Privacy Policy
Who We Are and How You Can Contact Us
We are DiaUnion. Our website address is: www.diaunion.org
DiaUnion is administered by Medicon Valley Alliance (MVA) which is the data protection controller. As the data protection controller, data protection is very important to us. We protect the personal information that we process, and ensure that we comply with the EU General Data Protection Regulation (GDPR).
MVA Contact Information
Medicon Valley Alliance f.m.b.a.
Arne Jacobsens Allé 15, 2.
2300 Copenhagen S
T: +45 70201503
E: mva@mva.org
W: www.mva.org
VAT: DK25668294
Contact regarding data protection in DiaUnion: fk@mva.org
General Information About Data Processing
1. Scope of the Processing of Personal Data
We basically only process the personal information of our users to the extent necessary to provide a functioning website as well as our content and services. As a rule, our users’ personal data are processed only with the user’s consent. An exception applies in cases where it is not possible to obtain prior consent due to factual reasons, and statutory provisions allow the processing of the information.
2. The Legal Basis for the Processing of Personal Data
To the extent that we obtain the consent of the data subject for personal data processing procedures, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Article 6 (1) (b) of the GDPR serves as the legal basis. This also applies to processing procedures necessary to take steps before concluding a contract.
To the extent that the processing of personal data is necessary in order to comply with a legal obligation to which our company is subject, Article 6 (1) (c) of the GDPR serves as a legal basis.
In the event that the processing of personal data is necessary to protect the vital interests of the data subject or another natural person, Article 6 (1) (d) of the GDPR serves as the legal basis.
If the processing is necessary to protect the legitimate interests of our organization or third parties and the interests, fundamental rights and freedoms of the data subject do not infringe the former interests, Article 6 (1) (f) of the GDPR shall serve as the legal basis for the processing.
3. Data Erasure and Storage Period
The data subject’s personal data will be deleted or blocked as soon as the purpose of the storage is no longer relevant. In addition, data may be stored if this was intended by European or national legislators in EU regulations, laws or other provisions to which the data controller is subject and is predictable. Data is also blocked or deleted when a storage period prescribed in the said standards expires, unless further storage of the data is required to enter into or fulfill a contract.
Website delivery and logging
1. Description and Scope of Data Processing
Each time our site is visited, the system automatically records data and information about the visitor’s computer system.
The following data is collected in this case:
- Information about the browser type and the version used
- The user’s operating system
- The user’s internet service provider
- The user’s pseudonymized IP address
- Date and time of day of admission
- Websites from which the user’s system reaches our site
- Websites that the user’s system accesses via our website
The data is also stored in our system logs. This data is not stored together with other personal data about the user.
2. Legal Basis for the Data Processing
The legal basis for the temporary storage of data and log files is Article 6 (1) (f) of the GDPR.
3. The Purpose of the Data Processing
The system temporarily stores the IP address, which is necessary for the website to be delivered to the user’s computer. This requires that the user’s IP address be stored for the duration of the session.
The storage of logs takes place to ensure the functional capacity of the site. We also use the data to optimize the website and to maintain the security of our information technology systems. Data are not evaluated for marketing purposes in this regard.
For these purposes, our legitimate interest in data processing is also in accordance with Article 6 (1) (f) of the GDPR.
4. Storage Period
Data is deleted as soon as it is no longer needed for the purpose for which it was collected. When data is collected to enable the site to function, the data will be deleted as soon as the session is over.
In the case of data storage in log files, this is the case after a maximum of seven days. Certain storage beyond this period is possible. In this case, the users’ IP addresses are deleted or masked so that it is no longer possible to refer to the accessing client.
5. Possibility of Objection and Disposal
Registering data for delivering the website and storing data in log files is essential for the operation of the internet website. Consequently, the user has no opportunity to object.
Use of Cookies
1. Description and Scope of the Data Processing
Our website uses cookies. Cookies are text files stored in the Internet browser or by the Internet browser on the user’s computer system. When a user opens a website, a cookie can be stored on the user’s operating system. This cookie contains a character sequence that allows unique identification of the browser when the website is reopened.
We use cookies to organize our website so that it is more user-friendly. Some elements of our website also require that the browser be identified, even after switching to another page.
