DI Privacy Policy

Learn more about the personal data we collect, for which purposes and how we protect your data.

Data controller

The data controller responsible for the processing of your personal data is:

The Confederation of Danish Industry - DI
CBR no. 16077593
H.C. Andersens Boulevard 18
DK - 1553 Copenhagen V
Phone: +45 3377 3377
E-mail.: di@di.dk

Contact

If you have any queries regarding our processing of your personal data, please contact us by phone +45 3377 3377 or by e-mail persondata@di.dk.

Below you can see what kind of personal data DI collects, for which purposes and how we protect the data. Furthermore, you can read about your rights when DI processes your personal data.

What is personal data?

Personal data is all data about a person, who can be identified directly or indirectly. This may be details about name, position, phone number, address, e-mail address, social security number, wages, education etc.

What data does DI process – and for which purposes?

DI only collects personal data for specific and objective purposes. The type of personal data processed by DI depends on the individual purpose and your relations with DI. Below you can read more about what kind of personal data DI processes and for which purposes, depending on your relation with DI. Please note that you may have several relations with DI at the same time.

DI is a confederation of associations, affiliated companies and other bodies that together provide you with DI services and protects your interests. In the following, 'DI' is the name of this confederation,  and 'association' includes the various associations, companies and bodies. ‘Member company’ means that your company has a membership or other relations with at least one of these, and the relations described below also include your relations with them. DI has entered into agreements with these associations, affiliated companies and other bodies that govern the processing of your data. You can read more about this in the 'Recipients' section.

When you are employed at a member company

We register all our member companies in DI's membership system. If you are in contact with DI on behalf of your company, we may also have information about you.

The purpose is to assist our member company with member services, member counselling and member administration, which is relevant to you and the member company you represent.

The information that we process are contact details such as name, position, e-mail address, phone number, address and your workplace. In addition to this we process data about your relations with DI and the services we provide to you and to the company you are employed at. This may be information about participation in member meetings and events, counselling or other dialogues, e.g. an exchange of e-mails.

The legal basis for processing the data is the balancing of interests rule Article 6 (1) (f). The legitimate interests that we pursue are our interest in providing the best possible services for our member companies and to handle the administration of our memberships.

When a service is provided with the assistance of an external cooperation partner, we share your data with our partner. This may be a supplier of incentive schemes or digital solutions.

DI stores your data as long as there is an active relation between you and DI. Below you can read more about for how long we store your data.

DI performs various member administrative tasks, inter alia, in the administration of the membership itself, contingencies to DI and associations, maternity leave, pension, contracts and agreements regulated by a collective agreement, salary statistics, etc. When DI performs these tasks, personal data about you, being an employee of a member company, may be included. If no specific circumstances related to a particular relation with DI are described below, the same data about you is processed and in the same way as described above. We may pass the data on to federations, maternity funds, pension companies, foundations/schemes, Statistics Denmark or the Danish Employers’ Confederation (DA). The legal basis for this processing is also as mentioned above, supplemented by Article 6 (1) (b) of the Data Protection Regulation on the performance of a contract, and Section 12 of the Data Protection Act.

When you/your company receives legal counselling in staff matters

DI provides legal counselling for DI's member companies. This may e.g. be in connection with professional law cases, litigation, ongoing advice or collective bargaining.

For this purpose DI processes personal data of employees at the member company.

When we have a dialogue with you regarding legal counselling on staff matters, DI processes your personal data such as name, position, e-mail address, phone number, address, your workplace as well as details concerning the dialogue and e.g. any e-mail exchanges.

The legal basis for DI's processing of the data follows from Article 6 (1) (f) of the Data Protection Regulation - DI's interest being the provision of legal advice to DI's member companies.

In addition, DI processes data about employees at DI's member companies involved in the legal counselling. This may be details about name, conditions of employment, e-mail correspondence, contracts, sick leave, employment law responses, including warnings and notices of termination. The legal basis for DI's processing of the data follows from Section 12 of the Data Protection Act as well as Article 6 (1) (f) and Article 9 (2) (b) and (f) of the Data Protection Regulation.

