Data Protection Policy
DATA PROTECTION POLICY FOR TRACIE
Version 1.
Date: October 16th, 2023
1. INTRODUCTION
What is important for us at Tracie, is that you as a co-operation partner feel
comfortable with our processing of the personal data that comes into our possession when you do business with us. This policy on the protection of personal data is a supplement to, but does not replace, any other policies or terms and conditions which have been otherwise established between us.
2. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?
The Danish company, Tracie (ESG IT APS), is the controller of the personal data you or your employer submit to us. Outlay is responsible for your personal data under The General Data Protection Regulation (“GDPR”) and local laws.
ESG IT ApS CRN: 43899392
Strevelinsvej 38, 7000 Fredericia
Denmark
Authorized personal data representative is Andreas Østergaard Borris, Partner and DPO.
3. WHERE DO WE STORE YOUR DATA?
The data we collect from you is stored within the European Economic Area (“EEA”) but may also be transferred to and processed in a country outside of the EEA. Any such transfer of your personal data will be carried out in compliance with GDPR. Tracie only transfer personal data to third countries (non-EEA countries), if certain conditions are complied with. A transfer may, for instance, take place if the EU Commission has decided that the third country in question ensures an adequate
level of protection, or has provided appropriate safeguards, such as entering into an agreement comprising the EU standard contractual clauses with the recipient of the personal data or choosing a recipient that adheres to a specific adequacy scheme (such as EU-US Privacy Shield).
4. WHO CAN ACCESS YOUR DATA?
If the purpose requires, your personal data may be shared internally at Tracie. We do never sell or otherwise pass your data to external third parties for marketing purposes.
5. WHICH PERSONAL DATA IS PROCESSED BY US?
Tracie collects and processes your personal data. The data we collect and process in the given situation varies, but the personal data may be the following:
- Master data, including name, address, telephone number, date of birth, gender and e-mail
address. - Personal data sent to us in chats and/or e-mails for the legitime interest of our relationship
purposes. - Payment information specifically credit/debit card details
Your personal data collected through the various technologies, channels and platforms may be combined.
The main legal basis for processing your personal data is for entering into a contract, fulfilling out contractual obligations or prior to entering such.
6. WHAT IS THE PURPOSE OF THE PROCESSING?
We process personal data at Tracie regarding employees, customers, vendors and other cooperation partners for business, financial, contractual and administrative purposes. The processing of personal data at Tracie is in accordance to the following principles:
- We only process personal data lawfully, fairly and in a transparent manner in relation to the data
subject. - We only collect personal data for specified, explicit and legitimate purposes.
- We only process adequate and relevant personal data which is limited to what is necessary in relation to the purposes for which they are processed.
- We make sure that personal data is accurate and kept up to date. Inaccurate personal data is deleted or rectified without undue delay.
- We delete personal data that is no longer necessary for the purposes for which the personal data were processed.
- We ensure that personal data is processed in a manner that ensures appropriate security of such personal data.
7. HOW DO WE PROTECT YOUR PERSONAL DATA?
We use technical and organizational security measures to protect your personal data from manipulation, loss, destruction or access by unauthorized persons, or processing contrary to legislation. Our security procedures are regularly revised on the basis of the newest developments in technology and threat assessments.
8. WHAT ARE YOUR RIGHTS?
You are entitled to receive information about and object to the processing of your personal data. Upon sending your request to Outlay, you are entitled to have corrected, deleted or blocked any data that turns out to be incorrect or misleading or has been processed contrary to the personal data legislation. Please allow up to 4 weeks of processing time for each request.
Furthermore, you have the right to object to processing of your personal data that is based on the legitimate interest of Outlay. Outlay will not continue to process the personal data unless we can demonstrate legitimate grounds for the process which overrides your interest and rights or due to legal claims.
9. FOR HOW LONG DO WE STORE PERSONAL DATA?
We don’t store personal data in a manner that makes it possible to identify you for a longer period of time than what is necessary considering the purpose of the processing of the data.
10. RIGHT TO COMPLAIN WITH A SUPERVISORY AUTHORITY
If you consider us to process your personal data in an incorrect way, you can contact us. You also have the right to raise a complaint to a supervisory authority.
11. CONTACT
We take data protection very seriously and therefore have a department that handles requests in relation to your rights stated above in subject 8. If you have any questions to this Privacy Policy or you need an answer on a specific question or topic related to this, please do not hesitate to contact aborris@tracie.io