Privacy Policy

STARK Group take the obligation to process personal data in an orderly and secure manner very seriously. The protection of personal data and the rights and integrity of individuals is of paramount importance to the STARK Group.

This Privacy Policy sets out how the STARK Group processes and protects personal data.

Compliance throughout the whole group

It is important to the STARK Group that personal data is processed in accordance with applicable data protection legislation at all times.

STARK Group has committed itself to the adherence of this Privacy Policy and will apply any additional data privacy policies and procedures issued separately by STARK Group to ensure compliance with this Policy.

Personal data and application

The term personal data covers any information relating to an identified or identifiable natural person. Such information may be information on name, contact information, payroll information etc.

This Privacy Policy applies to all personal data regardless of the media on which the data is stored or whether it relates to past or present employees, customers, supplier contacts, shareholders, website users or any other data subject.

The general principles applied

To ensure a high standard for processing personal data, the STARK Group will adhere to the following general principles in relation to the processing of personal data:

Lawfulness and fairness

Personal data will be processed in a lawful and fair manner and in accordance with the data subjects’ rights.

Purpose limitation

Personal data will only be collected for specified, explicit and legitimate purposes. Further, personal data will solely be used for the purposes for which the data was originally collected.

Transparency

When collecting personal data from data subjects or via third parties, it will be ensured that the data subject(s) in question will be provided with the information required by applicable law. Furthermore, data subjects are at all times entitled to request information on what personal data is collected about them.

Data minimisation

Any personal data shall be adequate, relevant and limited to what is necessary for relation to the purposes for which they are processed.

Accuracy

Any personal data processed shall be accurate and, where necessary, kept up to date.

Storage limitation and retention

Personal data will only be processed in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are collected and processed. STARK Group have in place retention procedures and policies to ensure personal data is deleted in a correct manner.

Confidentiality

Any personal data that is processed is regarded as confidential information. STARK Group undertakes confidentiality by ensuring its employees are aware of the confidential nature of personal data and by educating its employees on how personal data may be processed.

Accountability

STARK Group have implemented the processes and procedures necessary to demonstrate compliance with the applicable data protection legislation.

High security standards

STARK Group have in place technical and organisational security measures to protect personal data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure, abuse or other processing in violation of applicable law.

Personal Data must only be transferred to a third party who has adequate technical and organizational security measures in place to protect personal data.

The transfer of data

STARK Group will only transfer personal data to a country not governed by the EU/EEA data protection rules provided appropriate and documented safeguards are in place.

The use of data processors and joint controllers

STARK Group sets a high standard for the processing obligations of suppliers. Therefore, STARK Group will assess the supplier to ensure the supplier can ensure compliance and must ensure that all required data processing agreements are in place with any processors and/or sub-processors used.

If STARK Group enters into a new contract with a supplier that will be processing personal data jointly with STARK Group a joint processing agreement must be entered into with the supplier determining their respective responsibilities for compliance with applicable data protection legislation.

Data subject rights

STARK Group is committed to accommodating request from a data subject that wants to use his or her rights. If you wish to exercise your rights, please contact us at dataprotection(at)starkgroup.dk

Data protection incidents (personal data breach)

In the event STARK Group identify processing of personal data has been compromised or is likely to be compromised, or there in any other way has been an unauthorised or accidental disclosure of or access to personal data, STARK Group will immediately take action and assess if a supervisory authority or the affected data subjects must be notified in accordance with applicable law.

Furthermore, STARK Group has in place specific procedures for how to handle a personal data breach incident, including how to notify the supervisory authorities, as well as relevant service continuity plans.

Data Protection Manager

To ensure compliance with data protection regulation, STARK Group has appointed a Data Protection Manager.

The Data Protection Manager oversees compliance with data protection rules and handles all questions with respect to personal data. The Data Protection Manager can be contacted at dataprotection(at)starkgroup.dk

Right to appeal

If you wish to complain about the processing of your personal information, please contact us at dataprotection(at)starkgroup.dk.

We recommend that you contact the Danish Data Protection Agency (Datatilsynet) if you are dissatisfied with our handling of your complaint. The Danish Data Protection Agency's contact information can be found here: https://www.datatilsynet.dk/kontakt/

Carl Jacobsens Vej 35, 2500 Valby, Tel. 3319 3200