Last updated: February 7, 2023
This Privacy Notice (“Notice”) explains how Dalux Corporation, company reg. no. 28509839 with headquarters at Lyngbyvej 2, 2100 København Ø, Denmark (hereinafter referred to as “DALUX”, “we” “us” and “our”) and its following consolidated companies:
Dalux ApS (Denmark)
Dalux Austria GmbH
Dalux Belgium BVDalux Germany GmbH
Dalux Finland Oy
Dalux Italia Srl Dalux Limited (UK)
Dalux Lithuania UAB Dalux Netherlands BV Dalux Norway AS
Dalux Software Spain Dalux Sweden AB Dalux Switzerland GmbH
Dalux US Inc.
SAS Dalux France
with respect to data protection, collect, share, and process personal data as data controllers, in circumstances such as when you: · Visit our website at https://www.dalux.com (“Website”)
DALUX undertakes to ensure that all legal requirements and obligations to protect personal data subject to the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) are met. The references to “personal data” and “personal information” have the same meaning under this Notice and refer to any information that directly or indirectly can be linked to an identifiable natural person (“you”).
This Notice further describes your privacy rights. If you have agreed to any of our applicable terms and conditions that govern the use of any of our Services, those terms and conditions are thus incorporated to this Notice accordingly with reservations to any individually agreed terms and conditions between us and you. We encourage that you read this Notice and our terms and conditions thoroughly before using our Website and Services to ensure that you fully understand our views and practices on handling and processing your personal data and on what terms and conditions, we provide you our Services.
We strive to protect and respect your personal data to the best of our ability. Please be aware, that when you access or agree to use our Website and/or Services, you unconditionally acknowledge, agree, and accept the terms in this Notice.
a. Third Parties/links
b. Customer data
Except for the account information (as described below), this Notice does not apply to our privacy practices in relation to Customer owned materials such as the drawings, files, messages, and any other electronic data uploaded and stored in our Services by you, as an end user (“Customer Data”). DALUX processing in regard to Customer Data are instead governed by our Master Agreement and Data Processing Agreement, which regulates the agreement between you and DALUX regarding access and use of our Services.
DALUX is only responsible for ensuring compliance with all applicable laws and regulations, as well as any other privacy policies, agreements, and obligations, related to the collection, use, and storage of personal information in connection with our Services, for which DALUX collects directly.
a. From you
We collect and process your personal data from you directly when you sign up to create an account to use our Services, register for any of our webinars and events, interact with us on social media, and/or when you provide us with personal information by contacting us directly via email or web form.
We may collect the following categories of information directly from you:
b. Obtained automatically when you use our Website and Services
In addition, when using our Services, we may collect the following:
c. Through integrated services
d. Provided by third parties
We may store and collect personal information about you from third-party sources. These third parties can be affiliates, external recruiting firms, business partners, publicly available sources and registers, and social networking platforms e.g. LinkedIn and Facebook.
The categories of personal data we may collect about you from third-party sources include:
We may combine the personal information we receive directly from you, collected by us, or received by third parties when allowed to do so in accordance with applicable laws, for the purpose of providing you with relevant content, experiences, and other offerings as well as to keep our databases updated with current and accurate information about you.
We use the personal data we have collected about you for different purposes, if we can secure a lawful ground for processing. We process your personal data for the following purposes:
a. When contractually necessary
b. Based on a legitimate interest of ours or a third party*
* You have the right to object to our processing of your personal data when we rely on a legitimate interest for the processing. Read more about your rights and options under “Your Rights” below.
c. Your consent**
**Where we have obtained your consent for processing, you are entitled to withdraw your consent at any time. Please contact us on the contact details provided below if you wish to withdraw your consent.
d. To fulfil a legal obligation
We share the collected information about you with the following parties when relevant:
DALUX transfers personal data to some of our third parties described above in the section: “Who does DALUX share your personal data with?” to help fulfil our obligations towards you, for example to provide a secure storage of your data, hosting and support. As an underlying basis, DALUX aims to only engage sub-processors or third parties where the processing and storage of personal data remains within the EEA. When it is not possible, DALUX relies on the following legal mechanisms to ensure the same level of protection as guaranteed by the GDPR when transferring personal data to third parties outside of the EEA: Third countries deemed adequate by the European Commission, appropriate safeguards e.g. Standard contractual clauses (SCC) adopted by the European Commission, approved binding corporate rules (BCR) or any other current or future appropriate safeguards pursuant to Article 46 of the GDPR, or your explicit consent.
