Privacy Policy
Privacy Policy
At Kamstrup, we respect data privacy and it is our top priority to protect data, prevent misuse and loss of data. We respect the trust all our stakeholders have in our ability to handle their data in a secure and trustworthy way. All data is handled in accordance to the European General Data Protection Regulation (EU GDPR) and other applicable data protection regulations.
We value the trust you show us, when entrusting your personal information to us, and we will only use your information in relation to the presented purposes and the consent given by you. Furthermore, Kamstrup will only keep your data for the period it is legitimately reasonable to do so. Thereafter, the data collected by us or given to us by you will be deleted. This Privacy Policy will provide a thorough overview of what type of information is collected, how data is used and if shared with any third party relation.
1. Who are we?
When you visit Kamstrup A/S’ (hereinafter “our/we/ours”) website, www.kamstrup.com, our physical premises or communicate with us in any other way, we may receive and process personal data about you.
We are the data controller in respect of the personal data we process about you. Our contact details are:
Kamstrup A/S
Company reg.no. 21 24 81 18
Industrivej 28
8660 Skanderborg
E-mail: dpo@kamstrup.com
Phone +45 89 93 10 00
2. How do we process your personal data?
2.1 General administration of business relationships
For the purpose of managing and maintaining our business relationships with our customers and suppliers, we process personal data about you as a contact person in the form of your name, e-mail address, job title, phone number and language.
Our legal basis for the processing of your personal data is GDPR article 6 (1)(f), as it is in our legitimate interest to manage and maintain our business customer and/or supplier relationships.
We usually receive this personal data directly from you, however, in some cases, we receive your personal data from other sources, e.g., public phone books or business contacts.
2.2 General contact with end-customers
In some instances, we may be in contact with end-customers (consumers), and thus process personal data in the form of contact information about you as a consumer, i.e., name, e-mail address and phone number.
Our legal basis for the processing of personal data about you as a customer is GDPR article 6 (1)(f), as it is in our legitimate interest to process contact information about you as an end-customer in order to respond to your inquiry.
2.3 E-mail marketing
If you subscribe to receiving commercial material via e-mail, we process ordinary personal data about you as entered in the form of your name, e-mail, phone number, language, country, city, zip code, business area (electricity, water, heat/cooling and/or submetering) and workplace in order to send you the relevant material. The e-mails contain insights, customer cases, product launches, news and event invitations about our smart meter solutions and related products.
By subscribing to receiving our commercial e-mail material, you accept to receive material from the following Kamstrup group entities:
- Kamstrup A/S
- Blue Control A/S
- Thvilum A/S
If you have signed up with the selection of a country, which is not Denmark, you also accept to receive material from the Kamstrup entity present in that particular country (As an example, you will receive marketing material from Kamstrup AB in Sweden, if you sign up with Sweden as country):
- Kamstrup Austria GmbH
- Kamstrup Metering Solutions Canada Inc.
- Kamstrup Metering Solutions (Beijing) Co., Ltd.
- Kamstrup Metering Solutions Pvt. Ltd.
- KAMSTRUP IRELAND LIMITED Kamstrup Italy S.rl.
- KAMSTRUP ASIA PACIFIC SDN BHD
- Kamstrup AS Kamstrup Sp. z o.o.
- Kamstrup South Africa (Pty) Ltd
- Kamstrup Spain S.L.
- Kamstrup AB Kamstrup B.V.
- Kamstrup Middle East FZC
- Kamstrup Water Metering L.L.C.
The purpose of the processing in question is to allow us to contact you directly and send you direct commercial material, which is relevant to you depending on your selected subscriptions.
Our legal basis for sending you commercial material and processing your personal data in this regard is your consent, cf. GDPR article 6 (1)(a). You are, at any point in time, entitled to withdraw your consent, if you no longer wish to be contacted by us. You may do so by contacting us via the contact details provided in section 1.
On the basis of your consent to receive marketing e-mails, we process behavioural data about you in the form of the timestamp for your sign up, how many times you have opened the individual commercial e-mail, when you have opened the commercial e-mail, which links you have clicked on, where you are geographically located when you open the commercial e-mail and which device you are using when you read the commercial e-mail. The purpose and legal basis of this processing is our legitimate interest in performing an internal profiling in order to personalize the content of our marketing e-mails and examine your maturity as a potential customer, cf. GDPR article 6 (1)(f).
2.4 General direct contact via e-mail
If you have requested to be contacted directly via e-mail via our contact forms, we process the following ordinary personal data about you: Name, e-mail address, country, city, postal code, company, position in the company and the description of your request, which you type into the free text field.
The purpose of the processing in question is to allow us to contact you directly and respond to your inquiry.
Our legal basis for contacting you directly via e-mail as a response to your inquiry and processing your personal data in this regard is your consent, cf. article 10(1) of the Danish Marketing Act and GDPR article 6 (1)(a). You are, at any point in time, entitled to withdraw your consent, if you no longer wish to be contacted by us. You may do so by contacting us via the contact details provided in section 1.
