Privacy policy

Background

The General Data Protection Regulation and the Data Protection Act set the rules for how we as a company may process personal data about our clients, suppliers, partners, and other natural persons.
Below you can read how SKOV Advokater Advokataktieselskab (hereinafter “SKOV”, “we”, “us”, or “our”) processes your personal data in a variety of contexts.

SKOV’s role as data controller and data processor

When we process personal data about you as described in this privacy policy, we act as a data controller.In some cases, we can also act as a data processor. This is the case when we carry out a task for another person or company that involves the processing of personal data and where the processing in question takes place only as per instructions. When we act as a data processor, we do so on the basis of a data processor agreement with the one for whom we are processing the personal data. This privacy policy does not apply when we act as a data processor.

Contact information

SKOV is the data controller in relation to the personal data that we process and is described in the privacy policy. If you have any questions, please contact us here:

SKOV Advokater
CVR no. 16 64 34 83.
Dandyvej 3B, 3rd floor
7100 Vejle
Email: skov@skovadvokater.dk
Tel: 76 40 70 00
Contact person for data protection: Torben Bang

The information we process and the purpose hereof

We may process personal data about you in a number of different situations. We have described the different situations below.

Legal services

We process a number of personal data when providing our clients with legal advice. As a client or potential client (including persons associated with a client), we usually process general contact information about you such as name, address, telephone number, email, title, etc.We also process the information that you exchange with us, e.g., in the form of email correspondences, regular mail, case materials, etc.
We process this information in order to provide relevant assistance to you as a client or potential client. Our processing of personal data takes place depending on the specific case either for the purpose of fulfilling an agreement with you (General Data Protection Regulation, article 6, para. 1 (b)) or on the basis of our legitimate interest in looking after your interests (General Data Protection Regulation, article 6, para. 1 (f)).

Depending on the case, we may also process sensitive information including, for example, information about race, ethnic origin, political, religious, or philosophical beliefs, health, sexual relations, or sexual orientation. Such information is processed only when necessary for the purposes of a specific case. The processing of this information will in most cases take place because it is necessary to establish, enforce, or defend a legal claim on your behalf (General Data Protection Regulation, article 9, para. 2 (f), cf. the General Data Protection Regulation, article 6, para. 1 (f)).

As part of our advice or when otherwise necessary for the handling of your case, we may share your personal data with external parties in the form of public authorities, counterparties, or other law firms. There may also be cases where we are specifically obliged to do so by law.
As a rule, the information is stored for a period of up to 5 years from the end of the specific case. All specific deadlines take into account the statute of limitations and the legal rules on the storage of case data. The data may be kept for a longer period of time if specific circumstances so require.

In order to fulfil our obligations under the Money Laundering Act, we will in certain cases collect identity information such as name, social security number, and passport number. The processing takes place because it is necessary for the sake of complying with the legal obligations of the Money Laundering Act to which we are subject (General Data Protection Regulation, article 6, para. 1 (c) and in regards to social security numbers in the Data Protection Act § 11, subsection 2, no. 1, cf. § 11 of the Money Laundering Act). We delete such information 5 years after the end of the business relationship, cf. § 30 of the Money Laundering Act.

Insolvency proceedings (such as bankruptcy, restructuring, discharge of debts, and insolvent estates)

If you are a debtor, creditor, owner, heir, or employee in relation to an insolvency case handled by SKOV, we may process a number of personal data about you.In insolvency proceedings, we deal with material relating to the debtor and his business. The material may contain personal data, such as information about the debtors, creditors, and employees of the debtor and/or the company in the form of name, address, information about any financial accounts, etc. The material may also contain information about social security numbers, email addresses, and telephone numbers.

We process the information as part of our case management, including in connection with the recovery of receivables, the management of the bankruptcy estate’s interests, identification and sale of assets, the operation of the failed company, investigation of any voidable or irresponsible circumstances, etc.

Furthermore, as part of the insolvency proceedings, we may, where necessary, obtain personal data from publicly available sources, including from social media and public databases and from third parties. You can also provide us with personal information yourself, either in writing or orally, including in connection with a hearing.
As a rule, we only process ordinary personal data as part of an insolvency proceeding. We may however also process sensitive data and data relating to criminal convictions and offences depending on the specific case.

We process the personal data solely for the purpose of facilitating the processing of the case pursuant to the provisions of the Bankruptcy Act.