The protection and security of your personal data is of vital importance to DALUX, and we go far to sustain all reasonably necessary technological, administrative, and physical measures to protect your personal data from unauthorized surveillance and access and malicious actions. We also take reasonable steps to limit the sharing and access of your personal data to only concern employees and contractors who need access to your data to perform a contract or other relevant function.
You have the right to access the personal data we process about you, with the exceptions set out in the GDPR and other applicable laws. You further have the right to object to our processing, our use of your personal data, rectify your personal data, and require us to limit the processing of your personal data.
If we process personal data based on your consent, you have the right to withdraw your consent at any time. If you withdraw your consent, we will stop to process your personal data, unless continuation of processing is necessary to comply with our legal obligations as required or permitted by law. If you wish to withdraw your consent, please contact us.
If you request us to delete the personal data we have registered about you, we will do so without undue delay unless we can continue the processing pursuant to a different legal basis, such as a legal obligation to store and keep your personal data.
Under some circumstances, you may ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format and ask us to transmit your data to a third party (data portability).
If you wish to exercise any of your applicable rights as described above, please contact us.
If you are an individual being subject to a contractual arrangement with any of our customers, which includes the processing of your personal data on behalf of such customer, we may refer any enquiry by you to the customer and cooperate with their handling of your enquiry, in order to comply with our contractual obligations towards the customer.
We will respond to your enquiry as soon as possible.
Our Services are intended for use by organizations and enterprises. When our Services are made available to you through an enterprise customer of ours, that organization or enterprise is the data controller of your personal information within our Services, upon that for which DALUX collects to create an account with us. Please note that DALUX is not responsible for the privacy or security practices of that organization, which may be different than the practices that appear in this Notice.
As an end user, you may be using our Services on behalf of an organization you are affiliated with, such as your work or school organization. Please note that through project administrators, your organization can:
In cases where DALUX is the data controller of personal information, in cases described above, we will keep your personal data for as long as we need it to fulfil any of the purposes described under the section: “How DALUX uses your personal data”, to the extent we can do so lawfully. This includes our right to store your personal data longer, if we must do so in order to comply with a legal obligation, even if the original purpose for processing your personal data can no longer be justified. When we no longer have any justified legitimate needs to retain your data, your data will be anonymized or deleted.
When we use your personal data in connection with marketing purposes by your consent, we will use your personal information until you withdraw your consent. Please be aware that it will be necessary for us to store the registered information about you not wanting to receive marketing materials from us if you have decided to withdraw your consent.
For personal information processed as part of Service Data, we will process the personal information for as long as we are instructed to do so by the customer.
DALUX is responsible for the processing activities of personal data collected for our own purposes as described under this Notice. DALUX also process personal data on behalf of our enterprise customers subject always to a data processing agreement. If you process or provide us with personal data when using our Services, you will be the controller of the personal data and DALUX is the data processor. When you are the data controller, you are responsible for protecting the personal data you process, this includes your compliance with the GDPR and other privacy laws. When we process personal data on behalf of you as data controller, it is required that we enter into a written data processing agreement, to govern the details of the processing. If not included in a separate agreement entered with you, you can find our standard Data Processing Agreement here. If you for some reason cannot find the Data Processing Agreement or have any other questions, contact us.
To avoid any misconceptions, you should be aware that DALUX does not control nor is responsible for the personal data collected by our enterprise customers. Therefore, the legal basis for processing personal data, as well as the level of security may differ from the standards set out in this Notice.
Our Website and Services and their contents are not directed towards children who are under the age of 16, and if we happen to collect personal data from children or minors, we do so unknowingly. Any information provided by a child or minor to DALUX or its service providers without parental consent, will be deleted when discovered. If you have questions about personal data that may have been submitted by a child, please contact us.
If you have any questions, requests or concerns relating to this Notice or our privacy practices in general, or if you wish to exercise any of your rights described above, including accessing, rectifying, or erasing your personal data, please contact us by sending an email to: email@example.com. When contacting us, please inform us of which DALUX Service your enquiry concerns as well as your full name and email-address, so that we can identify you and process your enquiry. We may ask for additional forms of verification depending on the nature of the inquiry and personal information requested.
If you have any complaints regarding the processing of your personal data or this Notice, we will cooperate with you to find a satisfactory resolution to your matter. If you believe that we have not assisted you sufficiently, you have the right to file a complaint to the Danish Supervisory Authority, Borgergade 28, 5, 1300 Copenhagen, Denmark or to another competent European Supervisory Authority or equivalent subject to your location.
We may change, update, and adjust this Notice from time to time when necessary. We will announce any contingent changes by updating the date, as stated on the top
of this Notice. We encourage you to read and return to this Notice regularly to make sure you are up to date with the latest version published.
Fill out the form and get a 14 day free trial.