Introduction

When you visit Gibotech’s website, we collect infor­mation about you, which we use to improve our content and adapt our ads on other digital channels. If you do not want the infor­mation to be collected about you, you should delete your cookies and refrain from using our website in the future.

At Gibotech, we ensure fair and trans­parent processing of personal data in accor­dance with all appli­cable laws, and local and inter­na­tional regu­la­tions; including the EU’s personal data regu­lation (GDPR). We protect personal data and the privacy of indi­vi­duals in all areas of our business in accor­dance with the terms of this Privacy Policy.

Below we have elabo­rated on which infor­mation is collected and its purpose. If you want to see which third parties have access to them – and why they have it – you can see it in our cookie policy.

Personal data and data subjects

In this personal data policy, “personal data” is under­stood as all infor­mation relating to an iden­tified or iden­ti­fiable natural person (the “regi­stered”).

Personal data is gene­rally cate­go­rized either as “ordinary personal data” or as “sensitive personal data”.

Sensitive personal infor­mation is always confi­dential and includes racial or ethnic origin, poli­tical opinions, reli­gious or philos­op­hical beliefs, trade union membership, genetic and biometric data, and health and sexual orientation.

General Personal Data is partly confi­dential and includes infor­mation about criminal offences, national iden­ti­fi­cation numbers, infor­mation about a person’s salary, debt or pension, appli­cation mate­rials and so on and all other types of General Personal Data; including name, customer number, (business) contact infor­mation such as email and phone number, photos, IP address and other usage infor­mation collected via cookies.

This Personal Data Policy applies to all personal data that Gibotech collects and processes about indi­vi­duals, visitors, cust­omers, suppliers (including third-party service providers), other stake­holders and users of Gibotech’s website and services.

Principles for the protection of personal data

Gibotech adheres to the following prin­ciples to ensure the protection of personal data in accor­dance with the GDPR.

• Purpose limi­tation: We only collect and process personal data – including sensitive data (if any) – for specified, explicit and legi­timate purposes that are relevant to Gibotech’s business.
• Legality, fairness and trans­pa­rency: Personal data must be processed legally, fairly and in a trans­parent manner in relation to the data subject. Where legally required, Gibotech will inform the indi­vidual of the purpose of the processing of their personal data, their right to have their personal data corrected, deleted or blocked and the identity of the company respon­sible for collecting and processing their personal data.
• Accuracy: To ensure that Personal Data processes are accurate, Gibotech shall ensure that Personal Data is reviewed and updated peri­o­di­cally where appropriate.
• Storage limi­tation: Personal data may only be stored for the time required to fulfil the purpose or as prescribed by law.
• Integrity and confi­den­ti­ality: When processing personal data, it is important that such data is protected by appro­p­riate security measures to minimize risks such as data loss, unaut­ho­rized access, destruction and acci­dental disclosure.
• Accountability: To ensure that the processing of personal data is carried out in accor­dance with the GDPR, Gibotech has imple­mented appro­p­riate tech­nical and orga­niza­tional measures that are reviewed and updated as necessary.
• Cross-border transfer of data-specific rules applies when Gibotech transfers personal data from the EU/EEA to third coun­tries or inter­na­tional orga­ni­sa­tions, which are discussed further in the section on data transfer below.

The types and purpose of collection of personal data

Gibotech collects and processes personal data exclu­sively for specified, explicit and legi­timate purposes that are relevant to our business. The purpose of collecting and processing personal data also depends on the type of data subject. Relevant depart­ments and employees who have access to personal data must follow the legal requi­re­ments, the prin­ciples in this personal data policy and the internal guidelines.

• Employment: Gibotech collects and processes personal data – including sensitive data (if any) – on appli­cants and candi­dates for employment purposes and in accor­dance with legal requirements.
• Gibotech’s website users: When you visit our website, we collect data about you, which is used to improve and cust­omize our content on the site. The following types of data are typi­cally collected and processed: a unique ID and tech­nical infor­mation about your computer, tablet or mobile phone from which you access the website, your IP number, geographic location, and which pages you click on​.To the extent that you yourself give explicit consent to the processing of data in connection with appli­ca­tions or regi­stration for the news­letter, the processing of data takes place in Gibotech’s HR system or news­letter system​.Data about your use of the website, which ads you have received and possibly clicked on, your geograp­hical location, gender and age segment etc. are passed on to third parties to the extent that the data is known. You can see which third parties are involved in our cookie policy. The data is used for targeting ads.

