Privacy policy

Privacy policy

Privacy Policy for ‘Advice A/S’ and ‘Forte Advice Aps’

Here you can read how ‘Advice A/S’ and ‘Forte Advice APS’ (hereafter ‘we’, ‘our’ and ‘us’) handle personal data. Personal data is all kinds of information that can be attributed to you as a person and that is collected when you visit our website, register for events, collaborate with us, or when we carry out projects within analysis and marketing on behalf of our corporate customers.

Data Controller, Joint Data Controller and Data Processor

‘Advice A/S’ and ‘Forte Advice APS’ are jointly owned companies which means that a lot of the data processing is done as ‘joint controllers’. In some cases, each company is independent data controller and in other cases we may act as data processor on behalf of our customers. Together we ensure that the processing of personal data takes place in accordance with the legislation and when we act as a data processor on behalf of our customers, in addition to the legislation, we will always be subject to a written data processor agreement that describes how we protect personal data.

Our Contact Details are

ADVICE, Ledelses- & Kommunikationsrådgivning A/S
VAT no.: DK20212209

Gammel Kongevej 3E, 4.
1610 Copenhagen V

+45 33 42 21 00
connect@adviceas.dk

Forte Advice APS
VAT no.: DK43513893

Gammel Kongevej 3E, 4.
1610 Copenhagen V

+45 33 42 21 00
connect@forteadvice.com

We May Process Data on You in the Following Situations

WHEN YOU VISIT OUR WEBSITE

  • Purpose: When you visit one of our websites ‘adviceagency.com’ or ‘forteadvice.com’, we collect and process information about your visit, with the purpose of statistics, marketing and website enhancements.
  • What do we collect: We collect your IP address along with other potential digital identifiers. We also collect information about your behavior on our sites, along with which device you used. We may also collect direct identifiers such as name, address, email, phone etc., if you fill out a form or sign up for our newsletter.
  • Legal basis: We mainly process your data based on consent (GDPR art. 6-1-a) collected along with your consent for cookies. We may also process your data based on our legitimate interest (GDPR art. 6-1-f).
  • Data source: We only collect information you give to us, either directly or indirectly through your actions on the websites.
  • Data recipients: If you consent to it, we will share your data with our online collaborators:
    • LinkedIn
    • Google Analytics
    • Hubspot
    • Matomo
    • DreamData
  • Third country transfers: We generally commit ourselves to store and process data within EU/EØS, however when you visit our websites your data may be transferred to the following companies outside EU/EØS:
    • LinkedIn (USA)
    • Google Analytics (USA)
  • Data retention: Currently we can not say specifically when we will delete your data from our systems, but we always try to minimize the storage time and delete as soon as our purpose for processing is reached.

WHEN YOU ARE A CUSTOMER, SUPPLIER OR OTHER COLLABORATOR

  • Purpose: As a natural purpose of doing business, we will have conversations using digital channels and systems, thereby processing your personal data.
  • What do we collect: We may collect general contact information along with other relevant business information. We will not collect and store any confidential or sensitive data.
  • Legal basis: We mainly process your data based on our legitimate interest (GDPR art. 6-1-f).
  • Data source: We mainly collect information you give to us, either directly or indirectly through our communication. We may also collect information from public websites and the like.
  • Data recipients: Your data is not shared with any third party
  • Third country transfers: We generally commit ourselves to store and process data within EU/EØS, however we cannot exclude that data may be stored outside EU/EØS, as we use online business tools from companies residing in USA.
  • Data retention: Currently we cannot say specifically when we will delete your data from our systems, but we always try to minimize the storage time and delete as soon as our purpose for processing is reached.

WHEN YOU SIGN UP FOR OUR NEWSLETTER OR WHEN YOU PARTICIPATE IN AN EVENT

  • Purpose: When you sign-up to receive newsletters or sign-up for events, we collect and process information about you. The purpose is to be able to send you newsletters or run events safely, and to be able to adapt content and future events for the purpose of our marketing to you.
  • What do we collect: We may collect general contact information along with other relevant business information. We will not collect and store any confidential or sensitive data.
  • Legal basis: When you sign-up for a newsletter, we process your data based on your consent (GDPR art. 6-1-a). When you sign-up an event, we process your data based on the accepted terms for the event (GDPR art. 6-1-b) as well as our legitimate interest (GDPR art. 6-1-f).
  • Data source: We collect information you give to us, either directly or indirectly through our communication.
  • Data recipients: We use web-based services such as HubSpot and Google to handle registration flows and perform analytics.
  • Third country transfers: Data from HubSpot is stored on servers within the EU. Regarding data from Google we have taken measures to anonymize and limit the transfer of data.
  • Data retention: Currently we cannot say specifically when we will delete your data from our systems, but we always try to minimize the storage time and delete as soon as our purpose for processing is reached.

WHEN YOU APPLY FOR A JOB

  • Purpose: If you apply for a job with us, personal data provided by you will be processed in order to assess and respond to your application.
  • What do we collect:
    • Name
    • Title
    • Email
    • Job history
    • Education course
    • Your application/CV
    • Your public LinkedIn profile
    • Previous references (only with your specific consent)
  • Legal basis: We process your data based on our legitimate interest (GDPR art. 6-1-f).
  • Data source: We mainly store and process information you send to us. Secondly, we may gather further information from public media such as LinkedIn.
  • Data recipients: Your data is not shared with third party.
  • Third country transfers: Data is not transferred to third country
  • Data retention: If you are not employed with Advice, your application is saved for up to six months for the purpose of documentation of the recruitment process, whereafter it is deleted.

WHEN WE ACT AS DATA PROCESSOR

When we act as data processor on behalf of our business customers, we only process personal data that the data controller has a legal right to use and that we are instructed to handle, which is documented in a data processing agreement.

Your Rights

You have the right to gain insight into which personal data we process about you, and you have the right ask to have your data delivered to you.

  • You have the right to object to the processing of your data.
  • You have the right to have your data corrected and updated.
  • You have the right to have your data deleted. If you request to have your personal data deleted, we will delete all data that we are not legally required or allowed to store.
  • If the processing of your personal data is based on your consent, you have the right to withdraw the consent at any time, which means that processing will then cease, unless we are required by law to continue to process your personal data.

Security

We protect your personal data in the following way:

We have adopted policies for IT security, and our employees are continuously informed and trained in secure processing of data.
We have established procedures for granting access rights to those of our employees who process personal data.
Our IT systems generally have a high level of security through, among other things, firewall, encryption, and device protection, and we continuously adapt to the current national risk assessment. Systems operation and any attacks from hackers or viruses are continuously monitored. We control the employees' actual access through logging and review thereof.

We have drawn up a contingency plan for serious operational disruptions, which includes objectives for re-establishing normal operations in the event of errors, breakdowns, loss of data, or the like.

In the event of a security breach that results in a high risk to you of discrimination, ID theft, financial loss, loss of reputation, or other significant disadvantages, we will notify you of the security breach as soon as possible.

Appellate Body

You have the right to complain about our processing of personal data about you to the Danish Data Protection Authority (‘Datatilsynet’). See more information here on datatilsynet.dk.