Cookies and Data Policy


Last updated: 10th of May 2018

Cookies

Danish Interagency Safety Network (“DISN”, “us”, “we”, or “our”) uses cookies on disn.dk (the “Service”). By using the Service, you consent to the use of cookies.

Our Cookies Policy explains what cookies are, how we use cookies, your choices regarding cookies and further information about cookies.

What are cookies

Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognize you and make your next visit easier and the Service more useful to you.

Cookies can be “persistent” or “session” cookies.

How DISN uses cookies

When you use and access the Service, we may place a number of cookies files in your web browser.

We use cookies for the following purposes: to enable certain functions of the Service, to provide analytics, to store your preferences.

We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:

– Essential cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.

What are your choices regarding cookies

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

Where can you find more information about cookies

You can learn more about cookies and the following third-party websites:

Data

General information protection in Danish Interagency Safety Network.

As part of activities at Danish Interagency Safety Network, we process personal information. This Privacy Policy describes how we treat your data.

Transparent data processing

In this privacy policy, you can read how we treat data about you and what purposes they are being used for. You have received or will receive part of the same information when you register your information with us.

Regarding information given on the basis of consent:

  • We do not process your personal data unless you consent.
  • Before we process information about you, we obtain consent for the specific purposes, unless these are obtained and processed on another legitimate basis. We will inform you of such a basis and our legitimate interest in processing your personal information.
  • A consent is voluntary and you can withdraw it at any time. It is always possible for you as registered to withdraw your consent. If you wish to withdraw your consent, please do the following: send an e-mail to disn@drc.ngo, after which Data Administrators will inform you that your consent has been withdrawn. You must be aware that withdrawing your consent may affect the way we communicate with you, or there may be services such as newsletters we no longer can offer.
  • We do not disclose personal data to other actors

 

Registrant rights

 

As registered with DISN, you have agreed to comply with some rights. We, hereby, explain how DISN handles these rights, and how you can exercise your rights as a registered person. Data administrators shall inform the data subject, without undue delay, of how the company handles the registrant’s exercise of the rights of data subjects.

Your rights are:

  • Right to insight
  • Right to rectification
  • Right to delete
  • Right to object
  • Right to restriction
  • Right to withdraw consent
  • Right to lodge a complaint with the supervisory authority

 

Right to insight:

You are entitled at any time to know which of your personal data do we use, where they originate and what we apply them to. You can also find out how long we keep your personal data and who receives data about you. If, as a registered person, you wish to exercise your right to insight in connection with the personal information provided for a given purpose, you as registered must do as follows: The registrant can send an e-mail to disn@drc.ngo, which is subsequently processed by the data cadministratos. The registrant will subsequently receive a confirmation with the information registered in connection with this letter of consent and the purpose for which they have been collected.

Right to rectification

As a registrant, you have the right to correct the information we process about you. If you wish to exercise your right to rectification in connection with the personal information provided for a given purpose, you must do as follows: The registrant can send an e-mail to disn@drc.ngo, which is subsequently processed by the data administrator. The registrant will subsequently receive a confirmation with the information registered in connection with the correction of data.

Right to delete

As a registered person, you may, in certain cases, have the right to delete your information we have, however, there are cases where we have a legal obligation to store them. We have procedures to delete information that no longer serves purpose or as a legal obligation to store and process them.

  • We delete your personal data when they are no longer necessary for the purpose of the collection, processing and storage of your data.
  • If you believe that your personal data we utilize is incorrect, you are entitled to correct or delete them.
  • If you, as a registered person, wish to exercise your right to delete, for the personal information provided for a given purpose, do as follows: the registrant can send an e-mail to disn@drc.ngo, which is subsequently processed by the data controller.
  • The data administrator assesses upon receipt of the registrant’s request for deletion if there are exceptions for deletion. In the event that the data administrator finds an exception for deletion, the data administrator provides without undue delay, justification and permission for exception. If no exceptions exist, the data administrator deletes the personal data of the data filer submitted in connection with this consent statement and informs the registrant of this.

Right to object

As a registered person you have the right to object to our processing of your personal information.

  • If, as a registered person, you wish to exercise your right to object to processing of your personal information provided for a given purpose, you must, as registered, do as follows: The registrant may send an email to disn@drc.ngo and exercise his right to object to the processing of the information that the company has registered in connection with this letter of consent and the reason for objection. Subsequently, this is processed by the data controller. Personal data will not be processed for purposes for which they have been collected as long as there is an unresolved opposition to treatment.
  • If your opposition is justified, data administrator will discontinue processing your personal information until a decision on the outcome of the opposition is available.

 

Right to limitation of treatment

As a registered person you have the right to request a limitation on our processing of your personal information.

 

  • If, as a registered person, you wish to exercise your right to treatment, for the personal information provided for a given purpose, do as follows: The registered person can write an email to disn@drc.ngo, where it appears that the registrant wishes to exercise his right to treatment restrictions. Data controllers then ensure that personal data is no longer processed by the company or by any data service providers until limitation ends.

 

Right to withdrawal of consent

You have the right to withdraw your consent at any time.

