Information on processing of personal data in DATA for GOOD Foundation
The purpose of this information is to inform you about how DATA for GOOD collects and processes personal data about you and on what basis this is done. We also inform you of the specific rights you have in relation to the processing of your personal data.
DATA for GOOD is the data controller in relation to your personal data. Inquiries to DATA for GOOD can be made via:
DATA for GOOD Foundation
Biskop Svanes Vej 62C, 1. tv.
3460 Birkerød, Denmark
CVR no. 39708493
Phone: 24651119
Mail: moc.noitadnuofgfd@ofni
Who are we?
The DATA for GOOD Foundation is a commercial foundation with a non-profit purpose. The purpose of the foundation is to promote the knowledge, dissemination and use of data-based research and development, health promotion, prevention and disease treatment to contribute to development, growth and public health locally, nationally and globally.
By giving citizens access to control access to their own data through the DfG platform, the DATA for GOOD Foundation can help improve quality of life and give citizens the opportunity to become part of the data-economic value chain of the future by sharing their own data when it makes sense for the individual. At the same time, an ecosystem is created where data can be anonymously transformed into new knowledge and services for the benefit of the individual as well as industry and the public sector.
What data do we process and for what purpose?
The DATA for GOOD Foundation collects and processes personal data as part of the performance of our specific tasks in relation to you.
When you become a member of the DATA for GOOD Foundation
When you register as a user on the DfG platform and become a member of the DATA for GOOD Foundation, we collect the following information from you:
- Your name
- Your e-mail
You cannot become a member if you do not provide this information. You will also be asked to identify yourself via a national digital ID system depending on your home country.
You have the option to provide your address and phone number, but this is not a prerequisite for membership.
DATA for GOOD is the data controller of this information about you and processes this information in order to administer your membership, to communicate with you in membership matters, to provide you with access to the DfG platform and to allow you to create your personal consent center, where you can manage which sources you want to allow information to be collected from and for what purposes. Our legal basis is Article 6(1)(b) of the General Data Protection Regulation.
When you have given your consent to participate in DATA for GOOD projects
On the platform you can see which DATA for GOOD projects and services you can participate in. Participation is done by giving your consent to share your data from specific data sources with specific data recipients who want access to your data for specific purposes. DATA for GOOD is the data controller for the data you consent to share in specific services and projects.
To the extent that one or more project or service partners have been involved in formulating the purpose of the project or services and in deciding what information to collect, there may be a shared data responsibility with DfG, even if these partners will not see your information in personally identifiable form. If this is the case, DfG will enter into a shared data responsibility agreement with these partners in which we set out our respective responsibilities for compliance with the obligations under the GDPR. If this is the case, you will be provided with specific information about this in connection with the disclosure of the specific projects.
You can only participate in DATA for GOOD services or projects if you have given informed and specific consent. DATA for GOOD services or projects always involve sharing data in anonymized form that is processed in the DfG platform.
The purpose and data handling of each service or project is always described and available to you on the platform.
Consenting to participate in one or more services or projects is completely voluntary, and you will always be able to withdraw your consent in your personal consent center on the platform. When you consent to participate in a project or service, you must also consider both the data sources from which information is to be collected, the purpose and the person responsible for the project or service.
When you consent to the DfG platform collecting data about you from a given data source, you may be asked to enter your username and password for that data source so that DATA for GOOD can collect the data that you have consented to collect from that data source. We do not save and store your username and password after we have collected the data. If we need access to the data source in question over a period, you will be specifically informed of this in the description of the project or services.
Before you decide whether to consent to participate, you will receive information about the project or service and its purpose so that you have an adequate basis for giving your consent.
In your personal consent center you can always see an overview of all the consents you have received and given, and you will be able to withdraw any consents given.
Data will only be collected from data sources and for projects/services you have specifically consented to participate in and contribute data to. Our legal basis for the collection and disclosure of data is your specific consent, cf. Article 6(1)(a) and Article 9(2)(a) of the General Data Protection Regulation.
When we communicate
If you contact us, we will collect information in the form of name, e-mail and possibly address as well as information about the specific inquiry. When you write to us, your inquiry and your personal data will be registered in our electronic matter and document management system.
The inquiry and subsequent correspondence will be stored until the inquiry has been answered and will generally be deleted afterwards, unless we have a legitimate reason to store information about the communication for a longer period. Our legal basis for processing is our legitimate interest in being able to communicate with you and respond to your inquiries. The legal basis is Article 6(1)(f) of the General Data Protection Regulation.
Cookies and visits to our website
We use cookies on our website to understand how you and other users navigate the different parts of our website and what interests our visitors so that we can continuously improve our communication and content on the site.
Our legal basis for processing is your consent to the use of cookies, cf. Article 6(1)(a) GDPR.
Newsletters
In order to receive our newsletter, you must sign up via email. When you sign up for our newsletter, we collect the following information:
- Your email address
- Your name
- Your IP address (to have an approximate geographical location).
You can unsubscribe from the newsletter at any time and be removed from the recipient list. The legal basis for the processing is our legitimate interest in being able to send you newsletters, to document your request to receive newsletters and to prevent fraud, cf. GDPR Article 6(1)(f). We only send newsletters by email if you have given your consent in accordance with the Danish Marketing Practices Act.