If we – based on your specific inquiry – assess that it is more relevant for you to get in touch with our subsidiaries, Thvilum and Blue Control, we transfer the above-mentioned personal data to Thvilum or Blue Control in order for them to be able to respond to your inquiry.
2.5 General direct contact via phone (business customers only)
If you (as a business customer) have requested to be contacted via phone we process the following ordinary personal data about you: Name, e-mail address, phone number, country, company and the description of your request, which you type into the free text field.
Our purpose and legal basis for the processing of your personal data is to be able to contact you directly via phone in response to your inquiry, cf. GDPR article 6 (1)(f).
If we – based on your specific inquiry – assess that it is more relevant for you to get in touch with our subsidiaries, Thvilum and Blue Control, we transfer the above-mentioned personal data to Thvilum or Blue Control in order for them to be able to respond to your inquiry.
2.6 Virtual postcards
When you use our online service in the form of virtual postcards, allowing you to receive different types of utility calculations, we process personal data about you in the form of your name, e-mail, workplace, country, city, and zip code.
Our legal basis for the processing of personal data is GDPR article 6 (1)(f), as it is in our legitimate interest to process regular personal data about you in order to provide you with the calculations you have requested.
2.7 Sales and marketing material distributed physically
For the purposes of sales and marketing, we physically distribute sales and marketing material to contact persons at our customers. In this regard, we process ordinary personal data about you as a contact person in the form of your name and workplace. The sales and marketing material is distributed to you at your place of work.
Our legal basis for the processing of personal data is GDPR article 6 (1)(f), as it is in our legitimate interest to process ordinary personal data about you in order to send you physical posts with relevant news, product information, information about events etc.
You are at any time able to opt out of receiving marketing by contacting us via the contact information mentioned above in section 1.
In order for us to forward the material to you, we transfer your personal data to our printing house as well as to the Danish postal service, Post Nord, or a local equivalent postal service partner.
2.8 Events, user meeting conferences, webinars, and seminars
If you sign up to participate in events, user meeting conferences, webinars and/or seminars, we will process personal data about you in the form of your name, e-mail address and information about your workplace.
We process this personal data based on our legitimate interest in having an overview of participants and – if relevant - forwarding the access link to the event, conference, webinar or seminar to you and thus enabling you to participate in the event or seminar of your choice, cf. GDPR article 6 (1)(f).
During the event, user meeting conference, webinar or seminar, we may take photos and/or record video material, which we use for marketing purposes. If this is the case, we will obtain your consent prior to taking photos and/or recording video material of you, cf. GDPR article 6 (1)(a). For further information about the processing of personal data about you in this regard, please refer to the consent.
2.9 Visits to Kamstrup and registration in the reception
When you visit Kamstrup, you have to register your arrival at the reception. In connection hereto, we process your personal data in the form of your name, e-mail, and phone number.
Our legal basis for the processing of your personal data is GDPR article 6 (1)(f), as it is in Kamstrup´s legitimate interest to register visitors for safety and security reasons.
2.10 Video surveillance
At Kamstrup we have set up cameras at all entrances and exits, outside around our buildings, in the canteen on Industrivej 28 and 51, at front desks inside our buildings (Industrivej 28 and 51), in server rooms and in connection to goods-dispensing. In this regard, we process ordinary personal data about you in the form of images and video without sound.
The purpose of video surveillance is our legitimate interest in crime prevention and increasing security, cf. GDPR article 6(1)(f).
Image and video recorded in connection with video surveillance for crime-prevention purposes may be passed on to the police for crime-solving purposes or to other recipients to whom we are legally obliged to disclose such information.
2.11 Access cards
When you visit Kamstrup as a guest, you are sometimes given an access card at the reception, which allows you to move around the buildings on your own. If you receive an access card, we process personal data about you in the form of your name and access card number.
Our legal basis for the processing of personal data is GDPR article 6 (1)(f), as it is in our legitimate interest to provide our guests with access cards to our premises and facilities.
2.12 Internet logging
If you, as a part of your visit to Kamstrup, use our guest network, we will process personal data about you in the form of your IP address. The purpose of the processing in question is crime prevention and security reasons.
Our legal basis for the processing of personal data is GDPR article 6 (1)(f), as it is in Kamstrup´s legitimate interest to ensure that our network is only used for legal and legitimate purposes.
2.13 Surveys
If you are a customer at Kamstrup, have purchased one of our products or services, or if you have been in contact with our customer support, we may invite you via mail to participate in a survey.
When inviting you via mail to participate in surveys, we process personal data about you in the form of your name and your e-mail address. We process this information with the purpose of forwarding the survey invitation to you. Furthermore, we process your responses in the survey.
The purpose of our processing of personal data when performing surveys, is to gather customer feedback in order to ensure the improvement of our products and services provided to customers and the collaboration in general. Thus, our legal basis for processing your personal data is our legitimate interest in improving our products and services as well as the customer experience, cf. GDPR article 6 (1)(f).
