1. About this privacy notice
TDC NET delivers telecommunications infrastructure to all of Denmark. We are expanding and operating a fiber network, cable TV net (Coax), the historical copper network (DSL) and lastly a mobile network, which covers multiple technologies.
A number of different it- and telecommunications providers deliver internet and telephone services through our network.
When using a communications service with one of the TDC NET providers, TDC NET will be required to process your personal data in order to deliver the service.
2. Who we are and how to contact us?
We are TDC NET A/S, CVR-no. 40075267, Teglholmsgade 1 09000, 2450 København SV. TDC NET is responsible for your personal data. This means that we decide which purposes the personal data is being collected and processed for. You can always contact us if you have questions regarding the privacy notice or TDC NET’s processing of your personal data, on: https://wholesale.tdc.dk/da/kontakt
TDC NET is part of TDC Group which has a Group Data Protection Officer (DPA). You can contact our DPO on firstname.lastname@example.org.
3. Which of your personal data do we process and where they origin from?
We may come to process your personal data in three different ways:
- When you provide us the information
- When we generate information about you
- When we receive information from another company, authority or organization (3rd. party)
3.1 Information you provide us or information we generate automatically
If you sign up for a service with TDC NET, have a communications connection installed at your address, communicate with us, or use our website, we process the personal data you provide us in these cases, and information we receive through cookies on our website. This information can involve:
Name, address, contact information, IP-address and other technical addresses. If your communication with us contains personal data, this data will also be processed.
When you use our mobile network or fixed network (Fiber/Coax/DSL), personal data is generated about you (on condition that we know who you are)
When using our mobile network, traffic data and location data are generated. This involves the phone numbers you communicate with, time and duration of this communication and what antenna your terminal is connected to. We also process data about the terminal you are using in our network. If you use our mobile network as internet connection, we register the IP address assigned to you and your log-in data which includes other meta data about your internet connection.
Fiber network/Coax-network/DSL-network for internet connection
When using our cable net for your internet connection, we register your assigned IP address. We also register metadata e.g. data retention, which is data about your use of the connection and performance data. This measures the strength of the signal on the connection.
Fiber network/COAX-net/DSL-net for tv-connection
When using our cable net for your tv connection, we register your assigned IP address. We also register the MAC-address and serial number on your equipment.
3.2 Information we recieve from 3rd parties
When using our network, we receive an account number or another identifier from your telco- or internet provider, which we use to register your use of our network. In this way we are able to provide your telco- or internet provider with relevant information on your use of our network. This is necessary to manage your subscription and provide you with an invoice. We receive your address from your service provider if you need access to one of our fixed networks. (Fiber/COAX or DSL)
If you need a telecommunications connection installed at your address, we will collect information from public registers such as: Bygnings- og Boligregistret (BBR), Det Fælleskommunale Ejendomsregister (ESR), Statens Salgs- og Vurderingsregister (SVUR), Plansystem DK – Det Danske Plansystem, miniMAKS – Matrikulært System, Det Centrale Virksomhedsregister (CVR), Ledningsejerregistret (LER) og Danmarks Statistik (DST).
If you run a speed test on your internet connection through: https://www.speedtest.net/, TDC NET receives this information from Ookla LLC.
TDC NET handles operational logistics for Nuuday A/S. This means that TDC NET oversee storage and distribution of equipment for Nuuday’s customers. If you are receiving equipment from Nuuday, we will therefore receive and process your name, address, your order number and data about the product from Nuuday A/S.
4. What are our purposes of processing your personal data?
4.1 Delivering products and services
We process your personal data in order to deliver our products and services for you, e.g. when we, or our subcontractor, to whom we pass on your personal data, deliver a connection to your address, or when your telecommunications provider use our network to deliver their services.
In these cases, we also process your personal data, when we communicate g with you about delivery and operation of our products and services.
4.2 Optimization, fault searching and fault handling
It may also happen that we use your personal information regarding fault searching and fault handling, when it is necessary to test performance on a faulty communication line, or to locate a specific address where a faulty line makes fault searching and fault handling necessary.
4.3 Security and preventing misuse
In certain situations it might be necessary to process your personal data for safety reasons in order to protect our network or to prevent misuse or unauthorised access to our network and equipment.
4.4 Legal obligations
In certain cases, legislation imposes us to process your personal data and pass them on to the authorities for investigations into criminal matters. We only pass personal data to the authorities when imposed by the court.
4.5 Internal training
We process your personal data for in-house training and training of employees, e.g. regarding inquiries to our customer service.
4.6 Optimizing our websites
We process your personal data when you visit our websites. We make statistics on the use of the website in order to personalize the page for your device and show content in a relevant matter.
