Privacy policy
1. INTRODUCTION
1.1
Pursuant to chap. III of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”), we are obliged to disclose how we process personal data.
1.2
“Personal data” means any information that can be attributed to a specific person, even if the person can only be identified if the information is combined with other information.
2. DATA CONTROLLER
2.1
Flyadvokaten is the data controller for the processing of the personal data we process about our clients, business partners, parties, counterparties, representatives and others.
2.2
Information about Flyadvokaten:
Flyadvokaten Advokatanpartsselskab
CVR no. 4443 1114
Hellerupvej 5
DK-2900 Hellerup
Phone 33433333
2.3
It is not a requirement that Flyadvokaten has an external DPO (Data Protection Officer). If you have any questions regarding the processing of your personal data, you are welcome to contact us by e-mail: mail@flyadvokaten.com.
3. PROCESSING ACTIVITIES
3.1
As data controller, we carry out the processing activities mentioned in sections 3.2-3.5.
3.2
Visiting the website
When you visit our website, we use cookies. You can read more about this in our Cookie Policy.
3.3
Communication with potential customers
If you have questions about our advice and assistance and/or wish to open a case, you can contact us via email, phone or the contact form on our website. In connection with this contact with you, we process your personal data. In connection with this initial communication, we only process the personal data that you provide us with. We will typically process the following general information: full name, address, email address and telephone number. Our legal basis for processing this personal data is Article 6(1)(f) of the General Data Protection Regulation.
3.4
Provision of legal services
If you are a client of Flyadvokaten, we generally process your data in order to provide you with legal advice.
We may process information about your name, email address, telephone number and home address as well as information about the business relationship we have with you. In addition, we may process your bank details (e.g. to document the amount of a payment or to document that an alleged payment has not been made) and information about the trip(s) you have taken (and with whom).
We may also process information about your job/title and the company you may be employed by. Such information is generally only collected if you choose to provide it to us, e.g. via your email signature.
The legal basis for our processing is Article 6(1)(b) of the General Data Protection Regulation and our legitimate interest in managing the client relationship, cf. Article 6(1)(f) of the General Data Protection Regulation.
If the case is to be transferred to the court, we process your CPR number, as this is required to bring a case on the Court’s case portal/www.minretssag.dk (hereinafter the “Case Tracker”), cf. Article 6(1)(f) and Article 9(2)(f) of the General Data Protection Regulation, cf. Section 11(2)(4) of the Danish Data Protection Act, cf. Section 7(1).
We may also process your sensitive personal data if they have been made public by you and/or you have communicated them to us and they are relevant to the matter we are processing, cf. Article 6(1)(f) and Article 9(2)(e) of the GDPR.
According to. Bookkeeping Act, we must save all accounting documents. This means that we save invoices and similar documents for accounting purposes. This may include general personal data such as name, address and service description. Our legal basis for processing personal data for accounting purposes is Article 6(1)(1) of the General Data Protection Regulation. We store this information for a minimum of 5 years after the current financial year has ended.
3.5
Parties, counterparties, representatives and others
If you are a party, counterparty, representative or court employee in a case handled by Flyadvokaten, we generally process your data in order to assist our client in the case in question. We may process your identity, contact and professional data, including name, email address, phone number, position and your relation to the case.
The legal basis for our processing is our legitimate interest as lawyers in assisting our client with the handling of the case, cf. Article 6(1)(f) of the General Data Protection Regulation. In certain cases, the legal basis may also be compliance with a legal obligation, cf. Article 6(1)(c) of the General Data Protection Regulation.
4. RECIPIENTS
4.1
In some cases, we entrust your personal data to our business partners and suppliers, e.g. our IT suppliers. These business partners only process the personal data on behalf of Flyadvokaten and in
in accordance with Flyadvokaten’s instructions.
4.2
We may also disclose your personal data to external third parties if we are required to do so or if it is part of the service we provide to you. This will in particular be the courts and relevant airlines/ticketing agents, other law firms, parties, counterparties and representatives. In connection with any deposit of client funds received into a client account, we are obliged to disclose the client’s identity information to the account-holding bank for the purpose of the bank’s fulfillment of its obligations under the Danish Act on Measures to Prevent Money Laundering and Financing of Terrorism (hereinafter the “Money Laundering Act”).
5. THIRD COUNTRIES
5.1
Flyadvokaten may transfer your personal data to third countries (countries outside the EU/EEA). This will be particularly relevant if the claim does not relate to an EU-based airline.
6. STORAGE AND DELETION
6.1
Your personal data is deleted when it is no longer needed. The starting point is that all data is stored for a min. stored for 5 years from the end of the case. However, we always make a concrete assessment on a case-by-case basis. However, certain data may be stored for longer, including (but not limited to) to determine whether there is a conflict of interest. Special legal rules, e.g. in the Danish Bookkeeping Act, the Danish Money Laundering Act and the Danish Limitation Act, may give us the obligation or right to store your personal data for a longer period of time.
7. THE RIGHTS OF DATA SUBJECTS
7.1
With certain exceptions provided by law, you have the right to access the personal data we process about you.
7.2
In addition, you can object to the collection and further processing of your personal data, and you have the right to rectify inaccurate personal data.
7.3
You can demand that we restrict the processing of your personal data. If you request it, we will otherwise delete the personal data we have registered about you, unless we can continue processing on a basis other than consent, e.g. if the processing is necessary to establish a legal claim, if it is necessary to respond to an inquiry from you or if we are required by law to store the data. Withdrawal of your consent does not affect the lawfulness of the processing that has taken place prior to the withdrawal of consent.
7.4
Under certain circumstances, you may request that we provide you with a copy of your personal data in a structured, commonly used and machine-readable format, just as you may request that we transmit the data to another controller (data portability).
7.5
If you wish to exercise your rights as described above, you are welcome to contact us at any time, cf. section 2.1.
8. DATA PROTECTION
8.1
If you disagree with the way in which we process your personal data or the purposes for which we process the data, we kindly ask you to contact us, cf. section 2.1. Any such contact will of course be taken very seriously.
8.2
You can complain about our handling of your personal data to the Danish Data Protection Agency:
Carl Jacobsens Vej 35
2500 Valby
Phone +45 33 19 32 00
E-mail: dt@datatilsynet.dk
8.3
You can read more about your rights in the Danish Data Protection Agency’s guide on the rights of data subjects, available at www.datatilsynet.dk.