DI is subject to confidentiality when providing legal advice in staff matters. Therefore, we do not inform employees, to whom the advice relates, that we process data about them.

Professional law cases are handled in a joint IT system with DA, which means that the data is shared with DA. The information is covered by an agreement on joint data responsibility between DI and DA.

Data concerning legal counselling in staff matters is generally kept for five years, from the end of the case, unless there is a specific need to keep the data for a longer period of time.

When you participate in an event

When you attend an event at DI, we process personal data about you for the purpose of running the event, keeping in touch with you before, during and after the event, and for the purpose of  communicating about events. Events may be conferences, courses, webinars, network meetings or member meetings and may be with physical participation or online.

For the purpose of conducting an event or a course, we process your data including details on name, position, e-mail address, phone number, address, your workplace and information about the event/course itself and your companion, if any.

We may take photos of current situations and make video recordings for our communication about the event, and these may be published, based on a case by case assessment, in publications and/or on di.dk. Online arrangements may be recorded. In case of a closed event such as a course or a network meeting, recordings will only be available to the participants, while recordings from open/public events may be published, also on the Internet, based on a case by case assessment.

The legal basis for the processing is contractual, cf. Article 6 (1) (b) of the Data Protection Regulation, if you are a party to the agreement, as the data is necessary to fulfil an agreement with you. The processing may also take place on the basis of Article 6 (1) (f), where the legitimate interest is to implement and communicate events.

Data about participants in an event or a course is shared with the other participants – including presenters – in the form of participant lists, visibility on the online meeting platform etc. If the event is held outside Industriens Hus and/or in cooperation with other organizers, we share your data with the conference venue/hotel and the co-organisers. We may share your data with our technical suppliers and in connection with online events we also share your data with the technical partners in charge of the online meeting platform and storage of recordings.

DI keeps your data for as long as there is an active relation between you and DI. Below you can read more about how long we store your data.

When you participate in a committee, a board of directors/a general meeting or a network group

DI operates a wide range of committees, boards of directors and networks, and hosts general meetings. If you participate in this type of activity, we process personal data about you for the  purposes of:

  • Managing the committee/board/network, e.g. convene meetings, send out material and charge for participation in networks (if they are not free of charge)
  • Operating a joint online platform for e.g. document sharing, communication and management of the committee/board/network
  • Managing power of attorney data in the form of authorized/received proxies
  • Conducting polls, both physically and online
  • Appointing committee and board members – both to DI's own committees/boards and to external committees/boards where DI nominates members
  • Creating visibility for members and others with relations to the committee/board at di.dk.
    Members of closed network groups, such as experience exchange networks, are only visible to the actual network on its online platform.

When you participate in one of these fora we process information about you, including details such as name, position, e-mail address, phone number, address, workplace and information about the actual committee, board, network or general meeting.

The legal basis for processing the information is the balancing rule of interests Article 6 (1) (f). The legitimate interests by DI are to offer, manage and ensure representation in relevant fora at a professional level.

Information about participants in a network/committee/board/general meeting is shared with the participants of each forum/network by way of lists of participants, in the group's online forum etc. When DI nominates members for external committees/boards, we share your data with the committee/board administrator, e.g. a vocational school, a ministry or the like. Furthermore, your data is shared with our technical suppliers.
DI keeps your data as long as there is an active relation between you and DI. Below you can read more about how long we store your data.

  • When hosting meetings and events in the context of a committee, board, etc. – including implementation of online meetings, recording of meetings, and photos and videos from meetings – personal data related to the event is processed as described in the section 'When you participate in an event.'

When you receive newsletters and other subscriptions

If you are the recipient of newsletters or subscriptions, DI processes data about you for the purpose of providing you with relevant newsletters and subscriptions.

In order to provide this service, we process details such as name, position, e-mail address, phone number, workplace and information about newsletter(s)/subscription(s).

The legal basis is Article 6 (1) (f) of the Data Protection Regulation, wherethe legitimate interests of DI are communication with stakeholders, targeting the material published, and marketing. Below you can read more about our targeting by use of profiling and marketing.

In cases where the newsletter or subscription is provided, assisted by an external or a technical  partner, we share your data with our partner – e.g. a technical supplier, a web agency, a commercial printer or a distributor.