  • If, as a registered person, you wish to exercise your right to withdraw a declaration of consent, you must do as follows: the registered person can write an email to disn@drc.ngo, where it appears that the registrant wishes to withdraw his consent and for what purpose consent is given. Data administrator then ensure that personal information is not processed for the purpose for which they are collected. Or ensure deletion, if there are no exceptions or statutory obligations for deletion.

Right to lodge a complaint with the supervisory authority

If the registrant wishes to exercise his right to lodge a complaint with the supervisory authority, the registrant may file a complaint to the supervisory authority by contacting the supervisory authority. In Denmark, the supervisory authority is the data supervisory authority. It is possible to file a complaint on the data surveillance website.

Data Administrator

If you, as a registered person, have used your rights to any correction or deletion of personal data or limitation of treatment performed pursuant to Article 16, Article 17. 1, and Article 18, notify the data administrator of all recipients to which personal data have been disclosed so that the necessary actions of the parties are made to ensure the rights of the data subject.

What do we use your data for (processing of personal data)

We store and process data about you to make our service better and keep in contact with you. The data we use includes: collection of ordinary personal data and traffic data on the use of the Internet.

We collect and store your data for specific purposes or other legitimate interests and purposes.

– Compliance with your request for services

– Improvement of our services

– Adapting our communication to you

– Administration of your relationship with us

– In connection with login on our network portal, name, email and company name will be provided to provide you with a login account. This information is only used for contact details and network database. The data is stored on the DISN website but only available to the DISN Administration, unless the registrant wishes otherwise.

We treat only personal information about you that is relevant and sufficient in relation to the purposes for which they are collected. It depends on the purpose of which information is sufficient and relevant. You will be informed about why we collect the individual information when submitting your information. We collect, process and store only the personal information necessary to fulfill the purpose for which they are collected. There may be legal obligations that apply to the data administrator and are the reason we collect, process and store personal data. You can always request insight, cf. the process above.

 

Personal information update

We verify that the personal information we treat about you is not incorrect or misleading. We also make sure to update your personal data continuously. Several of our services depend on the accuracy and up-to-date information, so we ask you to provide us with any inaccuracies or changes in your personal information. We use your Email and Name when sending newsletters, however of course, we process only the information you have consented to.

Treatment Security – Organizational and Technical

What organizational measures have been taken to ensure information provided.

Organizational

  • We protect your personal information and have internal rules and processes regarding information security
  • We have introduced instructions and actions that protect your personal information from being destroyed, lost or available to unauthorized access or knowledge of them
  • Information about Newsletters are sent via internally defined mail directly to our newsletter and web-backend.
  • Information about Registration for fairs and other customer events at home and abroad will be sent via internally defined mail directly to our newsletter system
  • Only persons acting on direct instructions from data administrators can access information in the systems, this is ensured by internal controls and processes and necessary teaching.

Danish Interagency Safety Network

Secretariat: Danish Refugee Council

Borgergade 9

1300 Copenhagen, Denmark

Data administrator

Kiki Hynding Hansen

disn@drc.ngo

Technical precautions

  • Security on the website

The website uses SSL (Secure Socket Layer), which means SSL is an encryption protocol, meaning that it is only sender and recipient who can read the information sent between them. You can thus enter your information securely on our website.

  • Security in receiver systems:

When we receive your information, they will be kept safe. We use O365, which provides the following technical warranties for technical security (the following link describes Mailchimp’s security setup)

https://technet.microsoft.com/en-us/library/dn532171.aspx

Purpose of treatment and legal basis

This Statement of Conformity deals with Website, Newsletters and Registration for Events at home and abroad.

By issuing a statement of consent, DISN has the right to process personal information as mentioned below for the stated purpose.

  • Consent deals with the following information
  • Name / Category General Personal Information
  • E-mail / Category General Personal Information
  • Organization Name / Category Other Personal Information
  • Organization Postal Code and City / Category Other Personal Information
  • Organization Telephone / Category Other Personal Information

 

Consent deals with the following treatment

  • Sending of newsletters to which the registered subscriber is subscribing
  • Sending info about events
  • Registration for events at home and abroad

 

This consent has been given voluntarily by the data subject and is not subject to other conditions, including performance of the contract

Information gathered in connection with this letter of consent derives from

  • Form on website
  • Physical form at the fair
  • Submitted by telephone/mail

Data Processors or Recipients of Personal Information

  • O365 for sending newsletters and event info

Time when the company stores and processes personal data

The Company stores and processes personal data as provided in connection with this Statement of Conformity, as long as there is a treatment, unless one of the following is applicable, after which personal information will be deleted:

  • Consent statement has been withdrawn
  • Consent statement has expired
  • Information is erroneously provided and it has not been possible to identify the data subject with a view to obtaining accurate and corrected personal information
  • The company no longer offers the service or service that requires treatment and to which this consent has been granted

 

Verifiability

The company shall keep a copy of this letter of consent as proof that the registrant has given consent and that the terms of consent have been met. Consent statement is kept secure. The registrant receives a copy of the email address provided, if this is possible.

Duration of the consent

The consent is valid until the purpose is no longer valid or the consent is withdrawn.