Are there other recipients of your data?
We do not share your information and data with anyone other than those you have consented to us sharing with, unless we are required by law.
Your data is processed by DATA for GOOD Foundation’s service providers for IT operations, hosting, communication and IT operational support.
These companies/service providers are data processors who are subject to our instructions and only receive the data necessary to assist us. The data processors may not use the information for any purpose other than fulfilling the data processing agreement entered into with DATA for GOOD. We have entered into written data processing agreements with all data processors, who are thereby obliged to implement technical and organizational security measures to protect your data and comply with GDPR and other relevant legislation.
Transfer to recipients in third countries, including international organizations
The DATA for GOOD Foundation does not generally use data processors outside the EU and EEA. We only allow data processing outside the EU and EEA if the data processing takes place in a secure third country or if the basis for transfer provides sufficient guarantees (for example, the use of Commission standard contracts).
How long do we keep your information?
The DATA for GOOD Foundation only stores and processes your personal data for as long as it is necessary in relation to the stated purpose of the processing. In some areas, there is also a specific statutory deadline for how long the personal data must be stored. In these cases, the law determines how long there is a purpose for storing and processing personal data. When the purpose of the processing is fulfilled, your personal data will be deleted, anonymized or transferred to an archive.
| Main rule | Storage period |
| Personal data provided in connection with membership creation. | During the entire membership and 2 years after its termination. |
| Your identification key from the relevant national digital ID system | Throughout the membership |
| Your consent to collect and process information from specific data sources and to share with specific projects | Unrecognizably anonymized 5 years later: – Termination of purpose of consent – Withdrawal of consent. So that we can document the consent, cf. GDPR Article 7 (1). |
| Your login details for data sources | Not stored after the collection of information from the data source. If we need access over a period, this period will be stated in the project information and your login details will be deleted at the end of the period |
| Information collected from data sources with your consent | Until the calculation is complete and aggregated data is available, then it is deleted. |
| Consent to receive newsletters and marketing. | Stored for two years after we last sent you newsletters or marketing based on your consent. |
The DATA for GOOD Foundation reserves the right to store data if a dispute arises regarding data processing or if it is necessary to comply with a legal obligation or to establish, exercise or defend a legal claim.
Security
When we receive your data at DATA for GOOD Foundation, we take the necessary measures to ensure that we process it securely. We have implemented a number of technical, and organizational security measures to protect against accidental or unlawful destruction, loss or deterioration of data. In addition, measures have been established to ensure that your data is not disclosed to unauthorized persons, misused or otherwise processed in violation of the General Data Protection Regulation’s rules on the protection of personal data.
You verify with your national ID system when you log in.
When an external party or project has consent to analyze your data, the DfG platform retrieves your personal data from the data sources. This is done if possible on your own machine and otherwise via integration. The platform encrypts your data from the source, splits the data into random data sets and sends the split data sets to different independent servers, each of which can only see a random and unreadable data set. When the servers join in the approved computation, they can analyze and compute on the overall dataset and display aggregated results, but without any single party being able to see your data in a personally identifiable state. DfG establishes operating agreements with various providers.
Please note that regular emails sent to moc.noitadnuofgfd@ofni are not encrypted.
Your rights as a data subject
We strive to always keep all registered personal information up to date. Sometimes we rely on getting new information from you. However, you have several rights in relation to the processing of your personal data that we carry out.
They include:
- Right of access to your personal data
You have the right to see what data DATA for GOOD Foundation processes about you. - Right to correction of your personal data
You have the right to have incorrect personal data about you corrected. You also have the right to have any information added. This must be done quickly in order for DfG to fulfill the purpose of holding the data. In the event the personal data you wish to correct is personal data from a data source processed by DfG, you will have to contact the data source. - Right to erase your personal data
You can see the main rules in the list, but you also have the right to have data deleted before the stated deadlines in special cases. - Right to restriction of processing your personal data
You have the right to restrict the processing of your personal data, for example if there are doubts about its accuracy. - Right to dataportability
You have the right to have the data that you have provided DATA for GOOD yourself transferred to you in a structured, commonly used and machine-readable format. You can obtain it yourself or request that it be passed on directly to third parties. - Right to object to the processing of your personal data.
You have the right to object to DATA for GOOD processing your personal data. In particular, you have an unconditional right to object related to direct marketing and profiling for marketing purposes.
There may be limitations to the above rights, which will depend on the processing activity.
Consent
When the registration of your data is based on consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent.
If you wish to exercise your rights, you should inform or contact us. You can do this by withdrawing your consent under your access requests or by sending an email to: moc.noitadnuofgfd@ofni
Questions or complaints
If you have questions or wish to complain about DATA for GOOD Foundation’s processing of your personal data, we recommend that you send your complaint to us. In this way, we can best improve the situation in accordance with the practical reality experienced by you as a user.
Write to: moc.noitadnuofgfd@ofni
However, you also have the option to complain directly to the Danish Data Protection Agency.
The Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby, Denmark
Phone: +45 33 19 32 32 00
kd.tenyslitatad@td
Or take a closer look: www.datatilsynet.dk