  We also use some third parties to store and process data. They only process data on our behalf and may not use it for their own purposes.

  Dissemination of personal data such as name and e‑mail will only take place if you consent to it. We only use data processors in the EU or in coun­tries that can provide your data with adequate protection.

  Articles here on the website may contain embedded content (for example video and images). Embedded content from other websites collects data in exactly the same way as if you had visited that website directly. These websites may collect data about you, use cookies, embed addi­tional third-party tracking, and monitor your inte­r­a­ction with the embedded content.

• Cookies: The website uses cookies. Cookies are text files that are stored on your computer, mobile or tablet with the purpose of recog­nizing the website, remem­bering settings, performing stati­stics and targeting ads. Cookies cannot contain harmful codes such as viruses​.It is possible to delete or block cookies. If you delete or block cookies, the website might not function opti­mally, and there may be content that you will no longer be able to see or have access to​.You can see the complete list of cookies we use and read about how they are processed on our cookie policy page.
• Marketing: Gibotech collects and processes data (including name and contact infor­mation) about current and new cust­omers, business partners, suppliers – including third-party service providers – distri­butors, prospects and indi­vi­duals, website users and indi­vi­duals who have signed up for Gibotech’s news­letter for the following purposes: analysis, contact, managing contacts and sending messages, remar­keting and behavioural targeting, adver­tising and exhibitions.We may use third parties as service providers to send marketing infor­mation on our own behalf, but only in accor­dance with appli­cable legal requirements.Contracts, purchase orders and other transa­ctional agre­e­ments: In connection with sales and purchase transa­ctions, Gibotech collects and processes personal data – including name, contact infor­mation, delivery infor­mation, corre­spon­dence and payment infor­mation – necessary to conduct business and comply with export compliance regu­la­tions and other legal due dili­gence obligations.
• Accounting and finance: Gibotech collects personal data for acco­unting and financial purposes in accor­dance with appli­cable requi­re­ments. This infor­mation is provided for acco­unting by other internal depart­ments or received directly from indi­vi­duals or companies and includes infor­mation such as name, address, company name, regi­stration number, payment and bank details, delivery address and other mandatory information.
• Litigation: In the event of a dispute, Gibotech may retain personal data necessary for our legi­timate interest to ensure that we can properly bring or defend legal claims in court or in the stages leading to any legal action. Gibotech may need to share this infor­mation with third parties such as insu­rance and/or legal counsel, and we may also be required to disclose personal data at the request of gover­nment authorities.
• Consent and withdrawal of consent: To the extent that our processing acti­vities are based on your consent, you have the right to withdraw your consent at any time. If you withdraw your consent, we will stop processing your personal data, unless and to the extent that continued processing is permitted or required according to appli­cable legis­lation on personal data or other appli­cable legis­lation. If you withdraw your consent, it will not affect the lawfulness of the processing carried out before the withdrawal.If personal data is processed for the sake of the public good, the exercise of a public authority assigned to Gibotech, or with a view to Gibotech’s legi­timate inte­rests, a person can object to such processing by justi­fying the indi­vi­dual’s parti­cular situ­ation. However, if the data is processed for direct marketing purposes, a person can object to such processing at any time without giving any reason. In both cases, Gibotech must be contacted via gibotech@​gibotech.​dk.

Location and data transfer

The personal data is processed at Gibotech’s head office and other places where the parties involved in the processing are located. Special rules apply when Gibotech transfers personal data from the EU/EEA to third coun­tries or inter­na­tional orga­ni­sa­tions. When trans­ferring to third coun­tries or inter­na­tional orga­ni­sa­tions, we are obliged to introduce appro­p­riate security measures prior to the transfer. In practice, they are established by intro­ducing the European Commission’s standard contract provisions.

