Data protection policy
This is our policy for processing the personal data we obtain from you when you visit our website or use our services. The intention of this policy is to explain how and why we obtain personal data about you, and clarify how we process these data after collection.
We deeply respect your privacy and we take our role as data controller very seriously. We handle all your data in accordance with the current legislation, including the EU’s General Data Protection Regulation.
You can contact us via e-mail at firstname.lastname@example.org or via post at:
Otello Law Firm
Skt. Clemens Torv 9, 1st floor
8000 Aarhus C
What is personal data?
Personal data is any data that – directly or indirectly – relates to you as a natural person. This can be your name, birthdate, address, e-mail, phone number or IP address.
If the data concerns your race, sexuality, political or philosophical views, union membership, health or criminal offences, the data is categorized as sensitive data, which is subject to stricter rules than regular personal data. As a rule, we never ask you to provide sensitive data to us. Should you choose to provide such data to us either way, e.g. by using our contact form, please note that this happens at your own volition.
In some cases, we are required to obtain certain information about you, e.g. in order to obey the rules protecting against money laundering or the code of conduct for attorneys-at-law. If we obtain such data about you, it will be strictly limited to the data necessary to comply with the rules and we will always handle your data in accordance with the current personal data legislation.
Collection of data
We collect data from you when you use our contact form or when you contact us directly, e.g. in relation to an ongoing case.
When you make a submission via our website, you are asked to provide certain information about yourself, such as your name, e-mail address and possibly telephone number, which are necessary for us to have in order to communicate with you and provide our reply.
If you contact us directly via phone, e-mail or regular post, we will collect the data necessary to reply to you. We will also collect the data you choose to provide us in your enquiry.
If you sign up for our newsletter, you are asked to provide your e-mail address and name. This is necessary in order for us to add you to our subscribers list with our newsletter service Mailchimp. After signing up, you will receive an e-mail asking you to confirm your subscription. If you do not op-in and give your confirmation, you will not be added to our list, and we will subsequently not process your data.
You can, at any given time, cancel your subscription to our newsletter by pressing the link in the bottom of our newsletter e-mails, or by contacting us directly and asking to be removed from the list.
Storage of data
We will only store your data as long as it is necessary. Submissions and old cases will be deleted on a regular basis, in so far as this is in accordance with the code of conduct for attorneys-at-law and other relevant legislation.
In some cases, we keep your data in order to fulfill a legal obligation, e.g. data obtained through an online order at our website Rettigheder.dk or data related to a paid invoice, which we are obligated to keep for 5 years under the Danish bookkeeping act.
Transfer of data
In order to deliver our services, we use a number of IT systems. This means that some of your data will be stored with a third party. Such third parties are considered data processors and will only process your data to the extent requested by us and always in accordance with the current personal data legislation. We have data processing agreements in place for all our data processors and your data is therefore safe and sound with us and them.
We can also be required to transfer your data if it is necessary to comply with the current personal data legislation or if a public authority requires us to do so.
- Transfer outside of the EEA
Some of our IT suppliers are based outside the EEA. This means that your data can be transferred to a third country not regulated by the General Data Protection Regulation. In such cases, we have data processing agreements in place with the supplier, which makes sure that our supplier lives up to the rules of the regulation, and we regularly monitor their certification status, e.g. under the Privacy Shield certification program.
As a data subject, you have a number of rights:
- Withdrawal of consent
If our processing of your data is based on your consent, you have the right to withdraw your consent at any time. If you do this, we will delete all your personal data and stop all processing based on your consent immediately. We can, however, continue to process your data to the extent it is necessary to provide our services to you, or if we are legally obligated to do so, as mentioned above.
- Right to information and control
You have the right to obtain a copy of the data we have on you. You also have the right to portability, meaning you can choose to move your data to another data controller, as long as this does not affect the rights or freedom of a third party.
If our data on you is incorrect or inadequate, you have the right to have the correct data registered with us. You also have the right to deletion of your data and a right to be forgotten, provided that the data is no longer necessary for us.
- Right to object
If our processing of your data is based on the interest of the public, our legitimate interests, or for the use of statistics, direct marketing or profiling, you have a right to object. As a rule, we never process your data on this basis.
If you have objected to our processing, you have the right to restriction of your data while your objection is being processed.
- If you wish to use your rights
If you wish to use any of your rights listed above, a request must be sent to us via e-mail or post. You can see our contact information at the beginning of this page.
Your request must contain your contact information and a specification of which right you wish to invoke, and – if relevant – a specification of the data your request concerns. We will get back to you as soon as possible after receiving your request.
If you wish to complaint
If you believe our processing of your personal data is in violation of the current personal data legislation, you can make a complaint to the Danish data protection agency. You can visit their website here: Danish data protection agency
If you have any questions about our processing of your data, you are more than welcome to contact us. You can find our contact information at the beginning of this page.