Data Protection Notice

Privacy policy

Visit Middelfart, company registration number (CVR) 44827913, is the data controller for the data that we collect about you. We also ensure that your personal data is processed in full observance of the law. 
We take your data protection seriously and have therefore adopted the following privacy policy, which tells you all about how we process your data.
Contact details
If you wish to contact us about our processing of your personal data, you can do so at: 
Nygade 2, DK-5500 Middelfart
info@lilllebaeltwaters.dk or by calling (+45) 8832 5959

Processing of personal data

Personal data means any kind of information that is traceable or attributable to you in one way or another. In the event that you do not want us to process this data, it may be problematic with regard to maintaining and accommodating any agreements or contracts you may have concluded with us.

Members
To have one of our memberships, we have to collect the following personal data about you: 

• Name (first name and surname)
• Address
• Telephone number
• Email
• Company registration number (CVR)

Personal data about customers is collected and used for the following purposes: 

• Potential future collaboration or purchase transaction
• Administration of your relationship with us
• Processing of orders via our booking portal

Data is stored for the period that is permitted by law and we delete it when it is no longer required. This period depends on the nature of the data and the basis for its storage. Data about customers will typically be deleted

• at the end of the tourism year – data is deleted at the start of the following calendar year.

Suppliers and partners
If you are to be one of our suppliers and/or partners, we have to collect the following personal data about you:

• Name (first name and surname)
• Address
• Telephone number
• Email
• Company registration number (CVR)

Personal data about suppliers and partners is collected and used for the following purposes: 

• Processing of our purchases/services
• Administration of your relationship with us

Data is stored for the period that is permitted by law and we delete it when it is no longer required. This period depends on the nature of the data and the basis for its storage. Data about customers will typically be deleted

• at the end of the tourism year – data is deleted at the start of the following calendar year.

Job applicants
When we receive applications and attached paperwork, the material we have received is read by the appropriate manager or executive so they can respond to and assess their content with regard to a specified job vacancy. Our legal basis for processing your application is based on a consideration of priorities. 
Applications and attachments are shared internally with relevant people who are part of the recruitment process. They are not disseminated to parties external to the company. 
Applications and their attachments are stored until we have found the right candidate and the recruitment process has been concluded. Applications and attachments are then deleted.
When we receive unsolicited applications, we store the application and attachments for a maximum period of six months, after which they are deleted.
If we would like to store an application and its attachments for a longer period of time than six months, we will ask the applicant for specific permission to do so. 

Your consent is voluntary and you may withdraw it at any time by contacting us. Please use the above contact details if you require further information.

Other information about processing

Security
We have implemented technical and organisational measures to prevent your data from being accidentally or illegally deleted, published, lost, deteriorated, disclosed to unauthorised parties, misused or otherwise processed in contravention of the law.

Minimising data
We only collect, process and store personal data that is necessary to fulfil our pre-defined purpose as a company. There may also be legal requirements about the types of data that we are required to collect and store for our business operations. The type and scope of personal data that we process may also be determined by our need to fulfil a contract or other legal obligations.  

Data is updated
Because our services depend on data that is both correct and up-to-date, we request that you inform us of any relevant changes to your data. Use the above contact details to inform us of your changes and we will then make sure that your personal data is updated. If we become aware that data is incorrect, we will update it and give you notification of the changes. 

Disclosure of data
We use various third parties to store and process data, including providers of IT solutions: Zoho, DanDomian, Bellcom, VisitDenmark, Active Window, Facebook, Instagram, LinkedIn, Microsoft, Drupal. These parties only process data on our behalf and may not use it for their own purposes. When relevant, data is disseminated to: Zoho, DanDomian, Bellcom, VisitDenmark, Face-book, Instagram, LinkedIn and Microsoft.

We only use data processors from within the EU or from other countries where your data can be adequately protected. Data processors from countries outside the EU that we use are Google (for data that is collected using cookies) and Facebook (data from our Facebook page), which is a member of US Privacy Shield. 

Your rights

• You are entitled  to be informed at any time about what data we process about you, its origin and the purposes for which we use it. You are also entitled to be informed how long we store your personal data and of any recipients of data that concerns you if we pass on data within Denmark and abroad.
• If you so request, we can inform you about the data we process about you. Access can be limited, however, to take into account the privacy protection of other individuals, business secrets and intellectual property rights.
• If you believe that the personal data that we process about you is inaccurate, you have the right to have it corrected. You should contact us and inform us about what these inaccuracies are and how they should be corrected. 
• In certain cases, we will be under an obligation to delete your personal data. One such example might be your withdrawal of consent. If you believe that we no longer require your data in relation to the purpose for which we collected it, you can ask to have it deleted. You can also contact us if you believe that your personal data will be processed in breach of the law or contrary to other legal obligations.
• You have the option to submit a complaint to the Danish Data Protection Agency.
• When you contact us with a request that we correct or delete your personal data, we will check that any required conditions are satisfied and, if so, will implement the changes or deletions as quickly as possible.
• You have the right to raise objections against our processing of your personal data. You may also object to our dissemination of your data for marketing purposes. You can use the contact details at the top of this page to submit your objection. If your objection is justified, we will ensure that the processing of your personal data is ceased. 
• You are entitled to exercise your right to data portability in the event that you want to transfer your data to another data controller or data processor.
• We will delete your personal data at our own initiative when we no longer require it for the purpose for which it was collected.

When you contact us with a request that we correct or delete your personal data, we will check that any required conditions are satisfied and, if so, will implement the changes or deletions as quickly as possible.

You can exercise your rights by contacting us. Our contact details can be found at the top of this page.