PRIVACY POLICY
1. DEFINITIONS
Controller – FairWind A/S with registered office in Vejle, Lysholt Allé 6, Green Tech House, CVR: 31429293
Personal Data – any information about an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person;
Policy – the following document available at: https://fairwind.com/privacy-policy/ containing information indicating to the Service User the scope and manner of processing of his/her personal data in connection with the operation of the Service, the manner of storing, securing and using the data, the possibilities and scope of the User’s use of the data, information and materials presented on the Service.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46/WE
Service – the website operated by the Controller at https://fairwind.com/
User – any natural person visiting the Website or using one or more of the services or functionalities described in the Privacy Policy.
2. DATA PROCESSING IN CONNECTION WITH USE OF THE SERVICE
In connection with the User’s use of the https://fairwind.com/ website, the Controller collects data to the extent necessary to provide the services offered, as well as information about the User’s activity on the Website. Your personal data is collected and used only with your consent. Exceptions to this rule are situations in which prior consent is not possible and data processing is permitted by law.
Providing Personal Data is voluntary, but refusal to provide data may prevent full use of the Service.
3. PURPOSES AND LEGAL BASIS OF DATA PROCESSING ON THE SITE
We collect, process, and use your personal data for the following purposes:
– Conclusion and execution of contracts – regarding recruitment process with available job openings on site
– Customer service
Your personal data will be processed based on the principles under the GDPR law:
Art. 6 par. 1(a) the data subject has consented to the processing of his/her personal data for one or more specified purposes;
Art. 6 par. 1(b) processing is necessary for the performance of a contract to which the data subject is a party, or to take action at the request of the data subject before entering into a contract;
Art. 6 par. 1(c) processing is necessary for the fulfilment of a legal obligation incumbent on the controller;
Art. 6 par. 1(d) processing is necessary to protect the vital interests of the data subject or another natural person;
Art. 6 par. 1(f) processing is necessary for the purposes of legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
4. PROCESSED PERSONAL DATA OF CUSTOMERS
4.1. Establishing contact
The information you provide to us when you make contact with us by phone, email will be stored by us pursuant to Art. 6 par. 1 (b) or art. 6 par. 1 (f) of the GDPR, for the purpose of responding to your inquiries and after-sales service. If we obtained your consent to receive commercial content when filling out the contact form, your data will be processed on the basis of Art. 6 par. 1, (a) GDPR.
Each contact will be recorded in a log so that we can prove that the contact took place as required by law.
4.2 Miscellaneous provisions
Pursuant to Article 6, par. 1 (c) and (f) of the GDPR, we use and store your personal data and, where necessary, technical information, to prevent or investigate misuse of data or other illegal behaviour on our website, e.g., to ensure data security in case of attacks on our IT systems. This may be carried out on the basis of orders from public authorities or courts of law, insofar as we are required to do so by law, as well as to protect our rights and interests and to enable a defence on our part in court.
5. MARKETING
The Controller processes Users’ personal data in order to carry out marketing activities, which may consist in:
– carrying out other activities related to direct marketing of goods and services (sending commercial information by electronic means);
LEGAL GROUNDS FOR PROCESSING PERSONAL DATA:
– for the purpose of providing the newsletter service which includes sending marketing content – the legal basis for processing is the User’s consent to receive it (Article 6 par. 1 (a) of the GDPR);
– for analytical and statistical purposes – the legal basis for processing is the User’s consent, (Article 6 par. 1 (a) GDPR) – consisting in conducting analysis of Users’ activity on the Website in order to improve the functionalities used;
– for the purpose of possible establishment and investigation of claims or defence against them – the legal basis of processing is the legitimate interest of the Administrator (Article 6 par 1(f) GDPR).
