visitor came to our solution).
We are the data controllers for the collected data, and the collected data is not shared unless there is a written/electronic consent or in case of any legal requirements.
Information Voluntarily (Actively) Provided
We note the information provided to us in connection with a physical visit or a visit to our website. Examples of data that you actively provide are most often common and include name, address, phone number, email address, etc., and usually originate from:
- Information shared with us via social media.
- Information sent by email.
- Information provided in forms on the website.
- Information we receive in connection with the execution of orders.
- Information shared with us in connection with surveys, events, competitions, etc.
Basis for Processing
Processing of personal data is necessary for the fulfillment of contractual obligations between us and our customers. Certain information, including sensitive data, is processed to the greatest extent possible based on written or electronic consent.
A. Receipt and Disclosure of Personal Data
We only disclose personal data to third parties in accordance with what is stated in this privacy policy. We may disclose your information if we are obligated to do so to comply with a legal obligation. Disclosure can also occur on the instruction of a court or another authority, or to protect trademarks, rights, or property.
This involves exchanging information with other companies and organizations for the purpose of fraud protection. We use service providers and data processors who perform work on our behalf. Services may include server hosting and system maintenance, analysis, payment solutions, address and creditworthiness checks, email services, etc. These partners may have access to data to the extent necessary to provide their services. The partners will be contractually obliged to treat all data strictly confidentially and are thus not allowed to use data for anything other than what is covered by the contractual obligation to us.
We ensure that our data processing partners comply with their obligations.
If we disclose your information to a service provider or data processor outside the EU, we ensure that we comply with the legal requirements for such transfers. We never collect personal data without prior consent through registration, purchase, or participation in a survey, etc.
A1. Transfer of Registration Certificates in Wholesale of Vehicles
In connection with the resale of vehicles to other car dealers, documentation in the form of an original Danish registration certificate is required for the verification of ownership, re-registration, etc.
The registration certificate with the previous owner’s data is therefore handed over to the new buyer of the vehicle.
A2. Transfer of Registration Certificates in Vehicle Export
In connection with the export of vehicles to EU countries, local documentation in the form of an original Danish registration certificate is required for the verification of ownership, etc.
The registration certificate with the previous owner’s data is therefore handed over to the new buyer of the vehicle.
B. Storage and Deletion Policy
We store information about our customers and business partners as long as we have a legitimate and substantial reason for doing so, including so that we can provide the best possible service. As a general rule, all personal data will be deleted 5 years after the end of the customer relationship, which refers to the last active transaction.
Personal data may be stored longer if there is a substantial need for it, for example, if a legal claim needs to be established, asserted, or defended.
B1. Right of Access, Correction, and Deletion
The data subject (DS) has the right to request access to the information we process:
- What is being processed.
- The purpose of the processing.
- Affected categories of personal data (ordinary or sensitive).
- The period during which they are processed, including stored.
- The right to request correction or deletion and to lodge a complaint with the Data Protection Authority.
DS has the right to have incorrect information about themselves corrected without undue delay. DS must take the initiative for such a correction. DS may also request to be deleted (“the right to be forgotten”), however, only after the expiration of our statutory retention obligation under the accounting law. DS can also contact us if DS believes that DS’s personal data is being processed in violation of the law or other legal obligations. When DS approaches us with a request to correct or delete DS’s personal data, we examine whether the conditions are met and then make changes or deletion as quickly as possible. If DS wishes to access the information registered about DS with us via our cookies, DS should contact a data controller.
If incorrect data is registered, or if DS has other objections, DS can contact the same place. DS has the opportunity to gain insight into what information is registered about DS, and DS can object to the registration at any time.
B2. Data Portability
The data subject (DS) has the right to receive the personal data DS has provided to us, and those we have collected about DS from other actors based on DS’s consent. If we process data about DS as part of a contract in which DS is a party, DS can also receive their own data. DS also has the right to transfer these personal data to another service provider. If DS wishes to exercise the right to data portability, DS will receive their own personal data from us in a commonly used format.
C. Consent
Where consent is required as a basis for processing, we must be able to document that such consent has been given. Therefore, we always require consent in writing or electronically.
Consent is a voluntary, specific, informed, and unambiguous expression of will regarding the processing of personal data. The data subject (DS) can withdraw their consent at any time, and if it is the sole basis for processing, future processing will cease. However, our obligation/right to store data is not changed by this.
Consent can be withdrawn by contacting a data controller.
D. Website and Cookies
Cookies are small text files containing letters and numbers that are stored on the user’s PC or other device when they visit our website. Cookies can, among other things, be used to keep track of which pages have been visited and can help the user to continue where they left off on a previous visit, or they can remember language settings or other preferences related to visits to the website.
Cookies cannot contain viruses. If we place cookies, the user is informed about the use and purpose of collecting data via cookies. At the same time, the user is asked to give their consent. However, necessary cookies for ensuring functionality and settings can be used without the consent of visitors to our website.
D1. Types of Cookies and Their Purpose
You can find everything about the types of cookies we use and the purpose of their use in our “Cookie Policy”.
E. Security
Auto Export Denmark protects your personal data and has a set of internal rules on information and IT security. Our internal security rules contain instructions and measures that protect data subjects’ personal data from being destroyed, lost, or altered, against unauthorized disclosure, and against unauthorized access or knowledge.
We have established procedures for allocating access rights to those of our employees who process personal data, including sensitive personal data. We control their actual access through logging, codes, and supervision. To prevent data loss, we continuously back up our data sets. In the event of a security breach that results in a high risk to you of discrimination, identity theft, financial loss, loss of reputation, or other significant disadvantage, we will notify you of the security breach as soon as possible, as we are legally obliged to report it.
The Right to Complain
Every registered individual has the right to file a complaint with the Data Protection Authority regarding our processing of personal data. Any complaints should be directed to:
Datatilsynet
Borgergade 28, 5
1300 København K
Email: dt@datatilsynet.dk
Phone: +4533193200
Updating the Privacy Policy
We reserve the right to update and amend these guidelines for the processing of personal data. Should we do so, we will adjust the “last updated” date as shown below.
This privacy policy was last updated:
January 25, 2024
Auto Export Denmark ApS
English 
Danish 