DI keeps your data for as long as there is an active relation between you and DI. Below you can read more about how long we store your data.

When you visit di.dk

When you visit DI's website  (di.dk, including related websites, inter alia, for associations), we collect data about you by using "cookies" which collects data about your behaviour on our website.

The purpose of processing data about you in cookies is to offer a relevant and interesting website that works optimally.

Cookies contain data  about you and your use of di.dk, such as your name, contact details, workplace, the time of your visit on di.dk, which pages you have visited and for how long.

You choose which types of cookies you want to give consent to, however, we always set functionally necessary cookies. You can view and change your consent to cookies at any time, just as you can block cookies in your browser. You can manage your consent and read more about the use of cookies in DI's cookie policy.

The legal basis is therefore your consent, cf. Article 6 (1) (a). For necessary cookies, however, the legal basis is the rule of legitimate interests in Article 6 (1) (f), as DI processes this data to offer you a website that works optimally.

If you consent to cookies for marketing purposes, you also agree to our use of various social media plugins (e.g. LinkedIn and Facebook). DI and the social media provider are thus jointly responsible for the processing of your data in relation to the social media. You can find links to social media privacy policies in the cookie overview available in DI's cookie policy.

DI only shares data about your use of di.dk with the parties that appear in DI's cookie policy and with suppliers who assist DI in the development of di.dk.

Session cookies are deleted the moment you leave the web page. Permanent cookies are set for a period of time and then deleted, or deleted upon withdrawal of your consent to cookies. The periods are shown in the cookie overview, which you find in DI's cookie policy.

You can see DI's current cookie overview at DI's cookie policy by selecting 'Do you want to change your consent', and then by clicking in and viewing data about the individual cookies.

When you have a sole proprietorship and the company has a relation with DI

If you have a sole proprietorship, data about your business may also be data about you. This applies e.g. to the company's address, industry or financial conditions.

DI processes data about your company when your company is part of one of the relations with DI described above, e.g. also  if your company is a member company or a supplier to DI. The data about the company is processed in the same way and on the same legal basis as the data about you.

When you are a party in a case at Byggeriets Ankenævn or Byg Garanti

Byggeriets Ankenævn is an independent, private dispute resolution body dealing with complaints from private consumers in the construction industry. You can read more about Byggeriets Ankenævn here: https://www.byggerietsankenaevn.dk.
 
Byggeriets Ankenævn cooperates with DI on selected administrative tasks, e.g. invoicing. The professional processing and the settlement of appeals are handled solely by Byggeriets Ankenævn, which is the data controller of  the processing of your data for this purpose.
 
If your appeal has been successful and a company other than the respondent has to remedy defects, you can choose to hand the case over to BygGaranti. BygGaranti is part of DI.
 
Byggeriets Ankenævn and DI has made an agreement on joint data liability, which includes the selected administrative tasks on which DI, including BygGaranti and Byggeriets Ankenævn, cooperate.

Therefore, when you report or are a party to an appeal at Byggeriets Ankenævn, DI may process data about you for the purpose of carrying out selected administrative tasks, e.g. handle payments or fees in relations with the appeal, or for the purpose of a BygGaranti case. DI also processes data about the company complained of and other case data related to BygGaranti cases.

Data processed by DI about you, when reporting a case to Byggeriets Ankenævn, is about payments/fees and data on name, address, e-mail address, phone number and account number. If a BygGaranti case is raised, the workplace address, information about the outcome of the appeal case, the work done and  shortcomings are also mentioned. In connection with BygGaranti cases, DI furthermore processes data about the company complained against: company name, CVR number, address and contact data.

The legal basis for DI's  handling of your data in selected administrative tasks and BygGaranti cases  follows from Article 6 (1) (f) of the Data Protection Regulation on legitimate interests in order to facilitate the administrative handling of both the Byggeriets Ankenævn and the BygGaranti case.

DI may use technical suppliers with whom your data is shared.  

DI keeps your data for as long as there is an active relation between you and DI. Data on financial transactions are deleted five years after the end of the financial year. Documents related to a BygGaranti case are stored for 10 years. Below you can read more about how long we store your data.