The processing of your personal data in connection with insolvency proceedings is based on a legal obligation to which we are subject (General Data Protection Regulation, article 6, para. 1 (c)).

To the extent that it is necessary for the processing of insolvency proceedings to process information regarding debtors, owners, or employees’ criminal convictions and offences, this is done on the basis of the Data Protection Act § 8, subsection 3, cf. the General Data Protection Regulation, article 10.

If we process social security numbers, our processing takes place on the basis of the Data Protection Act § 11, subsection 2, no. 1 and/or no. 4, including the General Data Protection Regulation, article 9, para. 2 (f), and cf. the General Data Protection Regulation, article 6, para. 1 (f).

In connection with an insolvency case, we may also process personal data about employees of the defaulted company – for example in connection with continued operations. Under such circumstances we may process personal data about employees for the purpose of managing the employees’ terms of employment, the payment of wages, and in relation to the Employees Guarantee Fund (Lønmodtagernes Garantifond). We process general personal data with regard to the employees, including name, address, date of birth, email, etc. There may also be cases where we process sensitive personal data, including health data and information about trade union related to the employment.

The processing of data in connection with the employees’ employment takes place in order to comply with labour law obligations (the General Data Protection Regulation, article 9, para. 2 (b), cf. article 6, para. 1 (b), article 6, para. 1 (c), and § 7 and § 12 of the Data Protection Act). Processing data is necessary for the determination of the entry into employment, the handling of the employees’ possible salary claims, in order to clarify the legal position in relation to the employment law rules (including the Sickness Benefits Act), certain anti-money laundering protection considerations, and compliance with the employment contract with the employees at the entry into employment.

In connection with our case processing, it may be necessary to disclose personal data about you to, for example, courts, the Employees Guarantee Fund (Lønmodtagernes Garantifond), mortgage holders, creditors, credit information agencies, lawyers’ associations who appear on our behalf before the courts, or companies that we may take on as part of processing the case, such as hauliers, locksmiths, craftsmen, and the like. We may also disclose information to assessors, auditors, the tax administration and/or the police, landlords, trading partners, suppliers, or others who need to be notified of the insolvency proceedings, as well as auction houses that are to be responsible for the sale of assets and for debt collection consultants. Finally, we can pass on personal data to public agencies, including the Danish Board of Agriculture, the Danish Business Authority, etc.

The personal data will not be stored longer than necessary for fulfilling the purposes for which they were collected. Once your personal data is no longer required, we will delete it.

Debtor in a debt collection or foreclosure case

If you are a debtor in a debt collection case or are related to a foreclosure that SKOV is processing for the creditor (including a party to any legal proceedings arising out of the debt collection case or in connection with a foreclosure), we may process a number of personal data about you.We process personal data about you in the form of name and address, as well as information about your debt relationship and any social security number, email, and telephone number. If relevant to the case, we may also process information about your financial, work, social, health, and criminal matters.

We most often receive the information directly from the creditor. However, we may also receive information from your lawyer or another counsellor. We may also obtain information ourselves from available sources, including from relevant databases or social media. Finally, you can provide us with information yourself, either in writing or orally.

We use your personal data solely for the purpose of collecting the creditor’s receivable from you and only to the extent necessary to establish and recover the creditor’s receivable.

In connection with our proceedings, it may be necessary to disclose personal data about you to the creditor, courts, debt collection consultants, credit information agencies, lawyers’ associations who appear on our behalf before the courts, hauliers, locksmiths, craftsmen, auction houses, and the like, which we use in connection with the proceedings. We may also disclose information to the Danish Tax Agency, your landlord, or others who are required to receive notification of disbursements made from your assets. In addition, we can create ads on tvang.dk, Statstidende, etc.

Finally, we may disclose your personal data to a public authority in situations where we are specifically required to disclose your personal data by law, including notification obligations to which we are subject.
The processing of your personal data is carried out on the basis of the creditor’s (and thus our) legitimate interest in obtaining payment of receivables from you (The General Data Protection Regulation, article 6, para. 1 (f)). For sensitive information, our processing takes place either after you have published the information yourself (the General Data Protection Regulation, article 9, para. 2 (e), cf. article 6, para. 1 (f)) or in order for a legal claim to be established, invoked, or defended (the General Data Protection Regulation, article 9, para. 2 (f), cf. article 6, para. 1 (f)).

