Privacy Policy

We take the protection of data seriously

Sixtus Compliance and Sixtus Technologies takes the protection of data, including personal data, seriously. Sixtus is responsible for the specific and legitimate purposes with, and means to, processing data – including personal data – and is obliged to protect your information.

We process personal data and have, thus, composed this privacy policy, which explains how we process your personal data. Furthermore, Sixtus is obliged to secure, that the processing of your personal data takes place in accordance with the European Parliament and Council’s regulation (EU) 2016/679 of April 27th 2016, regarding protection of physical individuals in relation to the processing of personal data.

When you visit our website, you accept the contents of this privacy policy and any other documents mentioned within the policy. This privacy policy defines how we treat all personally identifiable data that are collected. If you do not agree to the terms, we ask you to not make use of this website.

Moreover, the privacy policy describes the security measures we relate to in order to protect your personal data, your right to access, correct or erase personal data and the right to make a complaint to the data protection agency. Also, we continuously assess how high the risk is that our data processing will effect your basic rights negatively.

Use of the website

Proprietary rights

This website is owned and run by Sixtus Compliance and Sixtus Technologies (in the below named “Sixtus”).

User license

When you are on the website, you are welcome to take a look around. Sixtus gives you permission to view this website, print and download the material shown on this site for your own personal use, given that you – without conditions – accept the terms and conditions within our policies, and given that you make sure that all injunctions and prohibitions concerning copyright, trademark and other proprietary rights are respected. However, you cannot in any way without written consent from Sixtus, copy, reproduce, upload, forward or distribute the contents of this website, including texts, images, audio and videos, for public or commercial purposes. The contents of this website may not be placed in the frames of third party websites either (prohibition against framing).

Intellectual property rights

Texts, layout, illustrations, databases and other parts of this website, including the website itself, are protected by copyright and by the rights of the producer of this database. Certain names, brands and logos on this website are protected trademarks.

Nothing on this website can be interpreted as a licensing right or any other right to use any trademark that is shown on this website, without written consent from Sixtus or third party who may own the trademarks shown on this website.

Any form of copying, processing, translation, modification and any use of all or parts of this website or its protected elements in any form and in any way, is prohibited.

Contact information
Contact person: Bjørn Leth Erichsen
Address: Orient Plads 1, mezz.
DK-2150 Nordhavn, Denmark
Central Business Register number.: 40649832
Telephone: +4551781999
E-mail: bjorn@sixtus-compliance.dk
Website: www.sixtus-compliance.dk

Sixtus is data controller, and we assure that your personal data are processed in accordance with the law.

Processing of personal data

We process these types of data about you

Personal data covers all types of information which can be used to identify a person, including, but not limited to, first and last name, age, gender, private address or other physical address, mobile phone number, e-mail address or other contact information, regardless of whether they relate to the person’s private residence or work place.

We process data about you to make our service better and secure quality in our products and services and in our contact with you.

Automatic collection of data

Our digital solutions are based on different technologies with the purpose of securing user-friendliness and security. These technologies can automatically collect data in order to offer the best possible solution, either directly or through third party on behalf of us. Cookies and analysis of clickstream data are examples of this, cf. below.

Use of cookies

Cookies, purpose and relevance

If we place cookies, you will be informed of the usage and purpose with gathering the data via cookies.

We collect your consent

Before placing cookies on your equipment, we ask for your consent. Necessary cookies to secure functionalities and settings, can, however, be applied without your consent. We do currently not use any cookies that track, or in any way collect or store your data.

Information that you actively submit

In addition to the information that is automatically collected, we also process data that the users have actively given to us. Examples of data that the users actively submit:

  • E-mail, phone number, address, date of birth, payment information etc.
We collect and store your personal information for specific purposes

We collect and store your personal information related to specific purposes or other legal business-related purposes. This happens when we need to: (non-exhaustive list!)

  • Have an archive of the registered products and associated personal information
  • Confirm your identity during communication with us
  • With your specific consent, be able to contact you via the contact information that you have submitted, for marketing, sales, commercial and analyses purposes.
We only process relevant personal data

We only process data about you that are relevant and sufficient in relation to the specific purposes. The purpose is decisive to which type of data associated with you is relevant to us. The same applies to the extent of the personal information we use. I.e. we do not use more data than what we need for the specific purpose.