If your company is or has been covered by the BygGaranti scheme, DI shares data with Byggeriets Ankenævn about which companies are or have been covered by BygGaranti. In addition, DI processes data about the company involved in a BygGaranti case. The legal basis for this is Article 6 (1) (b) of the Data Protection Regulation on the performance of a contract.

When you are in a dialogue with DI or have relations with DI, other than mentioned above

No matter what relations you have with DI, we may be in a dialogue with you – also in contexts different than those mentioned above. We may e.g. be in a dialogue if you have sent us an email; if you are employed at a company which is a supplier to DI; if you are a politician, a civil servant or a community debater; if you are employed at a future member company or if you are a student.

When we communicate with you, we process data about you for the purpose of providing you with the best possible service and/or making it possible to perform DI's core tasks, related to e.g. political safeguarding of interests, press coverage, analyses and cooperation with labour market stakeholders or citizens/individuals.

We also process data about you for the purpose of ensuring that our data is accurate and up to date.  For this purpose we make your data visible to you and your colleagues, e.g. name and title, on DI's  online self-service platform  'My Page'. In other communication with your company, we may also show the services provided by DI and your relation to DI in general.

For these purposes, DI processes data about you, e.g. name, title, e-mail address, phone number and workplace, as well as data about our relation – such as a dialogue about membership, answering of questionnaires, or notes from a dialogue with you and exchanged e-mails.

The legal basis for processing the data is Article 6 (1) (f). The legitimate interests that we pursue are to offer you the best possible services in your relation with DI in terms of performing DI's core tasks and ensuring correct data about you.

When a service is provided with the help of an external partner, we share your data with our partner. This may be a provider of digital solutions, an analysis agency or an organisation with which we prepare an analysis.

DI keeps your data for as long as there is an active relation between you and DI. Below you can read more about how long we store your data.

Profiling

DI uses your data for the purpose of developing, improving and spreading awareness of our services. Based on your data, we may assess which other services may be relevant to you. We can also personalize inquiries to you, such as newsletters or web pages, to make them as relevant as possible. We can do this automatically with IT tools. This means that DI can use what is called 'profiling' and 'automated decision-making'.

The data we use for profiling is data about you, e.g. your title and employment, your company's geographic location, industry and size, as well as data about the relation and the use of DI services by you, your company, or others similar to you and your company.

The legal basis for profiling is Article 6 (1) (f), as DI has a legitimate interest in providing services to our members in the most relevant and best possible way.

We only share data for profiling with our technical suppliers who e.g. assist us in the development of DI's website or with data processing.

DI keeps your data for as long as there is an active relation between you and DI. Below you can read more about how long we store your data.

Marketing

DI only sends direct marketing to you via e-mail or other electronic marketing if you have given your consent, according to the rules of the Danish Marketing Act.

At any time you can decline DI’s use of your personal data for direct marketing. To do so, contact DI at persondata@di.dk.

DI can use profiling for direct marketing. You may at any time object to DI using your personal data for profiling for direct marketing purposes. To do so, contact DI at persondata@di.dk.

DI distinguishes between marketing for a commercial purpose and member services with no commercial purpose. If you are employed at a member company, DI will periodically send you e-mails about relevant  services available to you.

Statistics

DI also processes your data for the purpose of compiling statistics/Business Intelligence. Statistical data is anonymous and data used for Business Intelligence is usually stored for five years plus the current year.

Where did we get your data?

DI's data about you are usually supplied by:

  • You
  • A colleague at your company
  • Publicly available sources, such as the CVR or the Danish Parliament’s website, or
  • Companies/reference books, collecting and reselling data, e.g. NN Business.

Recipients

We treat your data confidentially and only disclose your data to others in the specific contexts and to the categories of recipients described above.

However, DI shares your data with our associations, affiliated companies and other bodies connected with DI to ensure that you and your company receive a high level of service in all your relations with DI.

DI has made agreements with the associations, affiliated companies and other bodies connected with DI, and these agreements govern the processing of your data.

DI has made agreements on joint data liability in specific areas. For more information about these agreements, please contact DI at persondata@di.dk.

