Privatlivspolitik

MediSkills privatlivspolitik for behandling af personoplysninger for kunder, brugere, samarbejdspartnere og besøgende.

Dataansvarlig

We are the data controller for the processing of personal data that we process about our customers and partners. You can find our contact information below.

MediSkill ApS
C/O Martin Lawaetz
Spurvevænget 11
2791 Dragør

CVR-nr.: 42753505

It is not a requirement that our company has an external DPO, but if you have questions about the processing of your personal data, you can contact us via contact@mediskill.dk.

Behandlingsaktiviteter

As data controller in accordance with GDPR, we have the following processing activities.

Besøg på hjemmesiden

When you visit our website, we use cookies so that the website can function.

Kommunikation med potentielle kunder

When you have questions about our services, or wish to hear more about our services, you can contact us via:

Email: contact@mediskill.dk
Phone: +45 31 54 08 85

Through this, we will process your personal data so that we can engage in a dialogue with you, for example to answer questions about our services. We only process the information that you give us in connection with our communication.

We typically process the following general information: name, email, phone number.

Our legal basis for processing this personal data is GDPR Article 6(1)(f).

We delete our communication with you when it becomes clear whether you want our services or not.

Should there in a special case arise a need to store your personal data for a longer period, this may be the case.

Kunder

We need to communicate with our customers to ensure that the service is delivered correctly. Through this, we may process information about name, address, services, special agreements, payment information and similar.

The legal basis for processing this personal data is GDPR Article 6(1)(b).

When the service has been delivered and any outstanding matters are completed, we will immediately thereafter delete the personal data.

Bogføring

We must store all accounting documents in accordance with the Bogføring Act. This means that we store invoices and similar documents for use in accounting. This may include general personal data such as name, address, service description.

Our legal basis for processing personal data for accounting is GDPR Article 6(1)(c).

We store this information for a minimum of 5 years after the current accounting year has ended.

Mobilapplikation (MediSkillMobile)

When you use our mobile application MediSkillMobile, we process additional data to provide the service.

Lokationsdata

The app accesses location data (precise location, approximate location, and background location) solely for the purpose of Bluetooth beacon-based presence tracking. This feature detects your proximity to workplace beacons to verify your presence at a clinical training location.

Location data is:

  • Used to enable Bluetooth Low Energy (BLE) beacon scanning on Android devices
  • Not stored on our servers beyond the session
  • Not shared with third parties
  • Not used for advertising or tracking purposes
  • Processed only in the context of workplace presence verification

You can control location access through your device's permission settings at any time. Disabling location access will prevent the beacon presence verification feature from functioning.

Our legal basis for processing location data is GDPR Article 6(1)(b) (necessary for the performance of the service) and Article 6(1)(a) (your consent when granting app permissions).

Databehandlere

Few can handle everything themselves, and the same applies to us. We therefore have partners and use suppliers, some of which may be data processors.

External suppliers may, for example, provide systems to organize our work, services, consulting, IT hosting or marketing.

  • One.com hosts website and database
  • Plausible Analytics to track website usage in relation to optimization

It is our responsibility to ensure that your personal data is processed properly. Therefore, we set high requirements for our partners, and our partners must guarantee that your personal data is protected.

We therefore enter into agreements with companies (data processors) that handle personal data on our behalf to increase the security of your personal data.

Videregivelse af personoplysninger

We do not disclose your personal data to third parties.

Profilering og automatiske afgørelser

We do not perform profiling or automated decisions.

Tredjelandsoverførsler

We primarily use data processors in the EU/EEA, or who store data in the EU/EEA.

In some cases, this is not possible, and here data processors outside the EU/EEA may be used if they can provide your personal data with appropriate protection.

Behandlingssikkerhed

We keep the processing of personal data secure by having implemented appropriate technical and organizational measures.

We have made risk assessments of our processing of personal data, and have thereafter implemented appropriate technical and organizational measures to increase processing security.

One of our most important measures is to keep our employees updated on GDPR through ongoing awareness training, GDPR courses, and by reviewing our GDPR procedures with employees.

Data Subject Rights

Under the GDPR, you have a number of rights in relation to our processing of information about you.

If you wish to exercise your rights, you must contact us so that we can help you with this.

Right to Access Information

You have the right to gain insight into the information we process about you, as well as a number of additional information.

Right to Rectification

You have the right to have incorrect information about yourself corrected.

Right to Erasure

In special cases, you have the right to have information about you deleted before the time of our normal general deletion occurs.

Right to Restriction of Processing

In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have processing restricted, we may in the future only process the information – except for storage – with your consent, or for the purpose of establishing, exercising or defending legal claims, or to protect a person or important public interests.

Right to Object

In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your information for direct marketing.

Right to Data Portability

In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have these personal data transferred from one data controller to another without hindrance.

You can read more about your rights in the Danish Data Protection Agency's guidance on data subject rights, which you can find at www.datatilsynet.dk.

Withdrawal of Consent

When our processing of your personal data is based on your consent, you have the right to withdraw your consent.

Complaint to the Data Protection Agency

You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find the Data Protection Agency's contact information at www.datatilsynet.dk.

We generally encourage you to read more about GDPR so that you are updated on the rules.