Privacy Policy (GDPR) for Danish International Sailing School

Danish International Sailing School (DISS) processes and registers information about people who come into contact with DISS as customers, potential customers and other people who contact DISS themselves. DISS only processes information submitted by the registered persons themselves.

We have taken technical and organizational measures against your information being accidentally or illegally deleted, published, lost, degraded, or coming to the knowledge of unauthorized persons, misused or otherwise processed in violation of the law.

Clauses used
According to the rules in the Personal Data Regulation, DISS, as data controller, must inform the registered persons about their rights in connection with the processing of the information.

DISS registers and processes personal data pursuant to Article 6 of the EU Personal Data Regulation (general information). Sensitive data, e.g. health data or data on race or ethnic origin, political, religious or philosophical beliefs or trade union affiliation as well as data on the person’s sexual relationship or sexual orientation are not recorded.

Processing and Storage
DISS processes personal data confidentially, unless consent has been given for disclosure. The personal information is processed and stored in DISS’s case processing and archiving system. When the information is no longer needed for the purpose for which it was collected, it is deleted or archived in DISS’s case and document management system.
DISS also stores the information if it is included in a legal proceeding, or if DISS is considering using the information in a legal proceeding.

Disclosure of Information
The information will not be passed on to others without the data subject’s consent, unless DISS is obliged to pass on the information to public authorities.

Data Insights
As a registered person, you can contact DISS at any time to obtain a copy of your information that is in DISS’s archives.

Correction of information
If you believe that incorrect information has been registered about you, you can ask DISS to correct the information. This means that DISS corrects the information or notes that the information is incorrect and registers the correct information. You have the right to have the data controller disregard the information until it has been determined which information is correct.
You also have the right that DISS does not use the information if it is no longer needed.

Objection
Registered persons have the right to object to the processing of the information if DISS processes the information as part of a task that DISS has been assigned by the authorities. This means that registered persons have the option of refusing DISS to process the information.

Withdrawal of consent and deletion of information
Once DISS has obtained consent from you to process the information, you will be able to revoke the consent at any time. DISS cannot therefore continue to process the information after consent has been withdrawn.
In connection with correspondence with DISS about course participation, the personal data will typically consist of name, address, telephone number, passport number and date of birth. The information is provided by the registered person himself, who thus consents to storage and processing.

You have the right to have the information that DISS has registered about you deleted if the information is no longer necessary for the purpose for which it was collected. The information will also be deleted if you withdraw your consent to the processing or if the information has been processed illegally by mistake.
You are not entitled to the deletion of information that has been added to archived documents in accordance with the Norwegian Accounting Act’s provisions on documentation (typically name, address and email address on the invoice).

Data Protection Advisor
A data protection officer (DPO) is attached to DISS, who you can contact if you have questions about the processing of our information about you. You can get more information about and contact the data protection advisor at DPO@DISS.DK

Complaint to the Danish Data Protection Authority
You can also always complain about DISS processing of your personal data to the Norwegian Data Protection Authority by writing to dt@datatilsynet.dk.

Last updated July 10, 2020