BURNBLOCK ApS, CVR-no. 33581173, Wilders Plads 15C, 1403 København K (“BURNBLOCK“) is the data controller for the processing of your personal data. Below, BURNBLOCK has provided an overview of the processing activities in which personal data are processed, including among others the purpose thereof and the legal basis.
2. Categories of personal data, purpose, and legal basis
2.1 Website visitors
When you visit BURNBLOCK’s website: https://burnblock.com/, BURNBLOCK will process personal data about you, for instance, cookies and your IP-address. The purpose of using cookies is to improve your user experience on BURNBLOCK’s website, to provide functionality, to generate statistics, to target the marketing of our products to your needs, and to remember your preferences.
The legal basis for the processing of your personal data in that regard is your consent, which you will be asked to give when you visit the website, cf. Art. 6(1)(a) of the GDPR.
In certain cases, the legal basis for the processing of your personal data is BURNBLOCK’s legitimate interests and that it is BURNBLOCK’s assessment that our legitimate interests override your interests or fundamental rights and freedoms, cf. Art. 6(1)(f) of the GDPR. The legitimate interests pursued are to provide you with a website that works optimally, a good website experience and marketing activities.
When you submit an order, BURNBLOCK will process personal data about you, including your name, email address, telephone number, your postal address, bank and payment information, information on you orders, delivery and returns of the goods purchased. The purpose of the processing of your personal data is to process your orders and returns.
The legal basis for the processing of your personal data in that regard is Art. 6(1)(b) of the GDPR. This is either because the processing is necessary for the performance of a contract to which you are a party or because it is necessary in order to take steps at the request of you prior to entering into a contract.
2.3 Contact persons at a customer, vendor, or another business partner
As a contact person at a customer, vendor, or another business partner, BURNBLOCK processes your personal data when you communicate with BURNBLOCK, e.g., via emails in connection with BURNBLOCK’s existing contractual relation with the company you are employed with or in connection with the conclusion or termination of a contract. BURNBLOCK processes ordinary personal data about you, including your name, email address, telephone number, position, etc.
The legal basis for such processing of your personal data is that the processing is necessary for the purposes of legitimate interests pursued by BURNBLOCK and that it is BURNBLOCK’s assessment that our legitimate interests override your interests or fundamental rights and freedoms, cf. Art. 6(1)(f) of the GDPR. BURNBLOCK’s legitimate interests are fulfilment of our contractual obligations, maintaining and enhancing customer relationships, invoicing for the services your company provides to BURNBLOCK and/or vice versa, communicating with you if you have any questions related to our services or vice versa, and for documentation purposes in the event you agree on matters relating to our services in writing via email.
In some cases, processing of personal data is necessary in order to comply with a legal obligation to which BURNBLOCK is subject, for instance in relation to the obligation on the preservation of accounting records pursuant to the Danish Bookkeeping Act. In such case, the legal basis for the processing is Art. 6(1)(c) of the GDPR.
3. Recipients of your personal data
Certain recipients process personal data on behalf of BURNBLOCK and may only process your personal data in accordance with documented instructions given by BURNBLOCK and further terms and conditions stated in a data processor agreement entered with BURNBLOCK. These data processors are not permitted to process your personal data for their own purposes.
4. Transfer of your personal data to a third country (outside of EU/EEA)
In certain cases, your personal data may be transferred to countries outside of the EU/EEA. BURNBLOCK ensures that such transfer will be carried out in accordance with the applicable data protection laws. This entails that any party outside of the EU/EEA that will receive your personal data will ensure an adequate level of protection, for example, by entering into the EU standard contractual clauses (“SCCs”) with BURNBLOCK. BURNBLOCK will ensure implement supplementary safeguards if deemed necessary in the specific case.
You may receive a copy of the legal basis for transfers upon request. Please contact firstname.lastname@example.org
5. Storage of your personal data
BURNBLOCK will only store your personal data as long as it is deemed necessary to fulfil the purposes for the processing of your personal data.
5.1 Website visitors
Personal data collected via cookies through use of our website are stored for different periods depending on the purpose.
Personal data such as your IP address will be stored as long as deemed necessary and will be deleted at the latest 36 months from your last visit on our website.
5.2 Contact person at a customer, vendor, or another business partner
If you are a contact person at a customer, vendor, or another business partner, BURNBLOCK will store personal data about you as long as BURNBLOCK communicates with you because you are BURNBLOCK’s point of contact, 3 years after termination of the contractual relationship, or until it is no longer necessary for the establishment, exercise, or defense of a legal claim.
Personal data about customers is stored for as long as necessary, including while we process your order. The personal data will be deleted 36 months after the completion of your order for documentation purposes.
5.4 Bookkeeping material
BURNBLOCK will store your personal data to the extent it is necessary for bookkeeping purposes such as personal data related to invoicing. Such personal data will be stored for a period of 5 years from the end of the financial year to which the accounting records relate. The purpose is to comply with the legal obligation pursuant to the Danish Bookkeeping Act.
6. Your rights
BURNBLOCK has implemented a number of measures to protect your personal data and ensure your rights. As a data subject, you can exercise the rights listed below. However, some of the rights only apply under certain circumstances.
The Danish Data Protection Agency has prepared guidelines regarding the data subjects’ rights. The guidelines can be accessed here. However, please note that the guidelines are only available in Danish.
As a data you have the following specific rights, unless otherwise exceptionally provided by the data protection legislation:
- Right of access
- Right of rectification
- Right of erasure (“right to be forgotten”)
- Right to restriction of processing
- Right to data portability
- Right to object
Right to complain to the Data Protection Agency
If you disagree with the way in which BURNBLOCK processes your personal data, you may file a complaint with the Data Protection Agency, using the contact details that are available here. However, we hope that you will contact us first, using the below contact details, so that we may reach agreement.
If you wish to exercise any of the above-mentioned rights, you are welcome to contact email@example.com
7. Questions or complaints
You can also file a complaint to the Danish Data Protection Agency, which is an independent public authority that is, inter alia, responsible for monitoring and enforcing the application of the GDPR. The Danish Data Protection Agency’s contact information is available on its website: www.datatilsynet.dk.
Effective date of the recent update of this Policy