In this privacy policy SDC has described how SDC processes and protects personal data for which SDC is responsible.  

SDC is responsible for personal data of employees with SDC, consultancy companies, business partners and affiliated banks.

When SDC processes data, we will refer to this privacy policy. In some cases SDC may forward or make available specific information regarding the processing of personal data, if the processing is not found to be sufficiently described in this policy.

SDC processes personal data in the following way:

Job applicants, employees or consultants in SDC

When you apply for a job in SDC, are hired or start as an external consultant in SDC, SDC processes personal data related to you in connection with your application, employment or the function you are to carry out in SDC.

The specific personal data SDC processes regarding you and the legal basis for the processing is given in connection with the job application, employment or the entering into an agreement regarding consultancy services.

Contact persons in banks, business partners and guests at SDC

SDC registers contact information of persons, for example contact persons in banks or at business partners.

The purpose of this is to be able to deliver a service; it could be the sending out of a newsletter, participation in an event, course or a project at SDC.

SDC only collects the personal data necessary in order to deliver the service, for example for the sending out or the invoicing of the service in question.

SDC only collects non-sensitive personal data such as name, position, work e-mail, work phone, as well as the name of the employer.

When visiting SDC, we register your name at the arrival for security reasons.

The legal basis for the above-mentioned processing of personal data is the so called Balance of Interests rule.

SDC pursues a legitimate interest by processing this data that of being able to enter into contact. An interest which does not infringe upon the rights of the data subject, but is both in the interest of SDC, the customers and the business partners.

Retention of Personal data

SDC has fixed criterias for how long we retain personal data and when we delete data. This ensures that we only retain personal data for as long as we have an objective purpose for the retention. The purpose of the retention can be compliance with specific legislation, for example the Danish Financial Statements Act, or to ensure we can deliver the service in question.

Disclosure of personal data

SDC does not disclose personal data to third parties. SDC will always secure a legal basis for disclosure and inform specifically about this.

Use of Cookies

We use cookies on the website in order to improve the online experience. The purpose of this is to make the website more relevant for our users.

Do you wish to exercise your rights?

According to the applicable regulation on the protection of personal data, you have a number of rights concerning the processing of your personal data. For example, you have the right to access your personal data, have your data deleted if SDC no longer has reason to retain or process it, and of course have your data rectified in the case it is incorrect.

For questions regarding your data subject rights and request for access to your personal data among other things, please contact our data protection officer (DPO).

Data Protection Officer (DPO)

Rasmus Broeng Jørgensen

SDC A/S

Borupvang 1A

DK – 2750 Ballerup

Phone number – +45 44 65 71 11
E-mail -dpo@sdc.dk

We urge you not to send sensitive or confidential information, if you send an enquiry.

Complaint to the Data Protection Agency (Datatilsynet)

If you are dissatisfied with the manner SDC processes your personal data, you can submit a complain to the Data Protection Agency in the following way:

Datatilsynet 
Borgergade 28, 5. 
1300 Copenhagen K 
dt@datatilsynet.dk

Are you a bank client? – If so, the bank is responsible for your personal data

SDC is an IT-company delivering IT-services, primarily in the form of system solutions and data processing to approximately 120 Nordic banks. That means that SDC is data processor for these banks. Among other things, SDC is registered as a subscriber to updates from the CPR-Register. We do this on behalf of and as a data processor for our affiliated banks.

If you are a client in one of our affiliated banks, you are not covered by SDCs privacy policy, and SDC has not access to your personal data as data controller. As a client in an affiliated bank you should always contact your bank, if you want information about the processing of your personal data or exercise your data subject rights. It is the bank, who is the data controller/responsible for personal data in respect of its clients. You can find a list containing the banks affiliated to SDC here.