Data protection policy (for GDPR)

Our data protection policy contains the terms and conditions that apply when we process your personal data, and your rights when using our website.

Thank you for visiting our website. It is important to us that we protect and respect the privacy of all those who choose to use our services.We aim to process personal data in a secure and appropriate manner and to make you feel safe and secure when using our services. We have high ethical standards and strict internal procedures to ensure that we process your personal data in the best possible way. Our data protection policy below contains the terms and conditions that apply when we process your data, and your rights when using our website.

Please do not hesitate to contact us if you have any questions or comments about our data protection policy, or if you would like to get in touch about anything else.

Who are we?

The Nordic Council of Ministers is the official forum for inter-governmental co-operation, the Nordic Council is the official forum for inter-parliamentary co-operation. The work is overseen by the Ministers for Nordic co-operation and the elected members of the Nordic Council.

As part of this work, we collect a range of data about you if you contact us.

In the other menus, we have gone into more detail about what we collect, why we collect it, what we do to protect your data, why we collect personal data and what rights you have with regard to data protection.

What is personal data?

Personal data can be many things.

It may be a name, address and telephone number. Or it may be an image file or an IP address.

Personal data means all forms of information that can be used to identify an individual. As a consequence, it is not just the single piece of information that determines whether or not it can be classed as personal.

If a number of pieces of personal information do not identify an individual on their own but do so when put together, then they can be characterised as “personal data”.

We collect personal data in several ways

We collect personal data about you in the following ways:

  • When you use our website
  • When you buy our publications online
  • When you subscribe to our newsletter
  • When you provide us with it yourself
  • If you enter into a contract with us
  • If you get in touch with us directly by e-mail etc.
  • When you take part in meetings run by us.

You can find out in the menu below why, and on what basis, we do this.

We process your data in several ways

Read about how:

We collect and use your data for specific purposes

The Nordic Council of Ministers collects your data so that it can follow up on your enquiry or deliver a specific service to you, register you for requested facilities, and so that it can forward newsletters and other information about what we do and the services we offer if you requested these.

The Nordic Council of Ministers also collects your data for use in internal statistics. Only those who request it will receive e-mails or other notifications from us, including newsletters etc. You have the opportunity to decide at any time that you no longer wish for us to contact you.

Personal data is collected for the following purposes:

1) The first category consists of data that we need in order to provide you with a service. This includes e.g. your name, address, telephone number and e-mail address, i.e. the necessary identification and contact details. 

Without this data, we cannot deliver our services. For instance, if you wish to subscribe to Nordic newsletters, you will need to consent to the processing of your data for this purpose, e.g. in the form of your e-mail address. We may also need to process data for other reasons, e.g. to fulfil the terms of a contract; or we may need to record and save certain personal data for legal reasons, e.g. to ensure that we comply with tax legislation and the Danish Bookkeeping Act.

2) The second category consists of data we would like to use to improve our services, to tailor our communications to your needs and to offer you precisely the services that you require. This includes data about your activities on our website, including IP addresses and uploading cookies onto your computer. This may be necessary to ensure that our website functions correctly. THE NORDIC COUNCIL OF MINISTERS has a separate cookie policy that is available on our website.

None of the data in category 2 is strictly speaking necessary for us to deliver our services to you. As a result, you need to provide consent for us to collect and use this type of personal data. We cannot process it without your consent. Your consent is voluntary and may be withdrawn at any time by getting in touch with us. Please see the section about personal information at the end of our data protection policy.

If we wish to use your data for a different purpose than intimated when we obtained your consent – in other words, a purpose outside the original “framework” of agreement – we will inform you of the

We delete all personal data when it is no longer needed

We perform a discretionary assessment of when we no longer require your data. Once your data is no longer required for the purpose for which we collected it, we will delete it.

We are required by law (e.g. the Danish Bookkeeping Act) to retain some personal data for a minimum of five years, e.g. data used to issue invoices, calculate and pay tax and VAT, submit tax returns, and data used for contracts.