Following the GDPR, Gibotech has entered into a data processor agre­ement (DPA) and/or a joint data controller agre­ement (JDCA) and/or agre­e­ments with standard contract provi­sions (SPCs) with external parties and affi­liated companies; whichever is relevant.

The retention period

Personal data collected by Gibotech must be processed and stored for as long as is required according to the purpose for which the data was collected. Gibotech may be allowed to store personal data for a longer period if we have obtained valid consent and as long as the consent is not withdrawn. In addition, we may be required to store personal data for a longer period when it is necessary to fulfil a legal obligation or to establish, exercise or defend a legal claim.

When the storage period has expired, the personal data is deleted. Therefore, the right to access, the right to deletion, the right to recti­fi­cation and the right to data porta­bility cannot be met after the storage period has expired.

Data security and breach of personal data security

Gibotech takes appro­p­riate security measures to prevent unaut­ho­rized access, disclosure, modi­fi­cation or unaut­ho­rized destruction of personal data. The data processing is carried out using computers and/or IT-enabled tools according to orga­niza­tional proce­dures and condi­tions strictly related to the given purposes. To protect your personal data, we conti­nuously assess the risks that may be asso­ciated with our processing of your personal data. We pay parti­cular attention to protecting your personal data against discri­mi­nation, identity theft, financial loss, loss of reputation and data confi­den­ti­ality. To avoid loss of personal data, we regu­larly back up our systems, and we use encryption or other security measures where necessary.

In the event of a breach of personal data security that poses a high risk to your rights, we will notify you of the breach as soon as possible under the circum­stances. “A breach of personal data security” means a breach of security that leads to the acci­dental or unlawful destruction, loss, alte­ration, or unaut­ho­rized disclosure of or access to personal data. In short, there will be a breach of data security when personal data is lost, destroyed, destroyed, disclosed without proper permission or if the data is made inaccessible.

If you expe­rience or suspect a breach of personal data security, please contact Gibotech at gibotech@​gibotech.​dk.

Rights of Individuals

Individuals have the following rights:

• Withdrawal of consent – ​​the right to be able to withdraw previously given consent to the processing of the person’s personal data at any time.
• Objection to the processing of personal data – the right to object to the processing of personal data if such processing is carried out on a different legal basis than that to which consent has been given. Further infor­mation can be found in the dedi­cated section of this personal data policy.
• Access to personal data – the right to know whether data is being processed by Gibotech, obtain infor­mation about certain aspects of the processing and obtain a copy of the data being processed.
• Verify and seek recti­fi­cation – the right to check the accuracy of that person’s personal data and ask for it to be updated or corrected.
• Restrict the processing of personal data – the right to restrict the processing of the person’s personal data under certain circum­stances. In that case, Gibotech will not process said personal data for purposes other than storing them.
• Deleted or otherwise removed personal data – the right to have the person’s personal data deleted from Gibotech under certain circumstances.
• Have personal data trans­ferred to another data controller – the right to, under certain circum­stances, have the person’s personal data passed on to another data controller without hindrance.
• Submit a complaint – the right to submit a claim to the relevant data protection authority, the Norwegian Data Protection Authority.

Contact Gibotech via the options below if you are in doubt about how to make use of your rights.

Ongoing moni­toring

Through a combi­nation of external and internal controls, conti­nuous auditing and moni­toring, Gibotech seeks to maintain the secure processing of data and prevent data loss.

Reporting system and contact information

In case of questions and/or possible viola­tions of this personal data policy, please contact Gibotech at gibotech@​gibotech.​dk.

Any request can be made free of charge and will be processed as soon as possible and always within one month or earlier if required by appli­cable law.

Changes to this Privacy Policy

Gibotech reserves the right to change this personal data policy. The latest edition will always be avai­lable on our website, www​.gibotech​.dk.

Latest revision: 09.01.2023

Owner and data controller

Gibotech owns and publishes this website. We are the owner of and data controller for the personal data covered by this personal data policy.

Contact Information:
Gibotech A/S
Datavej 15
5220 Odense SØ

Telephone: 6595 8262
Email: gibotech@​gibotech.​dk