1. Background and definitions
As your privacy is important to us, PIF International ApS (”PIF”) has prepared this Statement of Privacy and Security to give you a better understanding of how PIF, register no. 38 93 28 96 uses and protects personal information collected when you access and use the PIF-App.
Personal information means data, which can be used to identify or contact an individual (“the Data Subject”). PIF is an intermediary in relation to the products and services, which are offered via the PIF-App. You will be asked to provide PIF with your personal data when you are in contact with PIF.
This Statement is based on the EU Data Protection Regulation, which takes effect in Denmark from May 25, 2018, as well as the new Danish Data Protection Act (the “Data Protection Legislation”).
This Statement provides you information on the personal data that is collected, including how the data is processed, what the data is used for, who has access to the data and whom you can contact if you have any questions or protests regarding the collected data.
2. Personal data
You will be asked to provide PIF with your personal data when you access or use the PIF-App. It is primary data such as:
Obligatory (Minimum to use the app):
- Phone Number
- Relationship status
The collected personal data is used to identify you as well as to provide the products and services, which are offered via the PIF-App. Furthermore, is you consent to such use the personal data may be used for marketing purposes.
All collected personal data is placed on our dedicated server located within the EU.
You can find more detailed security measures in section “9. Collection of personal data”.
3. Storage of personal data
How long your personal data is stored depends on how long your agreement with the PIF consists.
When you purchase products and services via the PIF-App, we need your personal data as documentation until the products and services are paid and delivered, any cancellation period has expired and the deadline for payments has expired.
In accordance with the current legislation, your personal data will be stored for a period of 5 years calculated from the end of the financial year to which the material relates, provided the material relates to accounting documentation/information. E.g. if the agreement between you and PIF has expired in December 2018 and the fiscal year follows the calendar year, we are required to keep the information until the end of 2023.
When the personal data is no longer relevant and PIF is no longer obligated to keep the data, all personal data concerning you will be deleted.
4. Use of personal data
We ask you to provide PIF with your personal data in order to complete the agreement between PIF and you in relation to the products and services offered via the PIF-App, including general customer administration.
Prior to any disclosure of your personal data to any collaborators, we will obtain your consent.
Further disclosure of your personal data is only permitted if allowed by applicable legislation.
5. Purchase of Products
It is possible to purchase products and services via the PIF-App. In this regard, you can register your payment card using your PIF-Account. This enables you to purchase products and services via the PIF-App without typing your payment card information more than once.
The submitted payment information, including credit card information, is collected and handled by Epay, a third party selected by PIF and not collected or handled by PIF. Accordingly, PIF has no access to your payment card information. You can find their terms & conditions here: http://www.epay.eu/about-epay-paymentsystem/terms-and-conditions.asp
As well as their security measures here:
6. The right of access
As a user of the PIF-App you have the right to receive confirmation of whether your personal data is being processed and to have access to your personal data.
You are also entitled to request and receive the personal data you have submitted to PIF (data portability). Furthermore, you are entitled to protest against the processing of your personal data.
7. The right to rectify
You have the right to have inaccurate personal data corrected by PIF without undue delay.
8. The right to have your personal data deleted
You have the right to have your personal data deleted by PIF without undue delay if PIF does not continue to have a legitimate interest in storing your personal information.
Please note, that if PIF under applicable legislation is obliged to retain the data, you do not have the right to have your personal data deleted.
9. Protection of personal data
According to applicable legislation, your personal information must be kept safe and confidential.
We store your personal data in Servers OVH, certified ISO 27001:2005 for providing and operating dedicated cloud computing infrastructures,
Access restricted by security badge control system, video surveillance and security personnel 24/7 on-site, smoke detection systems, technicians on site 24/7, backup power supply, power source switched automatically in case of outage, UPS system,
SSL certificate encryption, network segmentation, encryption keys stored on production server with access limited to the administrator only, data backup once a day, IDS and IPS implemented, anti-DDoS solution.
10. Changes in the processing of personal data
We reserve the right to update and modify this Statement once a year.
If you have questions or complaints regarding our Statement or practices, please contact us at firstname.lastname@example.org
Furthermore, you can refer your privacy complaint or dispute to the Danish Data Protection Agency:
1300 København K
Phone number: 33 19 32 00