The following data is stored and transferred in cookies in this connection:
- Language settings
- Login information
- Previous visits to prevent pop-ups from showing again
- Session information for web services
On our website, we also use cookies that allow an analysis of the user’s surfing habits:
- Keywords entered
- The frequency of page access
- Utilization of website features
- Browser
- Operating systems
- Date and time of day of access
- Websites from which the user’s system reaches our website
The user’s data collected in this way are pseudonymised by technical regulations. It is therefore no longer possible to match the data to the user who has access. The data is not stored together with other personal data about the user.
When visiting our website, users are informed about the use of cookies for various purposes using an information banner and are referred to this privacy statement. In this connection, there is also a comment on how to work with the browser settings to prevent cookies from being stored.
2. Legal basis for the data processing
The legal basis for the processing of personal data using cookies is Article 6 (1) (f) of the GDPR.
3. The purpose of the data processing
The purpose of the use of technically necessary cookies is to simplify the use of websites for the users. Some of the features of our website cannot be offered without the use of cookies. For these, it is necessary that the browser be recognized, even after a change to another page.
We require cookies for the following:
- Acquisition of language settings
- Remember search terms
- Functional capabilities of various PHP applications
The user data collected by the technically necessary cookies is not used to create user profiles.
4. Shelf life, possibility of objection and disposal
Cookies are stored on the user’s computer and transferred from there to our website. You as a user therefore also have full control over the use of cookies. By changing the settings of your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. If cookies are disabled for our website, it is possible that not all of the website’s functions will be able to be used in full.
Rights of the data subject
You have a number of rights under the law in relation to our processing of information about you:
1. Right to see information (right of access)
You have the right to have access to the information that we process about you as well as a variety of additional information.
2. Right of rectification (correction)
If you believe that the personal data which we process about you is inaccurate, you have the right to have it corrected. You must contact us and tell us where the inaccuracies are and how they can be corrected. We must in all instances decide whether or not we believe your request is justified. When you contact us with a request to have your personal data corrected or deleted, we will investigate whether the conditions have been met, and and if so, we will implement changes or the deletion as quickly as possible.
3. Right to deletion
We generally delete personal data when it is no longer necessary. In special cases, you have the right to have specific information about you deleted up until the time when our normal, general deletion takes place. This applies, for example, if you retract your consent and we do not have another basis to process the information. If you believe that your data is no longer necessary in relation to the purpose for which we collected it, you can ask for it to be deleted. You can also contact us if you believe that your personal data is processed in violation of the law or other legal obligations.
4. Right to limitation of processing
If you contest information that we have registered or in any other way process, you may request that we limit the processing of the information until we have been able to determine if the information is correct. You may also request limitation instead of deletion if you believe our processing of the information is illegal or if you believe we no longer need the information or if you believe your legitimate interests precede the legitimate interests of the data controller. If it is found in your favour that our processing is to be limited, we may in the future only process the information with your consent or in order for legal requirements to be established, enforced or defended or to protect a person or important social interests.
5. Right to transmit information (data portability)
You have the right to receive personal data which you have made available to us and which we have obtained about you from other players on the basis of your consent. If we process data about you as part of a contract in which you are a party, you may also have the data sent to you. You also have the right to transfer this personal data to another service provider. You may also ask us to have the information sent directly from the data controller to another authority or company. If you want to exercise your right to data portability, you will receive your personal data from us in a commonly used and machine-readable format.
6. Right to object
You have the right to raise objections against our processing of information about you. You may also object to our disclosure of your data for marketing purposes. You can use the contact information at the top to send an objection. If your objection is justified, we will ensure to cease the processing of information.
7. Right to receive information about new purposes
If we wish to use information about you for a purpose other than the purposes which we have previously disclosed to you, for example in this privacy policy, you have the right to receive information about this before we process the information further for the other purpose.
8. Right to withdraw your consent
If our processing of your information takes place on the basis of your consent, you may withdraw the consent at any time. If you withdraw the consent, we may be no longer process the information. Withdrawal of consent does not affect the legality of the processing that is based on consent prior to the withdrawal. If we have another legal basis for processing than consent with an independent purpose – for example retention of information for compliance with the rules concerning accounting – this processing will still continue to take place.
If you are not satisfied with our response, you have the possibility to appeal to the Danish Data Protection Agency. In general, if you are dissatisfied with the way your personal information has been processed, you may appeal to the Danish Data Protection Agency, which will then investigate the matter and make a decision. The contact information of the Data Protection Agency can be found at www.datatilsynet.dk.