We process your personal data in order to target the marketing of our products and services to you through our own websites, other people's websites and in relation to direct marketing.
4.8 Statistics and analysis
We process your personal data to make internal statistics and analyses in TDC NET. We use the statistics, among other things, to assess market trends, create operational performance reports, target customer experience, optimize our internal processes and systems, and optimize our use of financial resources.
We do not use automated individual decision-making including profiling based on personal data.
5. What legal basis do we use to process your personal data?
5.1 In order to fulfill a contract which you are a part of
Most commonly, TDC NET processes your personal data in order to deliver a product or a service to you, or to allow your telecommunication provider to deliver a product or service.
In these cases, the processing is based on Art. 6(1)(b) in the General Data Protection Regulation (GDPR), which permits the processing of personal data if necessary to fulfill a contract which the data subject is a part of.
In some instances, processing takes place after you have explicitly allowed us to do so, e.g. when you give us marketing consent, participate in our surveys, when phone calls with customer service are recorded or if we ask you for permission to publish a picture of you.
In these cases, the processing is based on art. 6(1)(a) of the GDPR, which allows the processing of personal data if the data subject has consented to the specific purpose of the processing.
You always have the right to withdraw your consent. This means that in the future we will not process your personal data based on the consent. If you wish to withdraw your consent, please contact https://wholesale.tdc.dk/en/kontakt.
5.3 Statutory Obligation
As mentioned under 4.4, TDC NET is required by law to process certain personal information about the users of our services. These include data retention that TDC NET is obliged to log in pursuant to executive order 988 of 28. September 2006 (Logningsbekendtgørelsen) and the processing that takes place in accordance with the requirements of the Accounting Act.
In these cases, the processing is based on art. 6(1)(C) of the GDPR, which permits the processing of personal data if the processing is necessary to comply with a legal obligation imposed on the data controller.
5.4 The Balance of Interest Rule
When we do not process your personal data due to a contract, consent or legal obligation that we have been imposed, we will, if we have a legitimate interest, process your personal data after a balance of interest, where we measure our purpose in processing your personal data to your privacy.
We use the balance of interest when we process your personal data for statistics and analysis, in-house training, website optimization and our marketing activities.
In these cases, the processing is based on Art. 6(1)(f) of the GDPR.
6. Who do we share your personal data with?
We share personal data with partners and subcontractors in the following situations: For external processing of your personal data in order to provide you with a product or service. In situations where we share (transfer) personal data to a subcontractor or partner. We only transfer personal data which they need to perform their part of the task. In external data processing situations, we also ensure that the subcontractor or partner processes the personal data in a safe and confidential manner and that they follow our instructions.
With Your Consent:
In some cases, we will share personal data with other companies, organizations or individuals when you have given us your consent to do so.
Following a Balance of Interest: In some cases, we share personal data with other companies, organizations or individuals when we have a legitimate interest in doing so, and this interest is balanced against your privacy.
For legal reasons: To comply with legislation, other regulation, judicial processes or to comply with legitimate requests from public authorities. To be able to enforce our terms of service, including when investigating potential violations. To detect, prevent, or otherwise address fraud, security or technical issues.
To protect us from infringement of rights or security and against damage to TDC NET's property, our users or the public, as required by law or otherwise permitted. It may be that a subcontractor has parts of their products or services in a non-EU country (a third country) and that your personal information is therefore prosessed outside of the EU. In these situations, our subcontractors are required to ensure that the same security regulations and measures that protect your personal data within the EU are also applied to the personal data transferred to non-EU countries. This means that your personal data is equally secure, whether processed within the EU or in a third country.
7. For how long do we processes your personal data?
We do not want to store your personal data longer than necessary. We retain personal data for as long as it is necessary to provide our products or services to you, if it is necessary to be able to handle, for example, complaints or lawsuits, or as long as required by other legislation. We also store your information for a short period after you terminate any agreement with us. In this way we can restore your service if you wish, or if you have any questions about how we processed your personal data while you were a customer with us.
We ensure that the set data storage time (the period we store your information) also applies to our subcontractors. They do not store your data any longer than we do.
To ensure that the processing of your personal data is handled safely, we have implemented a management system for data safety which is based on best practice ISO27001 and the Insurance and Pension-standard (Forsikring & Pension-standarden). This system includes management, processes and other administrative, technical and physical controls, which ensures that our it-environment is secure from both a confidential, integrity and availability perspective.
We emphasize the systems and application which process your personal data. For each of these systems we have specific safety rules and controls.
The safety rules and controls are applicable to our subcontractor for the service supply chain to be secured. We perform audits and security checks e.g. vulnerability and penetration tests on our own systems and on systems operated by our subcontractors.
