Privacy Policy for Koral ApS

1. Purpose of this policy

The purpose of the privacy policy is to inform you how Koral ApS (“Koral”, “we”, “our”, “us”) process your personal data. With this policy, we wish to make you aware of the information we collect and process and, for how long we store it. This privacy policy regulates the processing of personal data by us in connection with trading, interaction, or other exchange of personal data with us.

1. Description of processing

We process your information for one or more specific purposes and in accordance with the data protection regulations. We process your information if you use our services, partner, supplier, visit our website or our social media sites, apply for a job with us. The information will generally come directly from you, and we will only process your information for as long as it is necessary for the purpose for which it was collected. However, the information can also be processed and stored longer in anonymised form.

Below you can read more about the types of processing we do.

1. Website

You can contact us via our website via our contact form. In this connection, we also process your personal information. The information we process is your full name and email address. It is also possible to write in an open text box but we do not advise writing personal information in this box unless it is relevant for the inquiry. The legal basis for this processing is GDPR Article 6(1)(f).

The information we process via our contact form is deleted continuously and no later than 2 years after the last contact.

1. Social media

We use certain social media, including TikTok, Instagram and Pinterest, to get in touch with our customers and potential customers, as well as promote our marketing initiatives. If you have been to these sites and “liked” or “followed” our fan page or have been in contact with us through these sites, we will process your personal data. We only process information about your name and email.

If you contact us via social medias, we process your information based on our interest in being able to contact you and respond to your inquiries (GDPR Article 6(1)(f)). The information will come from you and the social media through which you contact us.

We have a so-called joint controllership with the social medias that we use as we both use your data for our own purposes. You can read more about the social media´s processing of your personal data in the following:

• Facebook’s Privacy Policy and about Facebook’s joint controllership here.

• LinkedIn´s processing of your personal data in LinkedIn’s Privacy Policy and about LinkedIn’s joint controllership here

• Pinterest´s processing of your personal data here and about the joint controllership here.

• Instagram’s (Meta’s) Privacy Policy

• Tik Tok´s processing of your personal data here and about the joint controllership here.

Information processed in connection with social media that involves direct communication via the social media is deleted immediately. Posting on, for example, Facebook pages or in public groups are not deleted as a post or comment on Facebook pages or in public groups is considered public spaces. You can read about public spaces here.

1. Job applicants and freelancers

If you apply for a job with us or as a freelancer, we process your personal data to assess if you are qualified for an existing or future position. We process the data that you provide, including name, contact information, CV, and company information. 

We process your information to enter into an employment agreement or freelance agreement with you based on your request for our processing of the application. We also process your data if we assess that our interests in processing your personal data outweigh your interests in them not being processed, e.g., information collected from social media published by you or information acquired from concluding a personality or proficiency test (GDPR Article 6(1)(f)).

We share your personal data with the employees involved in the recruitment/freelance process and pass on your information to the companies that carry out the personality or proficiency test and possibly recruitment companies.

If we wish to store your information beyond the recruitment process, we will collect your consent hereto.

Unsolicited applications are kept for up to 3 years after the recruitment process is completed. 

1. Suppliers, and collaborators

When we enter into agreements with suppliers, collaborators, we process data on you as a contact person. This includes information regarding name, position, phone no., email and, if necessary, bank or payment information.

The information is processed either on a requirement to enter into an agreement with the specific supplier, or collaborator (GDPR Article 6(1)(b)) or if we as a part of the agreement have a legitimate interest in processing the specific contact person’s data (GDPR Article 6(1)(f)).

We store relevant contact information as part of our collaboration with you. Written correspondence is deleted continuously, and information required to comply with the Danish Bookkeeping Act is stored for the current accounting year plus 5 years.

1. Notice of statutory or required processing

In cases where we process your personal data based on a legal obligation or a requirement under a contract or a requirement that must be met to enter a contract, you are obliged to provide us with the information so that we can maintain customer relationships, fulfil the contract and invoice you for our services, etc. If you do not wish to provide us with the information we need to comply with our obligations, the consequence may be that we are unable to establish or continue the client relationship or fulfil a contract with you.

You are not obliged to provide us with your information in other cases, e.g., for use in our marketing and newsletter distribution. The consequence of not giving us your information will, however, be that you, e.g., cannot receive marketing materials and newsletters from us.

1. Recipients of personal data

We process your personal data with confidentiality and we generally do not disclose your information with third parties. However, we may further disclose your personal data if you have given your consent hereto or if we have a legitimate interest in the disclosure. 

We may entrust your personal data to our system suppliers who process personal data on our behalf and according to our specific instructions in accordance with the data processing agreements we have entered.

In some cases we use data processors outside the EU/EEA in which a transfer to a third country occurs, e.g., in connection with the use of cloud services. In this case, we have made sure that a legal transfer basis has been prepared (for instance the use of EU Commission Standard Contractual Clauses (SCC’s) or EU-U.S. Data Privacy Framework). The transfer takes place only in compliance with the necessary security guarantees as required by applicable data protection legislation and an individual assessment is always made regarding the need for additional measures. You may contact us at hello@its-koral.com to get information on the specific legal transfer basis in this connection.

1. Your rights

When we collect information about you, you have several fundamental rights in the personal data regulations that you can use. Your rights include the right to request access to and rectification or erasure of your personal data, restriction and objection to our processing, and the right to receive your data in a structured, commonly used, and machine-readable format (data portability).

The above-mentioned rights may be associated with conditions and restrictions. Whether you as a data subject can request for example getting your personal data deleted will in any case depend on a concrete assessment.

If you have consented to our processing of your information, you have the right to revoke this consent at any time.

If you are dissatisfied with our processing of your personal data, you may file a complaint with the Danish Data Protection Agency via their website www.datatilsynet.dk/english or by calling at +45 33 19 32 00.

1. Our contact information

The company responsible for processing your personal data is:

Koral ApS

Company Registration No.:  DK-43814540

Jordskokkevænget 37

8200 Aarhus N

Denmark

Email: hello@its-koral.com

Phone number: +45 30 25 96 69

If you have any questions regarding our processing of your personal data, please feel free to contact us via the contact information above.

1. Revision

We reserve the right to revise and modify these privacy policy guidelines on the processing of personal data. In case of significant changes, we will contact you via email or via a visible notification on our website.

This privacy policy was last revised on the 22end of April 2024.