Our processing of your social security number takes place on the basis of the Data Protection Act § 11, subsection 2, no. 4 and the General Data Protection Regulation, article 9, para. 2 (e) or article 9, para. 2 (f), cf. article 6, para. 1 (f).

The personal data will not be stored longer than necessary for fulfilling the purposes for which they were collected. Once your personal data is no longer required, we will delete it.

Administration of estates of deceased persons

As part of the administration of estates of deceased persons, we process personal data about those who are involved with the estate.

We may process personal data in the form of identification and contact information such as name, address, email, and telephone number, as well as information about your finances, property, and family relationships, including marital status and family relationships.

In special cases, we may also process information about employment, pension, and insurance conditions, as well as information about dispositions related to the estate and social security numbers. We may also process sensitive information in the form of health information about you where it is required to complete a transference of the estate.

We collect the information from courts, public authorities, banks, etc., as well as, when required, from publicly available sources.

Our purpose in processing your personal data is to carry out the transference of the estate in accordance with the legal requirements and obligations imposed on us by the Inheritance Act, the Estate Tax Act, the Estate of a Deceased Person Tax Act, the Transference of the Estate of a Deceased Person Act, and the Bankruptcy Act.

In the event of a change of administrator, our basis for processing is either compliance with a legal obligation ( the General Data Protection Regulation, article 6, para.1 (c)) or carrying out a task falling within the remit of the public authority (the Data Protection Regulation, article 6, para. 1 (e).

In the case of a private change of administrator, the processing is based on the fulfilment of a contract (the Data Protection Regulation, article 6, para. 1 (b).

If we process sensitive information, this is typically done to determine, defend, or assert legal claims (the General Data Protection Regulation, article 9, para. 2 (f), cf. article 6, para. 1 (f)) or after you have published the information yourself (the General Data Protection Regulation, article 9, para. 2 (e), cf. article 6, para. 1 (f)).

Our processing of your social security number takes place on the basis of the Data Protection Act § 11, subsection 2, no. 4 and the General Data Protection Regulation, article 9, para. 2 (e) or article 9, para. 2 (f), cf. article 6, para. 1 (f).

Where necessary for the fulfilment of the legal obligation imposed on us and/or for the fulfilment of the contract, we may disclose relevant personal data to courts, public authorities, and/or other partners assisting us.

The personal data will not be stored longer than necessary for fulfilling the purposes for which they were collected. Once your personal data is no longer required, we will delete it.

Visitors to our website, etc.

When you visit https://skovadvokater.dk/ or our social media profiles (e.g., LinkedIn, Facebook, and Instagram), SKOV may process a number of information about you depending on which cookies you have consented to us using.

Your permission for us to use cookies is required before SKOV can install those cookies. This only happens when you press “ok” in the field that appears at the bottom of our website when you visit it.

For example, we may process information about your IP address, as well as information about your computer, device, and browser. We may also process information about your visit (for example, information about how you access our website, how you navigate it, which pages you visit, the content you view, your searches, etc.).

You can read more about the cookies we use on our website by pressing the small badge at the bottom right side of our website. Regarding the cookies we use on social media, please refer to the cookie policy of each website.

We also process information that you provide us in connection with your use of our website, for example when you fill out our contact form, including your name, company name, company address, telephone number, email, and other information.

We use your information to enable us to make relevant services available to you and to improve your experience of our websites as well as the services and products we offer. Depending on the cookies you have consented to us using, we may also use your information to show you content on our and others’ pages based on your activities and preferences, and to limit the number of times you will see the same content.

The processing of your personal data takes place on the basis of the balancing of interests rule (the General Data Protection Regulation, article 6, para. 1 (f)) or your consent (the Cookie Act § 3).

We do not share this information with anyone other than our own trusted marketing advisors.

The personal data will not be stored longer than necessary for fulfilling the purposes for which they were collected. Once your personal data is no longer required, we will delete it.

Courses and other events

When you participate in events held by SKOV or in cooperation with SKOV, we will process personal data about your name, phone number, email, which course or event you are participating in, as well as other information you choose to provide to us.

We process personal data for the purpose of managing the course or event and in order to send you relevant material.

In some cases, we may share your information with other participants of the course/event or with collaborators/suppliers.

When you attend a course or event at SKOV, we may also take pictures or videos of which you are part. Images and videos are used for marketing SKOV on our social media.

Our basis for the processing of your personal data is our legitimate interests (the General Data Protection Regulation, article 6, para. 1 (f)) or your consent (the General Data Protection Regulation, article 6, para. 1 (a)).

