Shop
Donate

Privacy and cookies

By using DFPA's websites, you accept that DFPA processes your personal data in accordance with this data policy.
Telefon

About our data policy

DFPA fully respects all requests for confidentiality of personal information submitted online, and we are aware of the need for appropriate protection and proper processing of all personal information that we receive. DFPA processes your information in accordance with the Personal Data Regulation and the requirements of the Personal Data Act.

In this policy, you can read more about how we collect, process and store your personal data. We will update this policy as needed. If you cannot accept the data policy, please refrain from using this website.

DFPA is the data controller for the processing of your information. Below you will find our contact information - you are always welcome to contact us if you have any questions about our processing of your data or if you wish to make use of your rights.

Sex & Samfund/DFPA
Lergravsvej 63, 2nd floor
2300 Copenhagen S
M: info@sexogsamfund.dk
T: 33 93 10 10
CVR no. 58185728
DFPA processes personal data on the basis of association, contract, consent and the balancing of interests rule, see more below.

What personal data do we process and what is the purpose?

As a general rule, you can visit our websites without telling us who you are or otherwise providing personal information about yourself. However, see our section on cookies.

However, DFPA needs certain personal data in order to offer you advice and deliver news and other services to you.

DFPA collects and processes information for the following purposes:

  • You are looking for a job with us
  • You are a volunteer with us
  • You are a member or contributor/donor
  • You use our teaching portals
  • You use our counseling service
  • You visit our clinic
  • You order a chlamydia home test
  • You sign up for our newsletter and marketing campaigns
  • You participate in quizzes
  • You participate in an event


DFPA only collects the personal data that are necessary to deliver the service you request.

Here you can see what data we typically collect/you give us when you use our various offers.

If you apply for a position at DFPA

  • Name, address, email, telephone number, your application and CV as well as any statements. If you do not get the position, we will delete your information no later than six months after the application round has ended. If you get the position, we will store your information as long as you are employed and as long as required by other legislation (e.g. master information in relation to the Accounting Act). Unsolicited applications are stored for up to six months.

If you are a volunteer for DFPA

  • Name, address, email and telephone number. Secondary school and grade level, Facebook account, year of birth and employment.
  • In order to ensure cooperation across the organisation, name and email will in selected cases be shared with other volunteers and employees.


If you are a member or private contributor.

  • Name, address, email and telephone number, social security number, account details, bank details and payment and donation history.

If you use our teaching portals.

  • Name, email, telephone number, unilogin, job title, name and address of the institution, grade level.

If you use our counseling services (sexlinien.dk, Privatsnak.dk) 

  • Email addresses and/or telephone numbers (optional). Gender, age and where in the country you are located.

If you use our clinic

  • Name, address, telephone number, CPR number, health information, e.g. in the form of diagnosis.

If you order a chlamydia home test

  • Name, address, date of birth, CPR no. and test answers.

If you sign up for newsletters and/or marketing campaigns

  • Newsletter: Name and email. Marketing campaigns: Name, email, address, phone number as well as we can contact you via Facebook, Instagram and other social media.

If you participate in quizzes

  • Name, email and phone number.

If you participate in an event organized by DFPA

  • When planning and running events, we as the data controller process the personal data about you that are relevant and necessary for this. The personal information is that which you yourself have given us when registering for the event.

How long do we store information?

We store your personal data as long as we have a legitimate purpose for the storage, or when we are obliged by law to store it.

Passing information on

We use a number of external companies and services that process personal data on our behalf. These are our data processors. For all our data processors, it applies that we have entered into data processing agreements that ensure that our requirements for the protection of personal data are followed. Common to these is that we only transfer data. That is, the data that we transfer belongs to us and is not used for its own purposes by the external company.

As far as possible, we use data processors located in the EU/EEA, so that personal data is not transferred to unsafe third countries. In certain cases, however, we use data processors in the USA, but only if these meet the applicable requirements according to the GDPR.

In certain cases, under legitimate interest or legal obligation, we may pass on personal data to external companies. It could be insurance companies, SKAT and the like. Common to these is that they themselves become data controllers for the personal data they receive from us, as they themselves determine the purpose etc.

Storage of data and data processors

All data collected in digital form is stored on servers in Denmark. Data sent to our servers is encrypted with an SSL connection.

Only trusted employees and technical partners, with whom a data processing agreement has been entered into, have purpose-limited access to data and only to the extent necessary to provide qualified service. Possibly. personal data sent via email is stored in the Office 365 cloud with Microsoft's current guarantees for data security.

Cookies and log files

On DFPA's website we use cookies, e.g. from Google Analytics and pixels from Facebook. We use cookies to improve website functions and for statistics. No personally identifiable information is stored in our cookies. Cookies that we use contain e.g. informations about:

  • Which pages visitors have visited and when.
  • Which IP address the visitors have.
  • Where in the country and which country visitors come from.
  • Which language the visitor's computer uses.
  • Which browser and OS visitors are using.
  • What keywords visitors have used to generate content.
  • Which page visitors come from (external and internal links).
  • Which links visitors have clicked on.

