Privacy policy

Privacy Protection Policy

Protection of personal data is a high priority for Director J.P.A. Espersen and wife, Mrs. Dagny Espersen’s Foundation. Therefore, we have established a policy outlining how the JPA Espersen Foundation handles your personal data.

The JPA Espersen Foundation is the Data Controller

The data controller is the JPA Espersen Foundation, CVR no. 69706010, located at Sydhavnsvej 12, 3700 Rønne, Denmark.
If you wish to exercise your rights or have any questions, you are welcome to contact the Foundation’s administrator at: admin@jpa-fonden.dk

Activities of the JPA Espersen Foundation

The JPA Espersen Foundation processes your application and your personal data for the following purposes:

  • To assess whether the JPA Espersen Foundation will grant a donation to you or your project
  • To share the submitted application, in its entirety, with professionals involved in the Foundation or consulted as part of the application review process
  • If you receive a donation, your personal data will not be published on the Foundation’s website or in its annual report, etc. However, the Foundation is required to retain data in accordance with legislation regarding donations, and such data cannot be deleted
  • If your application is rejected, your personal data and documents will be deleted after 6 months

Categories of Personal Data Processed by the JPA Espersen Foundation

The Foundation processes the following categories of personal data collected either directly from you or from third parties, including public authorities:

Category

Data

Legal Basis for Processing

General personal data

Basic data such as name, address, email, phone number, marital status.

The JPA Espersen Foundation processes your personal data in accordance with Article 6 of the Regulation to handle your application, including assessing whether the JPA Espersen Foundation should grant support to you/your project.

Sensitive personal data

Only relevant data concerning health conditions

The JPA Espersen Foundation processes your sensitive personal data in accordance with Article 9 of the Regulation to handle your application, including assessing whether the JPA Espersen Foundation should grant support to you/your project.

Please note that by applying (using the application form available on the Foundation’s website), you consent to the processing of the above personal data by the JPA Espersen Foundation.

Right to Withdraw Consent

Your consent is voluntary and can be withdrawn at any time by contacting us at admin@jpa-fonden.dk.

Withdrawing your consent does not affect the lawfulness of the processing based on your prior consent up until the time of withdrawal.

Who Has Access to Your Information?

Your data may be shared or disclosed within the JPA Espersen Foundation. In addition, your data may be disclosed or transferred to the following recipients:

  • Public authorities to comply with legal obligations or requirements
  • External professional advisors or specialists for the evaluation of your application and project
  • Auditor, legal advisors, and other consultants
  • Banks in connection with the disbursement of grants
  • Data processors and any subcontractors related to the operation, maintenance, and support of IT systems and user administration

Your data is stored within the EU/EEA (European Union/European Economic Area). If data is transferred to data processors in third countries, this is done in accordance with data protection regulations to safeguard privacy.

Data Retention and Deletion

Upon submission of your application, your data will be processed throughout the application process, which typically lasts six months.
If your application is rejected, your data will be deleted.
If your application is approved and a donation is granted, we will retain your data – including your profile, application, related documents, and correspondence – for 5 years plus the current financial year after the conclusion of your case.
After that, the application itself will be deleted, and only your name as applicant/recipient will be retained for up to 10 years after the conclusion of each application case, ensuring proper identification and application history, especially for recurring applicants.

The retention period applies individually to each case and is calculated from the conclusion of that particular case.

Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights regarding the processing of your personal data:

  • The right to access the data we process about you, as well as additional information
  • The right to have incorrect data about you corrected
  • In certain cases, the right to have your data deleted before our general deletion period
  • The right to restrict processing of your personal data in certain circumstances. If this right is exercised, we may only process your data – aside from storage – with your consent, for legal claims, for the protection of another person, or important public interests
  • The right to object to processing based on our legitimate interest (Article 6(1)(f))
  • In certain cases, the right to receive your data in a structured, commonly used, and machine-readable format and to have it transferred from one controller to another without hindrance
  • The right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you are dissatisfied with how we process your personal data. Contact details can be found at: www.datatilsynet.dk

You can read more about your rights in the Danish Data Protection Agency’s guidance on data subject rights at www.datatilsynet.dk.

Updates to Our Privacy Policy

We take great care in protecting your personal data, and therefore, this privacy policy may be updated as necessary.

April 2024, Version 2