Prior to processing your personal information, we investigate whether it is possible for us to minimise the amount of data about you. We also investigate if any of the data types we use can be used in an anonymised or pseudonymised form. We can do this if it does not affect negatively on our obligations or the services, we offer you.

We only process necessary personal information

We only collect, process and store the personal information necessary to fulfil our determined goals. Moreover, it can be provided by law which types of data are necessary to collect and store for our business operations. The type and extent of the personal information we process, can also be necessary to fulfil a contract or other legal obligations.

To protect you against unauthorised entities gaining access to your personal information, we make use of solutions that automatically secure that data are only accessible to relevant employees. There is also embedded protection against an unlimited number of people who can gain access to data.

We control and update your personal information

We control that the personal information we process about you are not incorrect or misleading. We also make sure to continuously update your personal information.

Since our service is dependent on your data being correct and updated, we ask you to inform us of relevant changes to your data. You can use the contact information above to inform us of your changes.

We delete your personal information when they are no longer necessary

We delete your personal information when they are no longer necessary in accordance with the purpose that formed the basis of collecting, processing and storing your data. The period of time is dependent on the type of information and the background for storing it.

We do not pass on your personal information without your consent

If we pass your personal information on to business partners and operators, i.e. for marketing purposes, we collect your consent and inform about what the data will be used for. At any time, you can make objections against this type of transmission, and you can decline to receive enquiries for marketing purposes in the Civil Registration System.

We do not collect your consent if we are legally obliged to pass on your personal information, i.e. as part of our reporting to the authorities.

We protect your personal information and have internal rules concerning IT-security

We have established internal rules on information security, which entail instructions and precautions that protect your personal information from being erased, lost or altered, against unauthorised release and against unauthorized access or knowledge of them.

We have established procedures for assigning access rights to those of our employees that process sensitive personal data and data that reveal information on personal interests and habits. We control their actual access through logging and supervision. To avoid data loss, we continuously take data backups. We also protect the confidentiality and the authenticity of your data through encryption.

In case of a security breach, which results in a high risk of discrimination, ID theft, financial loss, loss of reputation or other significant disadvantage, we are obliged to inform you of the security breach as soon as possible. 

Your rights

You have the right to access your personal information

At any time, you have the right to know which data we process about you, where they come from, and what we use them for. You can also be informed about for how long we store your personal data, and who receives data about you, to the extent that we pass on information in Denmark and abroad.

Per your request, we can inform you about the data we process about you. This access may, however, be limited by the consideration of other persons’ privacy rights, trade secrets and intellectual property rights.

You can make use of your rights by contacting us. Our contact information can be found in the beginning of this policy. We strive to accommodate your request as soon as possible and no later than a month after we receive your enquiry.

You have the right to have inaccurate personal information corrected or deleted

If you find the personal information, we process about you to be inaccurate, you have the right to have it corrected. You should contact us and inform us of the inaccuracies and how to correct them.

When you contact us with a request to correct or delete your personal information, we will investigate whether the conditions are met, and then, we will correct or delete the information as soon as possible and no later than a month after we have received your enquiry.

You have the right to object to our processing of your personal information

You have the right to object to our processing of your personal information. You can also object to our transmission of your data for marketing purposes. Make use of the contact information at the top to send us your objection. If your objection is legitimate, we will make sure to discontinue the processing of your personal information.

If you wish to object to our data processing, we will check to see if it is possible and answer your enquiry as soon as possible and no later than a month after receiving it.

Access to information

Questions and comments to this privacy policy can be directed at bjorn@sixtus-compliance.dk. If you want to know which information we have registered about you, receive a copy of the information or have us delete or correct your information, you can write to us at bjorn@sixtus-compliance.dk.

If you are not content with our response, you can file a complaint with the Danish Data Protection Agency (Datatilsynet)

Datatilsynet
Carl Jacobsens Vej 35
DK-2500 Valby
Telephone: +45 33 19 32 00
E-mail: dt@datatilsynet.dk