In some instances we transfer your personal information to Bech-Bruun’s business partners and suppliers, such as IT suppliers, marketing agencies, providers of customer satisfaction surveys, suppliers of newsletter services, etc. These business partners solely process the personal data on behalf of Heygum Petersen Thomsen and in accordance with Heygum Petersen Thomsen’s instructions.
We may also disclose your information to external third parties if we are required to do so or if it is part of the service we provide to you. This could be to the police, the Danish tax authorities, other public authorities, Danish or foreign courts, arbitration tribunals, other law firms, counterparties in cases, or external business partners such as lecturers.
In relation to our depositing of client funds in client accounts, we are obligated to disclose the client’s identity information to the account-holding bank for its performance of the duties to which it is subject under the Money Laundering Act.
5. Third countries
Heygum Petersen Thomsen will not transfer your personal information to third countries (countries outside the EU/EEA), unless this is assesed necessary. This may be the case if we have to involve external parties, e.g. liaison lawfirms, finacial advisors, other advisors, banks, insurance companies in order to provide you with the requested legal advice. It may also be relevant to involve foreign authorities etc. Such ad hoc transfer of personal is subject to Article 49(1)(b-e) of the GDPR. In the event of transfer of personal data to other purposes, we will ensure the appropriate safeguards governing the transfer and inform you hereof.
6. Security We have high security standards, also when it comes to the protection of your personal data. Accordingly, we have a range of internal procedures and policies designed to ensure that we live up to our high security standard and thus comply with the requirements for implementation of suitable technical and organisational security measures. Thereby, we do our best to safeguard the quality and integrity of your personal data.
If you need to send us sensitive personal data, we recommend that you use encryption, such as secure email or code-protected files (Word or PDF format).
7. Storage and deletion
We will delete your personal data when we no longer need to process it for one or more of the purposes mentioned above. However, special legislation, including in the Danish Bookkeeping Act, the Danish Money Laundering Act, and the Danish Limitation Act, may entail an obligation or right for us to store such data for an extended period of time. The data may also be processed and stored for a longer period, if it is anonymised.
Personal data collected by us according to the Money Laundering Act is stored for five years after the end of the client relationship and is subsequently deleted.
8. Your rights
You are entitled to access the personal data processed about you, albeit subject to certain statutory exceptions. Furthermore, you may object to collection and further processing of your personal data. You are also entitled to have your personal data corrected or to ask us to limit the processing of your personal data.
If you make a request to this effect, we will without undue delay delete the personal data we have registered about you, unless we are entitled to keep processing the data on a different basis, for instance if such processing is necessary in order to be able to establish a legal claim, or if it is necessary in order for us to be able to respond to questions from you.
In certain circumstances you may also ask us to provide you with a copy of your personal data in a structured, generally applied and machine-readable format and request that we transfer the data to another data controller (data portability).
If our processing of your personal data is based on your consent, you may at any time revoke your consent. To do so, you need to contact us (see below). If you revoke your consent, we will cease to process your personal information, unless we are entitled or obligated to continue our processing or storage of your personal information on a different basis, including pursuant to the law. Revoking your consent does not affect the legality of the processing that took place prior to such revocation.
If you want to exercise your rights as described above, feel free to contact us at any time (see below).
In connection with inquiries concerning your rights, we ask that you provide us with adequate information to process your inquiry, including your full name and your email address, so that we may identify you and respond to your inquiry. We will respond to your inquiry as soon as possible.
Feel free to contact us if you disagree with the way in which we process your personal information or the purposes for which we process the information. You may also file a complaint with:
The Danish Data Protection Agency
Carl Jacobsens Vej 35
Telephone: + 45 33 19 32 00
9. Links to other websites, etc.
Our website has links to other websites or to integrated websites. Heygum Petersen Thomsen is not responsible for the content of the websites of other companies (third-party websites) or for the practices of such companies regarding the collection of personal data.
When you visit other websites, you should always read their policies on protection of personal information and other relevant policies.