- Dalux ApS (Denmark)
- Dalux France
- Dalux Limited (UK)
- Dalux Netherlands BV
- Dalux Norway AS
- Dalux Sweden AB
with respect to data protection, collect, use and share personal data in connection with visiting and using our website at: https://www.dalux.com (“Website”) and services, including the services available through our Website, our mobile and desktop applications and our other products and services (collectively referred to as “Services”) where we may refer to this Policy. DALUX undertakes to ensure that all legal requirements and obligations to protect personal data subject to the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) are met. The references “personal data” and “personal information” have the same meaning under this Policy and refer to any information that directly or indirectly can be linked to an identifiable natural person (“you”). This Policy further describes your privacy rights. If you have agreed to any of our applicable terms and conditions that govern the use of any of our Services, those terms and conditions are thus incorporated to this Policy accordingly with reservations to any individually agreed terms and conditions between us and you. We encourage that you read this Policy and our terms and conditions thoroughly before using our Website and Services to ensure that you fully understand our views and practices on handling and processing your personal data and on what terms and conditions we provide you our Services. We strive to protect and respect your personal data to the best of our ability. Please be aware, that when you access or agree to use our Website and/or Services, you unconditionally acknowledge, agree, and accept the terms in this Policy.
How DALUX collects your personal data
We collect and process your personal data when you sign up to create an account to use our Services, sign up for any of our events, register for online webinars, interact with us on social media or when you provide us with personal information by contacting us directly.
We may collect the following categories of information directly from you:
- Identification information such as name, surname, telephone number, email address, and technical identification information (e.g. IP address and account password)
- Professional information such as your occupation, field of industry, employment history, work experience, educational background, and other qualifications
- Commercial information about what Services you are using or have shown interest in and which webinars and DALUX events you have attended
- Electronic information such as records of our online correspondences and interactions, service records including complaints and resolution history, your behavioural pattern when using our Website and/or Services, including but not limited to preferences, email attachments, uploads and downloads, your location, and preferred language
Obtained by cookies or when you use our Services
Provided by other parties
We may store and collect personal information about you that we receive or get in contact with either directly when delivered by third parties or when we use third-party sources. These third parties can be affiliates, external recruiting firms, business partners, publicly available sources and registers, or social networking platforms e.g. LinkedIn and Facebook. The categories of personal data we may collect about you from third-party sources include:
- Identification information name, surname, telephone number, email
- Professional information occupation, field of industry, employment history, work experience, educational background, and other qualifications
- Commercial information our Services or other products and services you are using or have shown interest in, events you have attended and other activities
- Electronic information your behavioural pattern, preferences, and other interactions
We may combine the personal information we receive directly from you, collected by us, or received by third parties when allowed to do so in accordance with applicable laws, for the purpose of providing you with relevant content, experiences and other offerings as well as to keep our databases updated with current and accurate information about you.
How DALUX uses your personal data
We use the personal data we have collected about you for different purposes if we can secure a lawful ground for processing, for example on the basis of a contractual necessity, legitimate interest of us or a third party, or your consent. We process your personal data for the following purposes:
When contractually necessary
- To process your registrations via our Website or when using our Services
- To perform our obligations and deliveries subject to a contract with you or your employer, or to validate your identity when entering a contract with you
- To provide you with purchased Services, including support and communication
- To send information to you within the scope of the contract for example, to send you service messages, inform you of new updates, releases, errors, and other relevant information relating to the use of our Services
- To perform any financial activity, for example invoicing, payments, and other financial follow-ups
Based on a legitimate interest of ours or a third party*
- To give you access to content and services on our Website or when using our application
- To send information you have requested
- To send product updates, information about upcoming webinars and fairs, surveys, or other information of our legitimate interest
- To improve the quality, functionality and user experience of our products and services, including analysing how they are being used. Automated analytic systems and other tracking techniques may be used to fulfil this purpose (if not subject to your consent)
- To uphold and maintain the security on our Website and Services by detecting, mitigating, and preventing security threats, perform maintenance, and debugging
- To prevent, detect or address malicious behaviour, fraud, infringements, and similar activities to protect you against security breaches
- To enforce our terms and conditions when using our Services
- Other activities relating to the protection of your, our or any third-party rights, property, and safety
- To anonymize, aggregate, or perform other non-identifying purposes in relation to your personal data
* You have the right to object to our processing of your personal data when we rely on a legitimate interest for the processing. Read more about your rights and options under Your rights below.
- When you have given us your consent to send you relevant marketing materials such as promotional offers and advertising
- When you have given us your consent to share information about you with third parties, for example sub-processors
- When you have given your consent for cookie-placements or similar technologies
- When you have given us your consent to a certain processing activity in connection with other occurrences
**Where we have obtained your consent for processing, you are entitled to withdraw your consent at any time. Please contact us on the contact details provided below if you wish to withdraw your consent.
To fulfil a legal obligation
- When we are under a legal obligation to respond, disclose, or share your personal data with official authorities
Who does DALUX share your personal data with?
We share the collected information about you with the following parties when relevant.
