Below you will find EIFO's personal data policy for website and marketing (top of page) and the personal data policy for EIFO's transaction (bottom of page). Latest update: January 2023.
Personal data policy for website and marketing
EIFO collects data about your usage of our websites and other digital channels and services. We use the data to enrich your user experience of EIFO's digital services and to offer you more relevant web content and marketing content.
EIFO is an independent public company under The Ministry of Industry, Business and Financial Affairs and owned by the Danish state.
EIFO collects data about your usage of our websites and other digital channels as well as services offered by EIFO. This includes data such as cookie data stored in your PC as well as data related to you as an individual.
We use the data to enrich your user experience of EIFO´s digital services, to display more relevant web content and to target our marketing initiatives towards you.
EIFO only makes use of personal data in accordance with this personal data policy and the consent you have provided, for instance, when you accept cookies or sign up for our digital newsletters or other services.
This personal data policy only covers the data collected in connection with your visit to EIFO´s websites and your interaction with us in connection with our digital marketing. If you are a customer of EIFO, the personal data policy regarding EIFO's transactions further down on this page will apply.
EIFO updates our personal data policy regularly to ensure that it meets and adapts to current regulations, technological development and our collection and use of data.
You can find more information below about how EIFO collects, uses and safeguards data as well as your rights regarding withdrawal of consent and deletion of data.
What kind of data do we collect and for which purpose?
When you visit our website EIFO.dk, VF.dk or EKF.dk we collect data about you and the way you browse the content of the website. Initially, we do not link the data to you as an individual but only to your PC, mobile phone or tablet (device).
We do so by placing so-called cookies on your device. A cookie is a small data file stored on your device and connected to the IP-address of this device. The cookie helps us recognise your device in connection with repeated visits to our website and allows us to track your browsing behavior.
For instance, we can also tell which internet provider and browser you are using, and we can trace your geographical location at city level. In some cases, if you log on to our website from your workplace, the pc's IP address can reveal the identity of the company that you work for.
EIFO collects personal data about you when you sign up for our digital newsletters, fill in a contact form on our websites or submit a form on for instance LinkedIn or Facebook. Personal data may include your name, your company's name, your e-mail address and replies that you have submitted in connection with a questionnaire or a form.
When you provide us with personal information, we will combine the information with the data received through cookies. This may involve data obtained through clicks on banners and campaigns found at various places on the internet and through social media, visits and browsing behavior on our website, downloads of materials or opening of mails. If you have visited our digital services from various devices, for instance from your phone or PC, we will also be able to connect data and recognise you across devices.
We save all the data in our CRM system where the data will be linked together with existing information about you, either from previous contact or from your company's website. This includes data such as company address, your phone number, your position and information regarding previous or existing transactions between our companies.
EIFO collects personal data to get a clearer picture of our visitors and the way they browse our website. We do this in order to improve our ability to adjust and personalize our communication and marketing efforts towards you. Relevant and targeted digital services from EIFO at the right time helps to enrich your experience as a user.
Occasionally, we use personal data such as e-mail addresses for targeted advertising on social media such as LinkedIn or Facebook. Our aim is to address you and others who work in export companies to let you know how our financing solutions can help to strengthen your export.
Sometimes we also make use of the stored personal data to contact a person by phone or by mail. We do so when we think that the person or the company that the person works for may benefit from our financing solutions.
EIFO safeguards your personal data
The personal data we collect about you will be used by EIFO only, and only for the purpose for which they have been collected. We neither share nor sell cookie data to outside parties.
For how long do we retain your personal data?
We will keep your personal data for as long as we need them but only for the purpose for which they have been collected. We will delete your personal data in case you ask us to do so.
Your rights – the right to gain access, to delete, to withdraw consent and to lodge a complaint You are entitled to, at any time, request access to the personal data about you that is in EIFO's possession and, at any time, to ask EIFO to correct or delete the data. You can also ask for a copy of your personal data and we will send you a csv-file/Excel-file with the data.
You can do so by sending an e-mail to dpo@EIFO.dk. We will confirm receipt and process your request as soon as possible. As your personal data will have to be compiled manually, it might take some time, however, not more than one month.
As regards digital news and digital marketing, you can always withdraw your consent by clicking a link which is included in all the mails that you receive from EIFO. The change will be implemented immediately.
Your right to lodge a complaint
You are entitled to contact the Danish Data Protection Agency, in case you wish to lodge a complaint regarding EIFO´s collection and use of personal data.
Data Controller: Danmarks Eksport- & Investeringsfond
Business reg.. no.: 43478206
2100 København Ø
T: +45 35 46 26 00
Data Protection Officer (DPO)
Personal data policy for EIFO's transactions
EIFO utilises personal data in our business, including when working with business partners. This personal data policy contains information on how EIFO collects, processes and protects personal data, as well as your rights concerning the information we collect about you.
Information about individuals at customers and partners is necessary for our promotion of the export and internationalisation of Danish companies. We strive to only collect the necessary information, and we ensure it is treated confidentially and safely.
What does the law say?
The European Union's General Data Protection Regulation as well as the law on data processing allows EIFO to collect and process personal data.
Please be aware that EIFO is required to collect certain information in order to, among other things, comply with the Danish Act on Money Laundering and competitive rules for public procurements. We cannot enter agreements, cooperate with, contact or offer you any services without collecting this information.
What kind of personal data do we collect and why?
EIFO collects, processes and stores information about you for the following purposes:
- Client contact and to provide services. General personal data (name, title, e-mail address, postal address, phone number, position), information about guarantors and other key people,including financial conditions and, in some cases, data concerning the health of the management in specific projects, information about project participants (including land owners), as well as information about any people who have made claims, served a summons or similar against the project.