6. SOCIAL NETWORKS
The Controller processes personal data of Users visiting the Controller’s profiles maintained on social media (Facebook, Instagram, YouTube, LinkedIn). This data is processed exclusively in connection with the running of the profile, including for the purpose of informing Users about the Controller’s activities and promoting various events, services and products, as well as for the purpose of communicating with users through the functionalities available on social media. The legal basis for the Controller’s processing of personal data for this purpose is the user’s consent (Article 6 par. 1(a) of the GDPR), which the user expresses by clicking on the logo of the brand in question on the website. The user of the service must be aware that each of these portals is a separate administrator of personal data and legitimizes its own privacy policy, with which the user should become familiar before clicking on the logo of the portal at the following addresses:
Facebook: https://www.facebook.com/privacy/explanation/
YouTube: https://www.youtube.com/intl/ALL_pl/howyoutubeworks/user-settings/privacy/
LinkedIn: https://pl.linkedin.com/legal/privacy-policy
Twitter: https://twitter.com/en/privacy
7. COOKIES AND SIMILAR TECHNOLOGY
The Controller has prepared a separate policy for cookies, which can be found here.
8. PERIOD OF PERSONAL DATA PROCESSING
The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, data are processed for the duration of the service provided or the execution of the order, until:
– in the case of the conclusion of a contract until the expiration of a period of 5 years after its completion; or
– the limitation period for any claims; or
– withdrawal of the expressed consent, when the legal basis for data processing is the User’s consent; or
– raise an effective objection to data processing in cases where the legal basis for data processing is the legitimate interest of the Controller.
The period of data processing may be extended in each case when the processing is necessary to establish and assert or defend against possible claims, and after that time only in the case and to the extent required by law. After the expiration of the processing period, the data shall be irreversibly deleted or anonymized.
9. USER RIGHTS
You have the following rights under the GDPR:
– The right to access the content of personal data- in accordance with Article 15 of the GDPR
– The right to request rectification of personal data- in accordance with Article 16 of GDPR
– The right to erasure of data- in accordance with article 17 of GDPR
– The right to restrict processing – in accordance with Article 18 GDPR
– The right to data portability – in accordance with Article 20 GDPR
– The right to object to the processing – in accordance with Article 21 GDPR
– The right to lodge a complaint to the supervisory authority in charge of personal data protection, i.e. the Danish Data Council mail: dt@datatilsynet.dk
To the extent that the User’s data is processed on the basis of consent, you can withdraw it at any time.
In order to exercise your rights, you may contact the Administrator at the email address gdpr.incident@fairwind.com
10. RECIPIENTS OF DATA
In connection with the implementation of the services, personal data will be disclosed to external entities, including in particular suppliers responsible for the operation of IT systems, entities operating the BOK, entities such as banks and payment operators, entities providing accounting services, couriers. The Controller reserves the right to disclose selected information concerning the User to competent authorities or third parties who make a request for such information, relying on the relevant legal basis and in accordance with the provisions of the applicable law.
Users’ personal data may be transferred to recipients within the group for internal administrative purposes (pursuant to Article 6 par.1(f) of the GDPR).
11. TRANSFER OF DATA OUTSIDE THE EOG
The Controller does not transfer personal data obtained through the website outside the EEA.
12. SECURITY OF PERSONAL DATA
The Controller shall ensure the security of personal data through appropriate technical and organizational measures aimed at preventing unlawful processing of data and their accidental loss, destruction and damage. In addition, the Controller shall take special care to ensure that personal information is:
– correct and processed in a lawful manner,
– obtained only for specific purposes and not further processed in a manner incompatible with those purposes,
– adequate, appropriate and not redundant in relation to the purposes of their processing,
– accurate and up to date,
– not kept longer than necessary,
– securely stored
13. CONTACT INFORMATION
Contact with the Controller is possible via email address: mail@fairwind.com or mailing address: Lysholt Allé 6, Green Tech House, DK-7100 Vejle, Denmark
14. CHANGES TO THE PRIVACY POLICY
The privacy policy is continuously reviewed and updated as necessary.