Privacy policy

This privacy policy describes how Skau Reipurth (”we” or ”us”) process personal data in relation to our counselling and case work, anti-money laundering measures, courses, homepage and newsletters.

1. Data controller

Skau Reipurth is responsible for the processing of your personal data.

Our contact information:

Skau Reipurth Advokatpartnerselskab
CVR no: 36 71 59 44
Amaliegade 37
1256 København K
Telephone number: 38 41 14 41
Email address: persondata@skaureipurth.com

2. The various types of processing

The purposes for our processing of personal data are described below.

2.1 Job applications
If you apply for a job with us, we process ordinary personal data that we have either received by you or from others you have agreed we can contact. We do so to evaluate your job application and you. We store all job applications for a period of up to 6 months after the closing date for applications, so we can be sure that we find the right candidate for the job position.

We process your personal data based on Article 6(1)(a) in the General Data Protection Regulation (“GDPR”) about consent and Article 6(1)(f) in the GDPR about legitimate interest. Our legitimate interest is to read you application and assess whether you are the right candidate for the job position.

Once you are employed with us you can read more about our processing of your personal data in our internal privacy policy. When you are no longer employed with us, in general we store your personal data in a period of 5 years after resignation although there can be special circumstance obligating us to store the personal data for a longer period.

2.2 Delivery of our legal services
When we provide a service to our clients, we create a case in our case management system. In this context, we register one or more parties including opponents. This means that we process your personal data if you are one of these persons.

The purpose of our processing of your personal data is that we can communicate with you, process your case and make registrations in the authorities’ electronic service solutions such as virk.dk, tinglysning.dk or minretssag.dk.

The ordinary personal data that we process about you is for example contact information, job title and your workplace.

In addition, we can process several confidential and special categories of personal data about you including your social security number, data concerning your health and trade union membership.

We collect personal data directly from you or from our clients, opponents or public authorities.

As a part of our case work including our legal counselling it might be necessary for us to disclose personal data to public authorities, courts, financial institution, real estate agents etc.

When we make official registrations, we can share your personal data with for example the Danish Business Authority, the Danish Registration Court and the National Court Administration.

If you are a client with us, we process your ordinary personal data based on Article 6(1)(b) in the GDPR as our processing is necessary to fulfill the agreement concerning our delivery of legal services to you.

If you are an opponent in one of our cases, we can process your personal data based on our legitimate interest in pursuing, defending or enforcing a legal claim. Furthermore, our processing of confidential and special categories of personal data is based on the necessity of enforcing or defending a legal claim in accordance with Article 9(2)(f) in the GDPR.

Since we advise our clients about conflicts and negotiations, we also receive personal data about other people besides our clients. Sometimes and based on a case-to-case assessment, we find that we have an obligation to observe secrecy, that it is impossible or that it will demand a disproportionate big effort for us to give notice to everyone about our processing of personal data. In these circumstances, you can always read more about our processing of personal data in this policy. If you have any questions you can see how to contact us in this policy below.

We store your personal data as long as this is necessary for the processing purposes. As a main rule, we delete your personal data at the latest 5 or 10 years after the end of the financial year where the client relationship has ended. Although, in some circumstances we will store personal data for a longer period because this is necessary in connection with an ongoing dispute or because of other concrete subjective reasons.

2.3 Courses, go-home-meetings and other events
We process several ordinary personal data about you when you participate in an event with us so we can contact you before and after the event. We process your personal data such as your name, occupation, email address, workplace and telephone number. We only collect personal data directly from you or the company that you are connected to.

We process your personal data based on Article 6(1)(b) in the GDPR as our processing is necessary to fulfill the agreement with you concerning your participation in our event and Article 6(1)(f) about legitimate interest. Our legitimate interest is administration of the event.

As a main rule, we store the personal data until the event is finished and evaluated and potentially for the use of invitations for future events of the same kind. If you have payed to participate in the event, we are obliged to store your personal data for 5 years after the end of a continuous financial year according to the Act on Bookkeeping.

2.4 Anti-money laundering procedure
According to the Danish Anti-Money Laundering Act we are inter alia obliged to perform an anti-money laundering control when we advise our clients in relation to purchase and sale of real estate and when we set up a client account in a bank. In this context, we process several ordinary and confidential personal data including name, address, nationality, birthplace and social security number in order to perform a customer knowledge procedure in accordance with section 11 in the Danish Anti-Money Laundering Act.