DI has also made an agreement on joint data liability with Byggeriets Kvalitetskontrol, which is a DI subsidiary. The joint data liability may apply in the above mentioned relations you may have with DI and/or Byggeriets Kvalitetskontrol. You can get more information concerning this agreement by contacting DI at persondata@di.dk.

Your data is also processed by external suppliers to DI, including data processors who assists DI in operations.

DI has subsidiaries/offices in Brazil, India, China, Russia and the United States with DI employees having access to your data. This access is regulated by specific agreements with the individual offices. You can obtain a copy of these agreements by contacting DI at persondata@di.dk.

In isolated cases DI may need to transfer data to a country outside the EU/EEA, e.g. in connection with a DI event held in a country outside the EU/EEA. In such case, DI transfers your data to this third country in accordance with Article 49 of the General Data Protection Regulation.

Storage of your data

DI stores your data for as long as there is an active relation between you and DI - e.g. if you are in constant contact with DI, receive a newsletter, participate in DI’s events or are a member of a DI committee.

If you cease to have an active relation to DI, we anonymize your data after two years. The anonymized data is used for statistics for up to six years, after which it is erased.

Data about you may also appear in case documents (e-mails, letters, telephone notes and other documents) related to DI's services and counselling. For such personal data, the storage period depends on the nature of the data and the purpose of the processing. Usually, ordinary data about you is anonymized/erased five years after the end of the case, whereas sensitive data is anonymized/erased after one year, unless special circumstances apply, such as deadlines for advisor liability or other legal obligations.

In certain cases, we store personal data for a longer period of time for archival purposes in the public interest. This could be data about DI's Management or representatives in socially relevant committees.

Data about your financial transactions, such as payment of a course, is erased after five years from the end of the fiscal year.

Your rights

You have a number of rights under the Data Protection Regulation:

Right of access
You have the right to obtain confirmationas to whether or not personal data about you  is processed by DI, and various additional information.

Right to rectification
You have the right to have incorrect data about you corrected.

Right to erasure
In certain cases, you have the right to have your data erased before DI's general deadline for erasure occurs.

Right to restriction of processing
In certain cases, you have the right to obtain restriction of the processing of your data. Where appropriate DI may, henceforth, only process data – except for storage – with your consent for the purpose of establishing, defending or asserting a legal claim, or in order to protect a person or important public interests.

Right to object
In certain instances, you may have the right to object to DI's otherwise lawful processing of your data. You may also object to the processing of your data for direct marketing.

Right to transfer data (data portability)
In some cases, you have the right to receive your data in a structured, commonly used and machine-readable format, and to have the data transferred from DI to another data controller without hindrance.

Right to withdraw your consent
You have the right to withdraw your consent at any time. To do so, contact DI at persondata@di.dk.

If you choose to withdraw your consent, it does not affect the legality of DI's processing of your data, based on your previously granted consent. Therefore, it will only take effect from the time you withdraw your consent.

Right to complain to the Danish Data Protection Agency
You have the right to complain to the Danish Data Protection Agency if you are dissatisfied with the way DI processes your data. You can find the Danish Data Protection Agency's contact data at www.datatilsynet.dk.

You can exercise your rights by contacting DI on persondata@di.dk or by tel. +45 3377 3377. This also applies if your data is covered by joint data liability agreements.

You are also welcome to contact us, if you are unsure how to exercise your rights.

DI reserves the right to change this privacy policy. This may be effected in case of significant changes in legislation, introduction of new technical solutions, new service concepts, or the like, at DI. In addition, we may adjust the text linguistically or in terms of content, as needed.

The current version of this text is available at di.dk/privatlivspolitik.

Last Updated 28.06.2021 (version 5.0)

Information about how we process your data, when applying for a position at DI, can be seen here.

Ulla Thøgersen

Ulla Thøgersen

  • Direct +45 3377 3826
  • Mobile +45 2949 4440
  • E-mail ult@di.dk
Emil Fink-Jensen

Emil Fink-Jensen

  • Direct +45 3377 3919
  • Mobile +45 5213 2396
  • E-mail emfj@di.dk

Related