Welcome to IDA, the Danish Society of Engineers' Data protection and processing of personal data at IDA - (updated March 8 2019)
Data protection and processing of personal data at IDA
Read more about how IDA processes your personal data to improve the Society and provide better services for visitors and members.
IDA takes protection of your personal data very seriously, and we continuously try to maintain a balance between developing the Society, improving members' networking opportunities, and protecting the individual's right to privacy. We hope that you will spend some time on getting to know our work, and if you have any questions, you are welcome to contact our data protection officer at firstname.lastname@example.org.
As a member of IDA and/or when using IDA services, you entrust your data with us. This page will help you understand what data we collect, why we collect it, what we use it for and what rights you have. This information is important, so we hope that you will take the time to read it. Remember that you can find settings for administration of your data and adjust your preferences on https://mit.ida.dk.
As a member of IDA, you are subject to the Law and Statutes of the Danish Society of Engineers, IDA, on the basis of which IDA acts, and which all members accept when becoming a member of IDA. See them here: https: //ida.dk/om-ida/organisation/idas-politiske-opbygning/idas-love-og-vedtaegter/
When using our services, you should know how we use data, and how you yourself can help decide how we use it.
You can use our services in many different ways: you can be a member of the Society, use our website or apps, sign up for newsletters, participate in our events, communicate with others in our forums or communicate with us electronically or via the phone. When you share data with us, for example in connection with the above, we can make our services even better by presenting you with more relevant information from IDA such as career counselling, events, analyses and news, and we can introduce you to more relevant offers from our partners.
Transparency and free choice
As people, we all have different opinions on how our personal data should be used. Our goal at IDA is to be absolutely clear about what data we collect, so you can make an informed decision on how your data can be used.
On https://mit.ida.dk, you can update your profile and we have plans for a function that allows you to adjust your settings for how your data can be used. We are constantly striving to make https://mit.ida.dk more relevant and to give you control of your personal data.
You can also make your browser block all cookies, also cookies linked to our services, or indicate when a cookie has been saved by us. However, it is important to remember that many of our services may not work optimally if you deactivate cookies.
IDA primarily processes personal data on our own servers in a co-location data centre in Denmark, but we also use cloud services. For instance, our employees use Microsoft Exchange Online email, where data centres are located in Ireland.
About the General Data Protection Regulation
According to Articles 13 and 14 of the General Data Protection Regulation, we must provide certain information when receiving data from you as well as data about you from third parties.
The information we must provide for you:
1. We are the data controller – how can you contact us?
2. The contact details of the data protection officer
3. The purposes and legal basis for the processing your personal data
4. The categories of personal data
5. The recipients or categories of recipients
6. Transfer to recipients in third countries, including international organisations
7. Where your personal data comes from
8. Storage of your personal data
9. Automated decision-making, including profiling
10. The right to withdraw consent
11. Your rights
12. Complaints to the Danish Data Protection Agency
We are the data controller – how can you contact us?
IDA is the data controller for processing the personal data that we have received about you.
The Danish Society of Engineers, IDA
Kalvebod Brygge 31-33
1780 Copenhagen V, Denmark
CVR number (business registration number): 21465216
Tel.: +45 33 18 48 48
Write us on: https://english.ida.dk/contact-ida
The contact details of the data protection officer
If you have any questions as to how we process your data, you are welcome to contact our data protection officer via email at email@example.com
The purposes, legal basis and legitimate interests for processing your personal data
We process your personal data for the following:
The categories of personal data
We process the following categories of personal data on you:
Data concerning health in connection with any cases in which you receive our legal assistance.
The recipients or categories of recipients
We disclose or transmit your personal data to the following recipients:
• To partners as necessary in order to provide the services you have ordered, for example so you can receive our trade magazine Ingeniøren.
• To IDA Insurance as necessary on the basis of your explicit consent if you want to take out insurance through IDA Insurance.
• To other participants in social events via the list of participants to the extent that this is stated in the enrolment form for the event.
• For legal reasons
We disclose personal data if, in good faith, we believe that this is necessary in order to:
o Comply with relevant laws, provisions, legal proceedings or valid requests from public authorities.
o Enforce current service conditions, including investigation of potential violations.
o Register, prevent, or in any other ways guard against problems concerning fraud or security, or technical problems.
o Indemnify IDA, our members or the public's rights, property or safety as required by or permitted by legislation.
Transfer data to recipients in third countries, including international organisations
In some cases, we will transfer some of your personal data to recipients outside the EU and the EEA.
• Google LLC, which is located in the US, for the services that use Google integration.
• LinkedIn Corp, which is located in the US, for the services that use LinkedIn integration.
• Facebook Inc., which is located in the US, for the services that use Facebook integration.
Note that the European Commission has made a decision regarding the adequate level of data protection, as companies are subject to the Privacy Shield framework. For more information: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
Where your personal data comes from
• The Danish national register (the Central Office of Civil Registration (the CPR Office)), if we have your consent to process your civil registration number as a unique identification.
Storage of your personal data
We are currently not able to say how long we will store your personal data. However, we can inform you that we will consider whether you are a member, a non-member or a previous member as well as whether it is still necessary to store your personal data for processing purposes when determining how long your data will be stored.
For example, if you are no longer a member, our system will automatically anonymise/erase your data five years after the last activity, provided there has been no other contact requiring continued storage of your personal data.
Automated decision-making, including profiling
We use automated decision-making, including profiling, to provide our members and users with the service requested and better services. This includes matching the most relevant IDA events for you on the basis of your interests, and more complicated things such as whether you would benefit from our career counselling, the offers you find most relevant, and the most relevant measures for our members within specific industries and sectors.
The right to withdraw consent
You have the right to withdraw your consent at any time. You can do this by contacting us using the contact details above and at the bottom of every newsletter and on your profile page on https://mit.ida.dk.
Withdrawing your consent will not affect the lawfulness of our processing of your data based on your previous consent and up to the time of withdrawal. Withdrawing your consent will therefore only take effect from this date.
According to the General Data Protection Regulation, you have a number of rights regarding our processing of your personal data:
Please contact us to exercise your rights.
Right to access data (right of access)
You have the right to access your data that we process, as well as a number of additional data.
Right to rectification (correction)
You have the right to have inaccurate data concerning you rectified.
Right to erasure
In exceptional circumstances, you have the right to have your personal data erased before the time of our general erasure process.
Right to restriction of processing
In some cases, you have the right to have our processing of your personal data restricted. If you are entitled to restriction of processing, we may – with the exception of storage – only process your data with your consent, or to establish, exercise or defend legal claims or to protect the rights of another person or for reasons of important public interest.
Right to object
In some cases, you have the right to object to our processing or lawful processing of your personal data. You can also object to processing of your personal data for direct marketing purposes.
Right to transmit data (data portability)
In some cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format, and you have the right to transmit those data from one data controller to another without hindrance.
You can read more about your rights in the Danish Data Protection Agency guidelines on the data subject's rights on www.datatilsynet.dk.
You have the right to lodge a complaint with the Danish Data Protection Agency if you are not satisfied with the way in which we process your personal data. You can find the contact details of the Danish Data Protection Agency on www.datatilsynet.dk.
You are also welcome to contact our data protection officer directly on firstname.lastname@example.org if you are not satisfied with how we process your personal data or you have questions or suggestions to improve our processing.