PRIVACY POLICY - THE BOARD LEADERSHIP SOCIETY

1. INTRODUCTION

At The Board Leadership Society, Porcelænshaven 22, 2000 Frederiksberg, CVR no.: 35 18 11 56, we understand the importance of processing personal data securely and confidentially. This privacy policy is addressed to our members, suppliers, business associates, website visitors, and other persons with whom we interact. The Board Leadership Society is committed to complying with the requirements and obligations related to the processing of personal data under applicable law, including the General Data Protection Regulation ("GDPR"). We have therefore implemented appropriate procedures to ensure the protection of your data.

The Board Leadership Society is the data controller for the processing of your data. This privacy and cookie policy contains an overview of The Board Leadership Society's processing activities, including its purpose and legal basis.

If you have any questions about this Privacy Policy or if you wish to exercise your rights under Chapter III of the GDPR and in accordance with section 6 of this Privacy Policy, you can contact the Board Association at info@bestyrelsesforeningen.dk.

2. PROCESSING ACTIVITIES

2.1 Website visitors

2.1.1 What personal data do we process and for what purposes

When you visit The Board Leadership Society's website, https://bestyrelsesforeningen.dk/, The Board Leadership Society processes personal data about you, such as cookies, browser information, IP address, and time spent on the website. The purpose of using cookies is, among other things, to improve the user experience on our website, functionality on the website as well as compiling statistics and remembering your preferences. You can read more about how we use cookies in section 5 below.

2.1.2 Legal basis

The basis for the processing of your data is The Board Leadership Society's legitimate interests, and The Board Leadership Society assesses that your interests or fundamental rights and freedoms do not override this, cf. GDPR Article 6(1)(f). The legitimate interests pursued by The Board Leadership Society are to provide a website that works optimally, a good user experience on the website, and any marketing activities.

2.1.3 disclosure of personal data

The Board Leadership Society does not disclose your data.

2.1.4 Storage of personal data

Personal data collected via cookies through visits to our Website is stored for different periods of time depending on the type of cookie and the purpose of the cookie. Read more in section 5 below.

2.2 Members, suppliers etc.

2.2.1 What personal data do we process and for what purposes

When you apply for membership with The Board Leadership Society, we process your data, such as name and surname, primary job title, address, postcode, city, telephone number, and email. The purpose of the processing is to process your membership application.

2.3 Bank and payment details

2.3 All payment transactions made on the Website are processed by a third-party payment provider, Visma e-conomic. Your data is processed by Visma e-conomic and the processing is regulated by Visma e-conomic's privacy policy (https://www.e-conomic.dk/sikkerhed/privacy). The Board Leadership Society does not store your payment information but may have access to parts of the information, such as payment card type, partially anonymized card number, and expiry date, to prevent fraud.

2.3.1 Legal basis

The legal basis for the processing is Article 6(1)(b) GDPR. This is either because processing is necessary for the fulfillment of membership of The Board Leadership Society (or for the implementation of measures taken at your request before the conclusion of a contract).

In certain cases, the processing of your data is necessary to fulfill a legal obligation imposed on The Board Leadership Society, e.g. in connection with the storage of accounting material by the Danish Bookkeeping Act. In such cases, the legal basis is Article 6(1)(c) GDPR.

2.3.2 Disclosure and storage of personal data

The Board Leadership Society does not disclose your data, to business partners for business purposes. Personal data about The Board Leadership Society's members is stored for as long as it is deemed necessary, including while we process your application. Personal data is also stored for the duration of your membership of The Board Leadership Society.

If your data is included in The Board Leadership Society's accounting material, e.g. in connection with invoicing, your data will be stored for 5 years from the end of the financial year to which the accounting material relates. The purpose of this is to fulfill our legal obligations under the Danish Bookkeeping Act.

2.4 Contact persons at members, suppliers or other business partners

2.4.1 What personal data do we process and for what purposes

As a contact person for our members, suppliers, or other business partners, The Board Leadership Society processes personal data about you when you communicate with The Board Leadership Society, e.g. via emails in connection with The Board Leadership Society's contractual relationship with the company where you are employed. The Board Leadership Society processes general personal data about you, including your name and surname, e-mail address, telephone number, position, etc.

2.4.2 Legal basis

The legal basis for the processing of your data is the legitimate interests of The Board Leadership Society, and The Board Leadership Society assesses that your interests or fundamental rights and freedoms do not override this, cf. GDPR Article 6(1)(f). The legitimate interests pursued by The Board Leadership Society are the fulfillment of our contractual obligations, maintaining and strengthening our customer relationships, invoicing the services the company you are employed by provides to The Board Leadership Society and vice versa, and for documentation purposes if an agreement is concluded via e-mail.

In certain cases, the processing of your data is necessary to fulfill a legal obligation imposed on The Board Leadership Society, e.g. in connection with the storage of accounting material by the Danish Bookkeeping Act. In such cases, the legal basis is Article 6(1)(c) GDPR.

2.4.3 Disclosure of personal data

In some cases, The Board Leadership Society will disclose your data to group companies, business associates, or other business partners for business purposes. Such third parties include, among others, social media providers, as further described in section 4 below.

