In connection with your participation in Deloitte’s client feed-back process, Deloitte will as a data controller collect and process your personal data for the purposes specified below. Deloitte processes personal data in accordance with the principles in EU’s General Data Protection Regulation (GDPR) and the Danish Data Protection Act.
Please read carefully below, how we process your personal data in connection with this process.
1. Which data do we collect about you and for which purposes?
2. From whom do we collect your personal data?
3. The legal basis for the collection and processing of your personal data
4. Who do we share your personal data with and why?
5. Who do we transfer your personal data to?
6. How long do we store your data?
7. Your rights
9. Revision of our privacy notice
We collect and process the following types of personal data for the purposes of: Collecting your feed-back on our services and our brand as well as our employees and partners; optimising our services to our clients; optimising our client relationships; and for documentation purposes:
We collect and process your data based on the following article in GDPR:
The legitimate interests pursued by Deloitte in this context include gaining insight into our clients' perception of our services and deliverables and the performance of our employees and partners, in order to allow us to enhance our services and deliverables and to make an impact that matters to our clients.
These interests have been balanced against your rights and your right of freedom. Given the fact, that your participation in our client feed-back process is entirely based on your own decision, we find that any potential impact on your rights and right of freedom is proportionate with the purposes of the processing.
Transfer of personal data to data processors
We may transfer your personal data to other Deloitte entities. We may also transfer your data to IT providers, including cloud service providers, or to external service providers, who process and /or store your personal data on our behalf.
Transfer of personal data to recipients in countries outside the EU/EEA
We may transfer your personal data to recipients located in countries outside the EU/EEA for the purposes listed in section 1. In such case, the legal basis for the international transfer will be EU’s Standard Contractual Clauses (SCC), or other applicable legal basis.
Subject to the conditions set out in the applicable data protection legislation, you have the following rights:
Please note that these rights are not absolute, as they should be balanced against legal requirements and Deloitte’s legitimate interests.
You also have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet):
Borgergade 28, 5
1300 København K
Telephone: 33 19 32 00
Please contact us at firstname.lastname@example.org if you have any questions with regards to the protection of your personal data, or if you wish to exercise your legal rights.
Deloitte Statsautoriseret Revisionspartnerselskab
CVR-nr. 33 96 35 56
2300 Copenhagen S