- Procurements and assessment of tenderers. General personal data, CV, offer details, educational details, details on former assignments and other references. Criminal records and service certificates. Civil register number.
- Compliance with the Danish Act on Money Laundering. Name, address, copies of passport and/or driving licence; information recorded on the EU sanctions list and the OFAC list via ORBIS, data from Compliance Catalyst; information about any political exposure; family relations; whether you or your family or close relatives have had public duties of significant importance; information about political affiliations, criminal records and civil register number.
- Investigation of reputation. Name, age, family relations, business history, educational details; whether the person in question is politically exposed; whether you or your family and close relatives have had public duties of significant importance. In connection with our investigations, we may gain information about criminal matters.
- Marketing, events, receptions etc. General personal data. CV for external keynote speakers. Information about allergens and possibly other health matters relevant to planning. Photos of exporters' employees.
- Social and environmental impact assessment. First name, last name, address of any person who may or could be impacted by a possible or current transaction. In some cases we also collect special information, such as race, ethnicity and fingerprints.
- Handling of work-related injuries and deaths in connection with projects in which EIFO is involved. Name, age, family relations; information about the work-related injury and how it was handled; consequences of the incident; information about surviving relatives.
- Further contact with customers, business partners and other stakeholders. Name, phone number, e-mail address and the contents of the message you are sending us.
Background for processing the information
General personal data (all personal data except civil register numbers) are processed in accordance with the General Data Protection Regulation's article 6, no. 1, lit a (consent), lit b (entering a contract), lit c (legal obligation), lit f (legitimate interest). The legitimate interest consists, among other things, of our need to process contact information, investigate and assess creditworthiness associated with our services; investigate and identify possible causes that may cause negative publicity; hold and participate in networking events and similar events, fulfill our CSR obligations (corporate social responsibility) as well as prevent and avoid work-related injuries and deaths in connection with our projects.
Personal data concerning the health of the management of a company and information regarding allergies in connection with events and receptions are processed in accordance with the General Data Protection Regulation´s article 9, no. 2, lit a (consent). Personal data about race, ethnicity and fingerprints are processed in accordance with the General Personal Data Regulation's article 9, no. 2, lit c, as these are required to protect vital interests related to the registered party. Personal data regarding political afiliation are processed in accordance with the General Data Protection Regulation´s article 9, no. 2, lit e as these have been published by the registered party.
Civil register numbers are processed in accordance with section 11 of the Danish Data Protection Law, and information about criminal matters are processed in accordance with section 8 of the Danish Data Protection Law.
Where do we get the information from?
We collect personal data from these sources:
- Directly from you or your place of work.
- From business partners.
- From banks and other financial businesses.
- From third parties such as suppliers, lawyers and consultants assisting us with a project or a business transaction.
- From references.
- From public authorities.
- From publicly available sources, including social media, NN market data, the EU sanctions list, the OFAC list via ORBIS, data from Compliance Catalyst, search engines and news media.
With whom do we share personal data?
We may share your personal data with:
- Third parties with whom we cooperate, or who may be assisting us. Among these are credit rating agencies, consultants and other service suppliers.
- Public authorities that we are required to inform.
- Other business or project participants.
- We may publish the identity and CV of keynote speakers in whole or in part, for example in connection with the announcement of events.
How long do we store personal data?
EIFO only stores information about you as long as it is necessary for the specific purpose in question or if we have a legal or administrative need. For instance, we may be required to store information for a longer period of time in accordance with the Danish Act on Money Laundering or the Danish Archives Act.
EIFO stores contact information for as long as the information is needed. For example, if we find that it may be relevant to initiate cooperation in the future. Contact information will be revised once a year to ensure the relevancy of storing the information.
Personal data in connection with specific projects and contracts concluded are stored for 5 years after the completion of the project Some information is stored as part of EIFO’s historical documentation of projects.
Personal data related to projects that do not materialise are stored for 3 months from the day it becomes evident that the project will not materialise. However, EIFO stores the information for 5 years if KYC has been made.
Personal data in connection with rejected offers and consultants are stored for 6 months, unless we decide we still need the information.
Transfer of personal data to non-EU countries
The EU's GDPR for personal data applies to the nations in the European Union. When working on concrete projects, EIFO may need to transfer personal data to business partners in non-EU countries where the project is being done.
We work with two different scenarios:
- Countries or companies which, according to the assessment of the EU Commission, protect personal data adequately – either by means of legislation or other measures.
- Countries or companies which, according to the assessment of the EU Commission do not protect personal data adequately.
In such cases, we will ensure the necessary protection of personal data by applying the standard contracts of the Commission or other contracts approved by qualified authorities.
We may also apply codes of conduct approved in accordance with Article 40 and an approved certification mechanism in accordance with Article 42.
When we collect, process and store information about you, you have certain rights.
- You are entitled to know which data we have stored.
- You may request having incorrect information corrected or have data deleted sooner than we otherwise delete personal data. You may also request that we limit the processing of your personal data.
- You may refuse or limit our processing of your data. However, this could mean that we cannot conclude agreements or otherwise cooperate with you, as it may have consequences for our delivery of services.
- You are entitled to unconditionally refuse to let us use your personal data for direct marketing purposes.
- In some cases we may ask your permission (your consent) to use some of your personal data. You can withdraw your consent at any time; however, this will only apply from the moment you withdraw it.
- You may ask us to submit the personal data you have provided us with.
- You may submit a complaint to Danish Data Protection Agency.
There may be conditions or limitations concerning your rights.
Who should you contact?
If you have any questions about EIFO's personal data policy, please contact our Data Protection Officer at firstname.lastname@example.org or phone: +45 35 46 26 00.
The legal entity responsible for personal data is:
Danmarks Eksport- & Investeringsfond
Business reg.. no.: 43478206
2100 København Ø
T: +45 35 46 26 00