The it-environments, systems and application we use to deliver customer service and products and storage or processing of personal data are estimated and designed to be as safe as possible.
9. Your rights
TDC NET respects your rights and that the personal data you provide us with, is yours.
You have the right to access, rectify, export and object to the processing of your personal data.
People need to protect their personal data in different ways. To make it possible for you to use your rights as a data subject, we make every effort to make it clear which personal data we and our partners process.
9.1 Obligation to inform
You have the right to know which personal data we process about you in connection to your subscriptions and services. You can find the information in this privacy notice.
9.2 Right of access
You have the right of access to your personal data. In order to protect your personal data, we need to verify your identity before we can grant you access to your personal data.
In addition to access to your personal data, we must also inform you about:
The purpose of our processesing.
Which personal data we process.
The legal basis for our processesing.
Which organizations or individuals your personal data is shared with.
How long we store personal data.
Where your personal data origin from, if not collected from you.
Relevance, details and significance of eventual use of automated individual decision-making including profiling based on personal data
How we secure your rights in the event of international transfers of your personal data
9.3 Right to rectification
TDC NET ensures that your personal data are correct. In cases in which you believe they are inaccurate or incomplete, we encourage you to contact us so we can rectify the information.
However, we have the right to reject your request if it is unfounded or if we repeatedly receive similar requests from you. In such cases, we reserve the right to charge an administrative fee. We also reserve the right to reject your request if it is purposeless.
You may request your personal information to be rectified by contacting our Customer Service. We handle all requests as quickly as possible, and you will receive a confirmation within a month indicating that your data have been rectified or when we expect this to take place.
9.4. Right to erasure
TDC NET has an erasure policy to ensure that no personal data is stored for longer than necessary. In addition, you can ask for your personal information to be deleted.
You have the right to have your personal data erased when:
- The personal data are no longer required (if you are no longer a customer of ours and we are no longer entitled to store the data)
- You withdraw your consent (see consent above)
- You object and we do not have a legitimate reason to process your data
- The data have been processed unlawfully
- For compliance with a legal obligation which requires processing by EU or Danish law
You do not have the right to delete your personal data when processing is necessary:
- In order to use the right to freedom of expression and data
- In order to comply with a legal obligation in relation to the EU regulation or Danish legislation
for the public interest
- For archival purposes related to public interest, science, historical or statistical purposes
- For the establishment, pursuit or defense of legal requirements.
You can request that your personal data be erased by contacting our Customer Service. We handle all requests as quickly as possible, and you will receive confirmation within a month indicating that your data have been erased or when we expect this to take place.
9.5. Right to data portability
You also have the right to receive your personal data, in a structured, commonly used and machine-readable format, when you have yourself provided the data to us. You may also have the data transmitted to another supplier. This right is known as data portability. This applies when:
You have given your consent to the process, or when the process is performed on the basis of a contract, and processing is done automatically (electronically).
9.6. Right to object
You have the right to object to our processing of your personal data if the processing is based on a balancing of interests of ours and your purposes and considerations.
If the objection is justified, we will restrict the processing, as described below.
You also have the right to object to our processing of your personal data for direct marketing purposes. If you object to this processing, we will no longer process your personal data for this purpose.
9.7. Right to restrict the processing of your data
You have the right to suspend the processing of your personal data when:
- You believe the personal data is incorrect. We will stop processing until we have verified that the personal data is correct
- The processing is illegal. Instead of deleting the personal data, you can choose to have the processing stopped.
- We no longer need the personal data to fulfill the original purpose of the processing, but we must retain the information in order to create, exercise or defend legal claims
- You object to the processing in relation to Article 21 of the Data Protection Regulation.
- If the processing of your personal data is restricted, we may only store the personal data and will not process it in any other way than the restriction allows.
However, there are situations where we can continue processing. This applies to:
- With your consent
- To create, exercise or defend legal claims
- To protect the rights of another person or legal entity.
- For the sake of important public interests in the EU or in a Member State.
- If you have successfully restricted our processing of your personal data, we will inform you if we later remove the restriction on the processing.
9.8. Right to appeal to a supervisory authority
You have the right to file a complaint with a supervisory authority if you are dissatisfied with the way we process your personal information. The supervisory authority can be either the Danish Data Protection Authority or the Danish Business Authority depending on the type of personal data your complaint concerns.
You can find the Danish Data Protection Authority's contact information at www.datatilsynet.dk and the Danish Business Authority's contact information at www.erst.dk.
10. Changes to this privacy notice
We regularly review this privacy notice and update it if there are changes in our personal data processing. Changes will be posted here, and significant changes will also be communicated directly to the data subjects.