Privacy policy

Purpose of policy

The purpose of this privacy policy is to make you aware of how Credin A/S ("we", "us") process your personal data. With this policy, we want to make you aware of what information is collected and processed and how long it is stored. The privacy policy regulates the processing of personal data by Credin A/S in connection with trading, interaction, or other exchange of personal data with us.

Description of the treatments

Credin A/S processes your data for one or more specific purposes and in accordance with the data protection rules. For example, we process your data if you are a customer, guest, business partner, supplier, visit our website or our social media, or apply for a job with us. The data will generally come directly from you, and we only process your data for as long as it is necessary for the purpose for which it was collected. However, the data may also be processed and stored longer in anonymised form.

Below you can get an overview of the different types of treatments we provide.

1.1. Customer relationships

In connection with the sale of ingredients, non-food and bakery solutions to business customers, we process information about you as a contact person at our business customer in order to enter into and fulfil an agreement with the customer, cf. GDPR article 6(1)(b). This information includes contact details such as name, job title, company name, email, and phone number as well as purchase history.
We delete the data on an ongoing basis, but no later than 5 years plus the current financial year after the end of the customer relationship.

1.2. Visitors

If you visit us at our locations, we will register your visit and process your personal data. We process the data to be able to manage which guests visit our company. The processing is based on our legitimate interest in managing our guests for security reasons, cf. GDPR article 6(1)(f). The data we process will typically be name and company name.

We delete the information collected during your visit on an ongoing basis, but no later than 1 month after registration.

1.3. Cookies and website

In connection with the general operation of our website, we collect personal data about you via cookies to improve the website's output and user experience and to compile statistics. The information we collect via cookies includes your IP address, browser type, device (type, version, operating system, etc.) and user behaviour, including page views.

We only collect your data if you have given your consent cf. GDPR art. 6(1)(a). You can withdraw your consent at any time. Read more about this in our cookie declaration, which is part of our cookie banner on our website.

1.4. Social media

We use certain social media platforms, such as LinkedIn, to connect with our customers and potential customers and to promote our marketing. If you have "liked" our fan page on the social media or have been in contact with us through this, we will process your personal data. For this purpose, we only process information about your name and email.

If you contact us via social media, we process your personal data based on our interest in being able to contact you and respond to your enquiries, cf. GDPR art. 6(1)(f). The data will originate from you and the social media through which you contact us.

We have a so-called joint data responsibility with the social media we use, as we both process your personal data for our own purposes.

You can read more about LinkedIn's processing of your personal data here and about joint data responsibility here.

Data processed in connection with social media that relates to direct communication via social media will be deleted immediately.

1.5. Job applicants

If you apply for a job with us, we process your personal data to assess whether you are qualified for an existing or future position with us. We process the information you provide us with, including name, phone number, email, address, photo, application, CV, information about competences, work and educational background and references.

We process your data to enter into an agreement with you for employment based on your request for our processing of the application, cf. GDPR art. 6(1)(b). We also process data in cases where we consider that our interests in processing your personal data outweigh your interests in not processing them, e.g., data collected from social media published by you or data obtained through the completion of a personality and proficiency test, cf. GDPR art. 6(1)(f).

We share your personal data with the employees involved in the recruitment process and pass on your personal data to the companies conducting the personality or proficiency test and any recruitment company.

If we wish to store your data beyond the recruitment period, we will obtain your consent.

Information about applicants who were not offered the position may be stored for up to 3 years after receipt of application.

1.6. Suppliers, and collaborators

When we enter into agreements with suppliers and business partners, we process information about their contact persons. This includes information about the name of the contact person, job title, company name, telephone number, email and, if necessary, payment information.

The data is processed either because it is necessary for the fulfilment of the agreement with the supplier or business partner in question, cf. GDPR Art. 6(1)(b), or because we have a legitimate interest in processing the contact details of the person in question as part of the agreement to ensure a good working relationship, cf. GDPR Art. 6(1)(f).

We store relevant contact information as part of our collaboration with you. Written correspondence is deleted continuously, and information required to comply with the Danish Bookkeeping Act is stored for the current accounting year plus 5 years.

1.7. Next of kin contacts

We collect information about our employees' closest contacts. We do this to be able to communicate with relevant relatives in the event of an emergency with one of our employees.

We process your personal data on the basis of our legitimate interest in being able to inform you of the employee's emergency situation so that you can take action, cf. GDPR art. 6(1)(f).

We store the data of next of kin for the duration of employment. Information is deleted continuously when the employee relationship is terminated. You or the relevant employee may contact us at any time to have the information deleted by sending us an email to info@credin.dk

Recipients of personal data

We process your personal data with confidentiality, and we generally do not disclose your information with third parties. However, we may further disclose your personal data if you have given your consent hereto or if we have a legitimate interest in the disclosure.

We may entrust your personal data to our system suppliers who process personal data on our behalf and according to our specific instructions in accordance with the data processing agreements we have entered.

In some cases, we use data processors outside the EU/EEA in which a transfer to a third country occurs, e.g., in connection with the use of cloud services. In this case, we have made sure that a legal transfer basis has been prepared (for instance the use of EU-U.S. Data Privacy Framework or EU Commission Standard Contractual Clauses (SCC’s)). The transfer takes place only in compliance with the necessary security guarantees as required by applicable data protection legislation and an individual assessment is always made regarding the need for additional measures. You can contact info@credin.dk for information on the specific legal transfer basis in this connection.

Your rights

When we collect information about you, you have several fundamental rights in the personal data regulations that you can use. Your rights include the right to request access to and rectification or erasure of your personal data, restriction and objection to our processing, and the right to receive your data in a structured, commonly used, and machine-readable format (data portability).

The above-mentioned rights may be associated with conditions and restrictions. Whether you as a data subject can request for example getting your personal data deleted will in any case depend on a concrete assessment.

If you have consented to our processing of your information, you have the right to revoke this consent at any time.

If you are dissatisfied with our processing of your personal data, you may file a complaint with the Danish Data Protection Agency via their website www.datatilsynet.dk/english or by calling at +45 33 19 32 00.

Contact details

The company responsible for the processing of your personal data is:

 
Credin A/S 
CVR.nr.: 26447003
Palsgaardvej 12
7130 Juelsminde
E-mail: info@credin.dk
Phone: +45 72 24 30 00

We have appointed Karen Margrethe Gadager Kring as personal data coordinator. If you have any questions regarding our processing of your personal data, please contact Karen Margrethe Gadager Kring at info@credin.dk or by phone +45 72 24 30 00.

Revisions

We reserve the right to update and change this Privacy Policy at any time. In the event of significant changes, we will contact you by email or visible notice on our website.

This privacy policy was last modified on 19 September 2023.