In certain specific cases, e.g. in connection with disputes, including if disclosure is necessary for The Board Leadership Society's legal claims to be established, enforced, or defended, The Board Leadership Society may disclose your data to advisors or other relevant third parties if deemed lawful and necessary.

2.4.4 Storage of personal data

If you are a contact person at one of The Board Leadership Society's customers, suppliers, or other business relations, The Board Leadership Society will process personal data about you for as long as The Board Leadership Society communicates with you because you are The Board Leadership Society's contact person, 3 years after termination of the contractual relationship or until your data is no longer necessary for the establishment, exercise or defense of legal claims.

If your data is included in The Board Leadership Society's accounting material, e.g. in connection with invoicing, your data will be stored for 5 years from the end of the financial year to which the accounting material relates. The purpose of this is to fulfill our legal obligations under the Danish Bookkeeping Act.

2.5 Member services and enquiries via the chat function

2.5.1 What personal data do we process and for what purposes

When you contact our member services, we process the personal data you provide us with to handle your inquiry. This will typically be your name, phone number, email address, and the content of your inquiry. The Board Leadership Society kindly asks you not to send sensitive personal data to us.

2.5.2 Legal basis

The legal basis for the processing of your data is The Board Leadership Society's legitimate interests in providing member services and developing our business, and The Board Leadership Society assesses that your interests or fundamental rights and freedoms do not override this, cf. GDPR Article 6(1)(f).

2.5.3 Disclosure of personal data

In certain specific cases, e.g. in connection with disputes, including if disclosure is necessary for The Board Leadership Society's legal claims to be established, enforced, or defended, The Board Leadership Society may disclose your data to advisors or other relevant third parties if deemed lawful and necessary.

2.5.4 Bank and payment information

Inquiries from potential members will be deleted within three months after the inquiry has been resolved, unless it is necessary to retain the personal data for documentation purposes, e.g. due to a dispute, including for the establishment, exercise or defence of legal claims.

Inquiries from existing members will be deleted three years after termination of membership, unless it is necessary to retain the personal data for documentation purposes, e.g. due to a dispute, including for the establishment, exercise or defence of legal claims.

3. SOCIAL MEDIA

Our website has integrated plugins from the social media LinkedIn. When you visit our social media page or when you visit our website on which the plugins are integrated, the social media providers collect and process personal data through the use of cookies, provided you have given your consent. The collection and processing of your personal data takes place regardless of whether you have a social media profile.

If you access our Website that has integrated social media plugins, your browser contacts the server of the social media provider loads the visual presentation of the plugin, and presents the content to you. While this is happening, the social media provider receives information about your use of the Website, as well as additional personal data, such as your IP address. The Board Leadership Society receives anonymous demographic and geographical statistics from the social media provider regarding visitors to our Website and our social media pages.

The Board Leadership Society is a joint data controller with the social media provider for the processing of personal data in connection with visits to our page on LinkedIn and our Website. This means, among other things, that you can contact both The Board Leadership Society and the social media provider if you wish to exercise your rights under the GDPR. LinkedIn has the primary responsibility for ensuring compliance with the GDPR and for responding to requests to exercise data subject rights. If you have a social media profile, you can exercise your rights via the account settings.

We have no influence on the amount of personal data that the social media provider collects via the active plugins. You can read more about this in the relevant privacy policy:

4. YOUR RIGHTS

We have implemented a number of measures to protect your personal data and safeguard your rights. Because your personal data is processed, you can make use of the rights described below. However, some of the rights only apply in certain circumstances. The Danish Data Protection Agency has prepared a guide regarding the rights of data subjects. More information about your rights can be found here.

- You have the right to request access to, including a copy of, the personal data that we process about you and in this connection also the right to receive additional information.

- You have the right to request the rectification of inaccurate personal data about yourself and the right to request the completion of incomplete personal data.

- You have the right to request that personal data about yourself be erased under certain circumstances, for example if the processing is based on your explicit consent and you withdraw that consent.

- You have the right to request restriction of the processing of your personal data, for example if the accuracy of the personal data is contested.

- Where our processing is carried out automatically and is based on your consent or the fulfilment of a contract with you, you have the right to request to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format and the right to request the transmission of this personal data to another data controller if this is technically feasible.

- You have the right to object to the processing of your personal data by us, especially in relation to direct marketing.

- You have the right to request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

- If you have given your consent to the processing of your personal data, you have the right to withdraw your consent at any time. However, if you withdraw your consent, this will not affect the processing of your personal data that took place prior to the withdrawal.

If you wish to exercise any of the above rights or if you wish to withdraw a previously given consent, you are welcome to contact us at info@bestyrelsesforeningen.dk.

5. QUESTIONS AND COMPLAINTS

If you have any questions regarding this Privacy Policy, wish to exercise any of the above rights, or disagree with the way we process your data, you can contact The Board Leadership Society at info@bestyrelsesforeningen.dk.

If you disagree with how The Board Leadership Society processes your data, you have the right to complain to the Danish Data Protection Agency. You can find the Danish Data Protection Agency's contact details here. However, we hope that you will initially contact us using the contact details above so that we can try to reach an agreement.

6. CHANGES TO THE PRIVACY POLICY

This privacy policy will be updated and amended periodically, as well as when necessary due to changes in data protection laws and practices. We therefore recommend that you keep yourself regularly informed.

Date of last change to the privacy policy: 01.08.2023.