If you have participated in a survey and provided us with a rating, based upon which we deem your experience to have been unsatisfactory, we will contact you to receive the necessary further feedback in order for us to perform a service recovery. In this regard, we process the above mentioned personal data as well as your phone number.
Our legal basis for processing your personal data, in this case, is GDPR article 6 (1)(f), as it is in our legitimate interest to ensure that our customers receive the best possible service. We emphasize the fact that your participation in the survey is voluntary and that it is in your best interest (as well as ours) to rectify any mistakes or shortcomings.
2.13.a Web surveys
When visiting our website, you may be invited to participate in surveys performed by us. We strive to keep the participation in website surveys anonymous, however, if you voluntarily type in personal data in your answers, we will process this data about you.
The purpose of our processing of personal data when performing surveys, is to gather customer feedback in order to ensure the improvement of our services provided to customers. Thus, our legal basis for processing your personal data is our legitimate interest in improving our products and services as well as the customer experience, cf. GDPR article 6 (1)(f).
2.14 Social media accounts
When you visit or in any other way interact with our company profile(s) on social media platforms such as Facebook, LinkedIn and Instagram (hereinafter “social media provider”), there is a joint controllership between us and the social media provider (“LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland” and “Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland”). This applies in regard to our use of insights and analysis tools on these social media platforms.
Because of our joint controllership, we have entered into joint controllership agreements. These agreements define our and social media providers’ respective responsibilities to comply with the obligations imposed on data controllers in the GDPR.
The joint controllership agreements state that we are responsible for providing you with a privacy notice. Thus, we provide you with the following information in order to fulfil our obligations in the joint controller-ship agreements: Our purpose for using insights and analysis tools provided by social media platforms is to enable us to target the relevant audiences on social media, and to enable us to generate analyses and statistics of the reach of our campaign ads and other online content as well as your use of our website and services on the website.
Furthermore, when you visit our website, we gather personal data about you in the form of information about your visit on the website and other information gathered via the use of cookies, pixels, etc. For further information on our use of cookies, please refer to our cookie policy.
We transfer your personal data to the above listed social media providers.
Legal basis
We are responsible for ensuring a legal basis for the abovementioned processing activities.
The legal basis for the processing in question is your consent, cf. GDPR article 6 (1)(a). You are, at any point in time, entitled to withdraw your consent. You may do so by contacting us via the contact details provided in section 1.
Your rights
If you wish to invoke your rights relating to the processing of personal data stored with us, you may do so in accordance with section 5 of this privacy policy.
Social media providers as independent data controllers
In regard to processing of your personal data, where the social media provider is an independent data controller, you may find further information on their processing of your personal data here www.linkedin.com/legal/privacy-policy, https://www.facebook.com/privacy/policy and https://privacycenter.instagram.com/policy.
The social media provider is independently responsible for ensuring a legal basis for the processing of personal data carried out by them and where the social media provider has not received any personal data from us. If you wish to invoke your rights in accordance with GDPR articles 15-20 relating to the processing of personal data for which the social media provider is independently responsible, you can find further information on how to do this in their privacy policies listed above.
2.15 Cookies
When you visit our website, we use cookies in order to ensure the functionality of the website as well as to perform tracking and analysis of your visit on our website. In doing so, we may process personal data about you. You can find further information on our use of cookies in our cookie policy.3. Storage and deletion
4. Data processors and third country transfers
When processing your personal data, we may engage a number of our data processors such as IT-system providers, hosting providers, providers of newsletter solutions and solutions for hosting online events, website providers, cookie providers and survey providers etc.
If, in connection with our use of data processors and sub-processors, your personal data is transferred to any third countries (outside EU/EEA), we ensure a legal basis in accordance with GDPR chapter 5. If you have any questions specifically regarding the transfer of your personal data to third countries, please contact us by using the contact details provided in section 1 of this privacy notice.
5. Your rights
According to the GDPR and the Danish Data Protection Act and subject to the conditions set out in these regulations, you enjoy the following rights. If you wish to exercise any of these rights, please contact us by using the contact details provided in section 1 of this privacy policy.
- The right to request access to the personal data
- The right to rectification of inaccurate personal data and to have incomplete personal data completed
- The right to erasure of personal data
- The right to restriction of processing of the personal data
- The right to object, on grounds relating to your particular situation, at any time to processing of personal data which is based on GDPR article 6(1)(f). If you object, we may no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms or if processing is necessary for the establishment, exercise or defence of legal claims.
Where the processing of personal data is based on your consent, you also have the right to withdraw your consent at any time by using the contact information provided in section 1 of this privacy policy. If you withdraw your consent, this will not affect the lawfulness of the processing of personal data prior to the withdrawal.
You can find more information about your rights in the Danish Data Protection Agency’s guidance on the rights of data subjects. You may file a complaint about our processing of your personal data with the Danish Data Protection Agency (Datatilsynet), Carl Jacobsens Vej 35, 2500 Valby, e-mail: dt@datatilsynet.dk, phone number + 45 33 19 32 00
Latest revision 31.03.2023