We process the personal data based on Article 6(1)(c) as we are obliged to obtain the described identification data in accordance with the Danish Anti-Money Laundering Act.

If an official authority such as the Danish Financial Supervisory Authority requests us to hand over collected personal data, we are obliged to do so in accordance with the Danish Anti-Money Laundering Act.

As a result of the requirements in the Danish Anti-Money Laundering Act we store the personal data for 5 years after the client relationship has ended. After this time, we delete the personal data.

2.5 Our website
When you visit our website, we process your ordinary personal data such as your IP address for the purpose of optimizing the user experience on our website.

We process your personal data based on Article 6(1)(f) in the GDPR about legitimate interest. Our legitimate interest is to prepare statistics of our web site visits for the purpose of optimizing the website. Further, we process your personal data based on Article 6(1)(b) about consent.

You can read more about this in our cookie policy here.

2.6 Newsletters
You receive our newsletter because you have signed up for newsletters at our website. In this context, we process ordinary personal data about you such as name and email address. The purpose of our processing of your personal data is to deliver our newsletter to you.

We process your personal data based on Article 6(1)(a) in the GDPR about consent. You can withdraw your consent at any time by unsubscribing in the bottom of the newsletter or by contacting us via persondata@skaureipurth.com.

For the purpose of sending out the newsletter we store your personal data as long as you want to receive the newsletter from us and in 2 years thereafter.

2.7 Recordings
We process general personal data about you in connection with the recording of images, sound and documents. The recordings may take place in connection with our legal case work, when recordings are necessary to ensure the case processing and document information, as well as in connection with participation in our events. This includes information such as your image, voice, name, email address, place of work, etc. We only collect personal data directly from you.

We process your personal data on the basis of Article 6(1)(f) of the General Data Protection Regulation on legitimate interest. Our legitimate interest is to be able to document agreements, correctly reproduce information or show participation.

We generally store information for the purpose of our case management, as described in section 2.2. Other recordings will be stored until they are specifically assessed as no longer relevant.

3. Recipients or categories of recipients

We can disclose or hand over your personal data to our data processors and other external suppliers and cooperating partners assisting us with our operational performance.

4. Transfer of personal data to third countries

In some cases, we transfer your personal data to recipients outside of EU/EØS. This happens when we use data controllers in countries outside of the EU. Such transfers will take place in accordance with the GDPR, including the use of the Commissions standard contractual clauses. You can see how to contact us below, if you want information on how to receive a copy of the relevant legal basis for transfer or information on where this information is available.

5. Security

Information we receive about people are stored securely and confidentially. Technically, we always make sure to use data controllers who has the same level of security concerning your personal data as we have. Further, internally in our organisation we focus on education and teaching of our employees about high data security. When appropriately, we make sure to encrypt, pseudonymise or anonymise your personal data. We always ensure to follow existing regulation on personal data.

6. Right to withdraw your consent

At any time, you are entitled to withdraw your consent to our processing of your personal data. You can withdraw your consent by sending an email to persondata@skaureipurth.com. If you chose to withdraw your consent, this does not affect the lawfulness of our processing of your personal data based on your previous given consent and up to the time of your withdrawal. If you withdraw your consent, this will first take effect from this time.

Remember that if you withdraw your consent concerning our newsletter, we can no longer send you our newsletter.

7. Your rights

According to chapter III in the GDPR you have several rights in relation to our processing of your personal data. If you want to make use of these rights, you can contact us via persondata@skaureipurth.com.

Firstly, you have the right to obtain access to the personal data that we process about you just like you have the right to get inaccurate personal data about you rectified.

In some instances, you also have the right to have your personal data deleted and to get the processing of your personal data restricted. However, please note that some of our processing of your personal data is necessary. This means that you either cannot withdraw your consent to our processing of your personal data or that if you withdraw your consent you can no longer be our client.

Further, you have the right to object to our processing of your personal data and finally in some cases you have the right to receive your personal data in a structured, commonly used and machine-readable format.

8. Do you have any questions?

If you have any questions you are welcome to contact us at any time via persondata@skaureipurth.com.

If you want to complain about our processing of your personal data, you may file a complaint to the Danish Data Protection Agency, which you can find at: Carl Jacobsens Vej 35, 2500 Valby, Denmark, phone: +45 33193200, or via email: dt@datatilsynet.dk.