Privacy Policy

Introduction:

TEQQ must, pursuant to Article 13 of the Personal Data Regulation, draw up and adapt a policy for the processing of personal data.

Purpose:

The purpose of this policy is, subject to the rules of the Personal Data Regulation, to establish the framework and requirements for the company’s procedures for the collection and processing of personal data.

Data Protection Officer (DPO):

TEQQ does not have a separate Data Protection Advisor function (Data Protection Officer), so contact with the company regarding personal data must be made to the company’s management at info@teqq.com

Data Controller:

TEQQ is the data controller for the processing of personal data at TEQQ

Data Security

TEQQ has outsourced its IT operations and, in this connection, has entered into both an outsourcing and a data processor agreement. In this context, it has been agreed that the data processor shall take all necessary measures in accordance with Article 32 of the Data Protection Regulation.

It is clear that, taking into account the current level, implementation costs and the nature, scope, coherence and purpose of the treatment in question, as well as the risks of varying probability and seriousness to the rights and freedoms of natural persons, appropriate technical and organizational measures must be taken to ensure a level of security suitable for these risks.

TEQQ has in the company's IT security policy with accompanying appendices described the procedural and access restrictions that have been established to ensure access to the submitted personal data. A risk assessment has also been carried out in the group to ensure confidentiality, integrity and availability in relation to data. In addition, reference is made to the outsourcing and data processor agreement entered into.

Purpose of processing personal data

TEQQ processes personal data for the purpose of fulfilment of contractual obligations towards employees, customers, and partners.

TEQQ processes personal data regarding:

• Employment

• Salaries

• Contact with relevant personnel at customer or partners companies

What personal information does TEQQ process?

TEQQ only processes the personal information that is relevant and necessary to safeguard the interests of the customer and the employee. Specifically, the following categories of personal data are processed:

• General personal information for employees: Name, CPR number, Contact information, Payment information

• General personal information for customers and partners: name, position and place of work, work phone number and work email address

• Sensitive personal information: Health information when appropriate or necessary to support TEQQ’s employees, or customer or partner personnel’s needs.

Who shares TEQQ personal information with (if any)?

The employees TEQQ have a duty of confidentiality i.e. in accordance with the rules of the Danish Financial Business Act and may not unjustifiably disclose or disclose personal data of which they have become aware in connection with their work. TEQQ only discloses information to the extent that TEQQ is entitled / obliged to do so in accordance with the law, when TEQQ obtains consent to it, or it is legitimate in accordance with the balance of interests. Depending on the specific situation, TEQQ may pass on personal information to, for example, the following:

• Public authorities; for example, TAX

• Police and courts

• Data processors (subcontractors) who work according to TEQQ instructions and with whom written agreements have been entered into

In accordance with GDPR article 30, TEQQ is required to keep a record of data processing activities, including data categories, the group of data subjects, the purpose of the processing, and data recipients.

Recipients of personal data in third countries, including international organizations

TEQQ data processor can in some situations transfer contact information to specific data processors outside the EU and the EEA, specifically in the USA or Ukraine. In all cases, the data processors concerned are subject to appropriate security measures that comply with the requirements of the EU Personal Data Regulation, respectively:

• That the data processor in question is certified in accordance with the "Privacy Shield" (USA)

• That the data processor in question has entered into a data processor agreement in accordance with the EU Commission's standard agreements (Ukraine)

How long does TEQQ store personal information?

TEQQ stores personal information for at least as long as a customer relationship exists. After termination of the customer relationship, the personal information will be stored for another 36 months.

How TEQQ collects personal information?

TEQQ first and foremost collects the information directly from the customer. But can also receive or retrieve information from third parties, such as B2B database Lusha, or on any publicly available webpage.

What rights does the customer have?

The following states the customer's right of access, rectification, deletion, restriction, objection and data portability. If the customer wants to make use of his rights, TEQQ must be contacted by the customer, cf. the contact details of data controllers:

• Right to see his information (insight): Both current and former customers have quite a little insight into the information that TEQQ processes about the customer. The rules are described in Article 15 of the Regulation.

• Right to rectification (correction): The customer has the right to have incorrect information about himself corrected. The customer also has the right to have his information supplemented with additional information if this will make the personal information more complete and / or up to date. The rules are described in Article 16 of the Regulation.

• Right to be forgotten: The customer has the right to have his personal information deleted if it is either in accordance with legislation or with regard to that TEQQ must be able to assert a legal claim, it is no longer necessary for TEQQ to store or process the customer's information. The rules are described in Article 17 of the Regulation.

• Right to restrict processing: The customer has in certain cases the right to have the processing of his personal data restricted. If the customer has the right to have the processing restricted, TEQQ may in future only process the information - apart from storage - with the customer's consent, in order for legal claims to be established, asserted or defended, or to protect a person or important public interests. The rules are described in Article 18 of the Regulation.

• Right of objection (to protest): The customer has in certain cases the right to object to TEQQ otherwise lawful processing of personal data. The customer can also object to the processing of his information for direct marketing. The rules are described in Article 21 of the Regulation.

• Right to data portability (to transmit information): The customer has in certain cases the right to receive his personal information in a structured, commonly used and machine-readable format and possibly. to transfer this information from one data controller to another without hindrance. The rules are described in Article 20 of the Regulation. The customer can read more about his rights in the Danish Data Protection Agency's guide on the data subjects' rights, which can be found at www.datatilsynet.dk.

Who can the customer complain to?

The customer has the right to lodge a complaint with the Danish Data Protection Agency if the customer is dissatisfied with the way in which TEQQ processes the personal data. The Danish Data Protection Agency's contact information can be found at www.datatilsynet.dk.

Compliance with personal data policy

To ensure compliance with the company's personal data policy, there are:

• Ongoing reviews of outsourcing and data processor agreements to ensure that both data security and delivery are delivered in accordance with current regulations and standards.

• Ongoing reviews of internal data flows, sets and processes in accordance with current regulations and standards.