As per the general principles of public law, other personal data collected as part of Nordic activities is filed along with the specific case in question. This will only be relevant and necessary data and it cannot be deleted once the case has been completed. Under the provisions of the Danish Archives Act, this personal data will be transferred to the Danish National Archives, and then deleted by the Nordic Council of Ministers.

We will share your data in these cases

We will not share your data with others unless:

·         it is necessary in order for us to comply with the law; or

·         you have given us your consent to do so; or

·         because we use data processors within the EU, EEA or a secure third country.

To the extent permitted by law, we are entitled to share personal data for the purposes of protecting or enforcing our rights, e.g. where relevant to prevent fraud or other criminal offences.

Your rights

This section contains details of your rights with regard to our processing of your data, including:

Right of access to your data and to be issued with a copy

You have the right to know whether or not we process your data; this includes the categories of personal data and information about the origins of the data, as well as the purposes of the processing and – if possible – the period for which your data will be saved. We issue a copy of the personal data processed on request. Please be aware that your right of access may be limited due to the need to protect other people’s data.

Right to correction or deletion of your data

You are entitled to have any incorrect data that we hold about you corrected.

You may at any time demand the deletion of the data that we hold about you. If there is no longer any reason for us to hold the data, we will delete it as soon as possible following a request from you.

If you would like the Nordic Council of Ministers to correct or erase any data that the Nordic Council of Ministers has collected about you, or if you no longer wish to receive notifications from us, you may contact us at the following e-mail address: personoplysninger@norden.org

Right to demand restrictions on processing

You are entitled at any time to ask us to restrict the processing of your data.

Right to object to processing

You are entitled at any time to ask us to restrict the processing of your data.

Right to revoke consent

You may at any time withdraw any consent that you have given us.

Right to demand information about transferring of data to countries and organisations outside the EU and EEA

You have a right to know if we share your data with a country outside the EU and EEA. For your information, we do not share personal data with countries outside the EU and EEA, with the exception of a number of data processors in the USA who are bound by the EU-USA Privacy Shield.   

Right to avoid profiling and automated decision-making

For your information, we do not use profiling or automated decision-making

If you would like more information or would like to exercise any of the above rights, please get in touch using the contact details below.

Complaints

We do everything in our power to ensure that your data is processed in a secure manner and that your rights are protected as far as possible. We also conduct regular reviews of our procedures and of how we process personal data.

In the unlikely event that you feel that we are not dealing with your enquiry and your rights in accordance with the legislation, please do not hesitate to get in touch with us – by e-mail using the heading “Klage” (”Complaint”) in the subject field.

You can write to us at personoplysninger@norden.org.

If you still feel that we are not dealing with your enquiry and your rights in accordance with the legislation, you may submit a complaint to the Danish Data Protection Agency via:

Datatilsynet (Danish Data Protection Agency) Borgergade 28 DK-1300 Copenhagen K Telephone: +45 33 19 32 00 www.datatilsynet.dk

How do we store your data?

We are committed to protecting your data, not only because it is required by law, but also because our own internal ethics rules demand that we take good care of all personal data.

We take the appropriate and proper technical and organisational security measures to ensure that there is no unauthorised access to the personal data that we hold and that it is not used, destroyed, modified, made public or misused in any other way.

This section contains details about:

Our internal rules guidelines and procedures for data security

This includes the fact that personal information is available only to the employee(s) who require(s) it. Ongoing staff training in the correct procedures for processing personal data and checks that they are complying with the rules are also part of our data security rules.

We have implemented technical (IT) measures

Our systems are protected by up-to-date technical (IT) measures.

We inform the people affected in the event of a risk of or actual breach of data security

As mentioned, we have taken a wide range of measures to keep your data secure. Should our IT systems and other security arrangements be compromised despite these measures, we will notify you without undue delay if there is any serious risk to your rights and freedoms.

Contact details

Nordic Council of Ministers Address: Ved Stranden 18, DK-1061 Copenhagen K CVR no.: 43041916 Tel.: +45 33 96 02 00 E-mail: personoplysninger@norden.org Website: www.norden.org