- Our associated companies across Europe when relevant
- Our business partners, such as consultants
- Our service providers, who perform services or certain functions on our behalf, for example companies supporting us with invoicing, consulting, licenses, software maintenance, hosting, user verification and localization, marketing, security, support, analytics, social media etc. Please note that all service providers who we may share your personal information with are subject to a contract that either restricts or limits their ability to process and use your information
- Other third parties in connection with a business transaction, hereunder a transfer, outsourcing, merger, sale, acquisition, consolidation, change in control, reorganization or liquidation of DALUX, or parts hereof. We may share aggregate, anonymous, or non-identifiable demographic, statistical data and other information that cannot be specifically traceable to you in relation to marketing or other purposes
- Other circumstances, when we are required to do so by law e.g. pursuant to a court order or when we otherwise in good faith believe, that it is required by law or with the law enforcement or other reasonable persons e.g. a legal counsel or external lawyer when we believe that a submission of the personal information is necessary to identify, contact and prevent, or respond to fraud and/or an intellectual property right infringement caused knowingly or unknowingly for the purpose of protecting DALUX’s property rights and safety
- Any other person with your consent to the disclosure
Location of personal data and cross border transfers
We will store your personal data and any other content on our local servers in Copenhagen, Denmark or on servers of our hosting providers. Our service providers hold servers in different locations; therefore, your personal data may be stored across national borders. DALUX has several offices located within the European Economic Area (EEA), and we may transfer personal data across our offices when relevant, subject always to all our associated companies’ compliance with the GDPR. Apart from transfers between our associated companies, DALUX transfers personal data to some of our third parties described above in the section: Who does DALUX share your personal data with? to help fulfil our obligations towards you, for example to provide a secure storage of your data, hosting and support. As an underlying basis, DALUX aims to only engage sub-contractors or third parties where the processing of personal data remains within the EEA. When it is not possible, DALUX relies on the following legal mechanisms to provide appropriate safeguards when transferring personal data to third parties outside of the EEA: Countries deemed adequate by the European Commission, European Commission Standard Contractual Clauses, approved binding corporate rules (BCR) in accordance with Article 63 of the GDPR.
How does DALUX protect your personal data?
The protection and security of your personal data is of vital importance to DALUX, and we go far to sustain all reasonably necessary technological, administrative, and physical measures to protect your personal data from unauthorized surveillance and access and malicious actions. We also take reasonable steps to limit the sharing and access of your personal data to only concern employees and contractors who need access to your data to perform a contract or other relevant function.
You have the right to access the personal data we process about you, with the exceptions set out in the GDPR and other applicable laws. You further have the right to object to our processing, our use of your personal data, rectify your personal data, and require us to limit the processing of your personal data. If we process personal data based on your consent, you have the right to withdraw your consent at any time. If you withdraw your consent, we will stop to process your personal data, unless continuation of processing is necessary to comply with our legal obligations as required or permitted by law. If you wish to withdraw your consent, please contact us.
If you request us to delete the personal data we have registered about you, we will do so without undue delay unless we can continue the processing pursuant to a different legal basis, such as a legal obligation to store and keep your personal data, or if necessary in order for us to respond to an enquiry from you. Under some circumstances, you may ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format and ask us to transmit your data to a third party (data portability). If you wish to exercise any of your applicable rights as described above, please contact us.
If you are an individual being subject to a contractual arrangement with any of our customers, which includes the processing of your personal data on behalf of such customer, we may refer any enquiry by you to the customer and cooperate with their handling of your enquiry, in order to comply with our contractual obligations towards the customer. We will respond to your enquiry as soon as possible.
We will keep your personal data for as long as we need it to fulfil any of the purposes described under the section: How DALUX uses your personal data, to the extent we can do so lawfully. This includes our right to store your personal data longer, if we must do so in order to comply with a legal obligation, even if the original purpose for processing your personal data can no longer be justified. When we use your personal data in connection with marketing purposes by your consent, we will use your personal information until you withdraw your consent. Please be aware that it will be necessary for us to store the registered information about you not wanting to receive marketing materials from us if you have decided to withdraw your consent.
Data protection responsibilities
DALUX is responsible for the processing activities of personal data collected for our own purposes as described under this Policy. DALUX also process personal data on behalf of our enterprise customers subject always to a data processing agreement. If you sign up on our Website to use our Services, you do so on behalf of a company/employer, and if you process or provide us with personal data when using our Services, you will be the controller of the personal data and DALUX is the data processor. When you are the data controller, you are responsible for protecting the personal data you process, this includes your compliance with the GDPR and other privacy laws. When we process personal data on behalf of you as data controller, it is required that we enter into a written data processing agreement, to govern the details of the processing. If not included in a separate agreement entered with you, you can find our standard Data Processing Agreement here. If you for some reason cannot find the Data Processing Agreement or have any other questions, contact us. To avoid any misconceptions, you should be aware that DALUX does not control nor is responsible for the personal data collected by our enterprise customers. Therefore, the legal basis for processing personal data, as well as the level of security may differ from the standards set out in this Policy.
Our Website and Services and their contents are not directed towards children who are under the age of 16, and if we happen to collect personal data from children or minors, we do so unknowingly. Any information provided by a child or minor to DALUX or its service providers without parental consent, will be deleted when discovered. If you have questions about personal data that may have been submitted by a child, please contact us.
If you have any questions, requests or concerns relating to this Policy or our privacy practices in general, or if you wish to exercise any of your rights described above, including accessing, rectifying, or erasing your personal data, please contact us by sending an email to: firstname.lastname@example.org. When contacting us, please inform us of which DALUX Service your enquiry concerns as well as your full name and email-address, so that we can identify you and process your enquiry. We may ask for additional forms of verification depending on the nature of the inquiry and personal information requested. If you have any complaints regarding the processing of your personal data or this Policy, we will cooperate with you to find a satisfactory resolution to your matter. If you believe that we have not assisted you sufficiently, you have the right to file a complaint to the Danish Supervisory Authority, Borgergade 28, 5, 1300 Copenhagen, Denmark or to another competent European Supervisory Authority or equivalent subject to your location.
Updates to DALUX Policy
We may change, update, and adjust this Policy from time to time when necessary. We will announce any contingent changes by updating the date, as stated on the top of this Policy. We encourage you to read and return to this Policy regularly to make sure you are up to date with the latest version published.