Data processing principles
You have reached this page via a link as you wish to learn more about how we handle personal data. In order to fulfil our obligations to provide information in accordance with Arts. 12 et seq. of the General Data Protection Regulation (GDPR), we are happy to provide you with the following information on data protection:
Who is responsible for data processing?
Within the meaning of data protection legislation, the data controller is
Sysmex Nordic ApS
Hedegaardsvej 88
2300 København S
You will find additional information about our company, details on individuals with authority to represent the company, and other contact options on the imprint page of our website.
Which of your data do we process? And for what purposes?
If we have received data from you, we will fundamentally only process it for the purposes for which we have received or collected it.
The only circumstances under which we will consider processing data for other purposes are if the relevant legal requirements under Art. 6 paragraph 4 GDPR apply, in which case we will, of course, observe any information provision requirements stipulated in Art. 13 paragraph 3 GDPR and Art. 14 paragraph 4 GDPR.
What is the legal basis for this?
The legal basis for the processing of personal data is fundamentally Art. 6 GDPR – unless other specific legal requirements apply. The following possible bases are of particular relevance in this regard:
- consent (Art. 6 paragraph 1 letter a) GDPR,
- data processing for the performance of a contract (Art. 6 paragraph 1 letter b) GDPR,
- data processing for the purpose of balancing legitimate interests (Art. 6 paragraph 1 letter f) GDPR,
- data processing for the purpose of complying with a legal obligation (Art. 6 paragraph 1 letter c) GDPR.
Where we process personal data on the basis of your consent, you have the right at any time to withdraw the consent you have given us with effect for the future.
Where we process data for the purpose of balancing legitimate interests, you have the right as a data subject (having due regard to the requirements of Art. 21 GDPR) to object to the processing of your personal data.
For how long is the data stored?
We process the data for as long as is necessary for the relevant purpose.
Where statutory retention stipulations apply – e.g. under commercial or tax law provisions – the relevant personal data will be stored for as long as is stipulated. Once the retention stipulation period has expired, we check whether there is a continuing necessity for the data to be processed. Should there be no such necessity, the data is erased.
You can, of course, request information at any time regarding the data stored by us in respect of you and, should there be no necessity to store such data, require that the data be erased or processed in a limited manner.
To which recipients is the data transferred?
Essentially, your personal data is only transferred to third parties where this is necessary for the execution of the contract with you, where such transfer is permissible for the purpose of balancing legitimate interests within the meaning of Art. 6 paragraph 1 letter f) GDPR, where we are legally obliged to effect such a transfer, or where you have provided your consent for us to do so.
Where is the data processed?
Your personal data is processed by us mainly in data centres in the European Union. If transfers outside of the European Union occur, we will provide appropriate safeguards to ensure compliance with the provisions of the GDPR.
Your rights as a "data subject"
You have the right to receive information regarding data processed by us in respect of you.
We hope you will understand that, each time you request information from us, we may request evidence from you to support the fact that you are the person you claim to be.
To the extent provided for by law, you have a right to have your personal data rectified, erased or processed in a limited manner.
You have a right to object to the processing of your personal data to the extent permitted by law. You also have a right to data portability.
In particular, you have a right to object (as specified under Art. 21 paragraphs 1 and 2 GDPR) to the direct-marketing-related processing of your personal data where this is carried out on the basis of the balancing of legitimate interests.
Our Data Protection Officer
We have appointed a Data Protection Officer within our company. You may contact him/her by post or by e-mail as follows:
Sysmex Nordic ApS
Data Protection Officer
Hedegaardsvej 88
2300 København S
E-mail: dataprotection@sysmex-europe.com
Right of appeal
You have the right to appeal to a data protection supervisory authority regarding our processing of your personal data.
Information as of: 31/07/2018.