Visitors to our website indicate acceptance of these statistical cookies. If you turn off cookies in your browser, you will still be able to use our website. Instructions on how to delete or block cookies are usually found in your browser's help file.

You can read about Facebook's data policy here

Authorization and consent

In the case of general membership and voluntary work in connection with DFPA, we do not need consent to be able to process data, as the legality of the processing is related to necessary data processing for reasons of membership/affiliation with an association. The same applies if you order a chlamydia test, where the legal basis is fulfillment of a contract.

In order to be able to collect personal data for other purposes, e.g. if you are a regular contributor, use our counseling or sign up for our newsletter, we may use consent if necessary. Consent can be written or verbal, but we must be able to document that consent has been given. In most cases, this consent will take the form of a tick box on our website or during the registration process, where our IT systems will record the time and form. Consent can also be given via email or other digital communication. In connection with giving consent, you will be informed about the details, including the purpose and the revocation process.

Security

We naturally ensure that data is stored securely and discreetly. Our security measures are divided into organizational and technical measures. The organizational security measures mean that only trusted persons at DFPA with a legitimate purpose have access to your personal data. Our employees and members/volunteers are regularly guided and instructed on data security, including how they process and protect the information. The technical security measures relate to our use of IT systems for registration and administration. Our data is located securely and has the necessary level of protection. All communication (e.g. during registration and payment) via our website is protected with approved security certificates with 256-bit encryption key. Your data is backed up daily. Our internal IT systems (PCs, etc.) are further protected with passwords, updated antivirus software and firewall, and possibly physical material is stored under lock and key. When destroying or repairing IT equipment, it is ensured that information cannot become known to unauthorized persons.

Facebook page

DFPA and Facebook collect and process personal data when you visit the page https://www.facebook.com/sexogsamfund/. The purpose of the processing is to be able to market the organization to potential stakeholders.

We follow the The Danish Data Protection Agency's (Datatilsynet) applicable guidelines regarding shared data responsibility and try to ensure that visitors to our Facebook page receive information about personal data. At present, this entails, among other things, that we continuously try to enter into a dialogue with Facebook regarding the regulation of shared data responsibility and the distribution of responsibilities. As mentioned below in this policy, visitors to our Facebook pages also have the opportunity to exercise their rights, e.g. the right to access, the right to object and the right to deletion.

The processing of personal data is based on legitimate interest based on a balancing of interests. Information is not processed where consent is required.

Contact information is typically collected in the form of name. If we receive sensitive information/special categories of information, this will be deleted as soon as it comes to our attention.

The personal data provided will not be passed on outside the company.

Since the personal data provided on the Facebook pages is provided by the person himself on our publicly accessible page, the information will initially remain on the page as long as it exists. As the submitter of the information, you can always object to the balancing of interests, with a view to having any postings deleted.

We assume that Facebook makes automatic decisions and profiling on the part of the personal data for which Facebook is the data controller. We do not use automatic decisions and profiling.

Note! If you do not want your information to be processed, please refrain from visiting our Facebook page, as it is not currently possible for us to change Facebook's data collection settings.

Your rights and right of appeal

According to current legislation, everyone is guaranteed the following rights:

  1. The right to receive information about a processing of one's personal data (obligation to provide information). You basically have the right to know who is responsible for the data, what the purpose of the processing is and who receives/processes the information. This personal data policy basically contains all this information.
  2. The right to gain insight into one's personal data (right of access). You can ask to know which information we process and a possible printout or copy of the collected information.
  3. The right to have incorrect personal data rectified (the right to rectification). If you believe that information we have about you is incorrect, inaccurate or incomplete, you can ask for the information to be rectified.
  4. The right to have your personal data deleted (the right to be forgotten). If you believe that the information we have about you is not necessary in relation to the purpose for which it was originally collected, you can ask to have the information deleted. Please note, however, that we have the duty and the right to store certain personal data in order to comply with the rules in the legislation.
  5. The right to move your personal data (data portability). You basically have the right to receive information about yourself in a structured, commonly used and machine-readable format, and you have the right to transfer this information to another company.
  6. The right to object. You have the right to object to personal data being used for e.g. direct marketing and profiling. However, we do not use profiling, and possibly marketing will always be linked to an explicit consent.

When contacting us regarding one of the above points (insight, rectification, deletion, etc.) no later than one month after a message about what we do with the inquiry. If, for example, you ask to have your information corrected or deleted, we will normally check whether all conditions are met, including whether there is legal authority for continued processing of data. If we consider that the objection is justified, we will ensure that the request is granted. Use the contact information as stated at the top of this policy.

You have the right to lodge a complaint with the Danish Data Protection Authority if you are dissatisfied with the way we process your personal data. You will find The Danish Data Protection Agency's contact information at www.datatilsynet.dk.

/This policy was last updated: January 5, 2021