The personal data will not be stored longer than necessary for fulfilling the purposes for which they were collected. Once your personal data is no longer required, we will delete it.

Visitors to our office

There may be common areas in our building with video surveillance. If this is the case, this will be disclosed in accordance with the Surveillance Act § 3, subsection 1. All recordings are stored securely and played back only if necessary, e.g., in connection with a burglary or a security breach. Recordings are played only for people for whom the recordings are relevant and are typically automatically overwritten after a short period of time unless a specific problem has been identified that requires further investigation.

Suppliers and collaborators

We collect and process a number of personal data of relevant contact persons when it is necessary to do so for the sake of cooperating with our suppliers and partners.

We process the personal data for the purpose of fulfilling the agreement we have entered into with the supplier or partner you are affiliated with and, where relevant, in order to fulfil agreements with our clients. As a rule, we only process general information, such as name, address, telephone number, email, position, and corresponding contact information. In addition, we process the information exchanged with us as part of our cooperation. For example, email correspondence and other mail.

We process such personal data on the basis of our legitimate interests in relation to the administration and operation of our business (the General Data Protection Regulation, article 6, para. 1 (f)).

We store the personal data of our partners and suppliers for as long as it is relevant to the relationship we have with our suppliers and partners, and for a legal claim to be established, asserted, or defended.

Sharing your personal data

Depending on the personal data in question, the purpose of the processing and the context in which the personal data are included, we may also share your personal data with external third parties, including public authorities, counterparties, other law firms, suppliers, and partners when it is necessary for the fulfilment of our assignments or when we are specifically obliged to do so by law.

We always ensure that, when transferring personal data, we have the necessary legal basis for transferring the personal data.
We may also entrust your personal data to data processors such as IT providers that process the personal data on our behalf. Our data processors only process your personal data in accordance with our instructions.

Security

Our processing of your personal data is in accordance with our internal guidelines. This means, among other things, that we ensure that the personal data is treated confidentially and in a secure environment, both physically and electronically, and that we have implemented a number of organisational measures to ensure the processing and deletion of your data in the best possible way.

We regularly monitor our policies and measures, as well as our compliance with them.

Transfer to countries outside the EU/EEA

In connection with our processing of your personal data, we may potentially transfer your data to countries outside the EU/EEA. Data protection legislation in these countries may be less stringent than in Denmark and other EU/EEA countries. If we transfer personal data to countries where this is the case, the transfer of your personal data to those countries will take place on the basis described below.

We can potentially transfer personal data to countries outside the EU/EEA using cloud-based services from, e.g., Microsoft 365. The data processed through the use of these services are stored in data centres in the EU. As these are cloud-based services, in certain specific cases data may be transferred to countries outside the EU/EEA. In these cases, a transfer will take place on the basis of the European Commission’s standard contracts. The contract as well as the details of the transfer are available on Microsoft’s website.

We may also transfer your information to countries outside the EU/EEA if it is necessary for the processing of a specific case, e.g., to a liaison lawyer, counterparty, authority, or a court in a country outside the EU/EEA. In these cases, a transfer will take place on the basis of the General Data Protection Regulation, article 49, para. 1 (b–e).

If you would like further information about our transfer of personal data to countries outside the EU/EEA, please feel free to contact us.

Your rights

Under the General Data Protection Regulation, you have a number of rights in relation to SKOV’s processing of information about you, including:
• You have the right to access the personal data that we process about you.
• You have the right to have inaccurate personal data about you rectified and incomplete personal data completed.
• In exceptional cases, you have the right to have your personal data deleted before the time we would typically delete your personal data.
• In certain cases, you have the right to have the processing of your personal data restricted.• In certain cases, you have the right to object to our processing of your personal data, and always if the processing is for direct marketing purposes.
• In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to have these personal data transferred from one data controller to another.

Complaints to the Danish Data Protection Agency

You have the right to lodge a complaint with the Danish Data Protection Agency if you are dissatisfied with the way SKOV processes your personal data. You can find the Danish Data Protection Agency’s contact information on www.datatilsynet.dk. Here you can also find further information about your rights as a data subject.

Updating the privacy policy

We regularly review this privacy policy to keep it up to date and in accordance with applicable principles and legislation. We therefore encourage you to stay up to date. The latest version of our privacy policy is always available on our website www.skovadvokater.dk.

This privacy policy was last updated on September 8, 2022.