Privacy policy 

- for customers and collaboration partners as well as users of www.aarsleff.com

When we receive and process your personal data, we ensure that it takes place in accordance with the General Data Protection Regulation. This privacy policy provides information about what personal data we process, what the purpose is, what legal basis we use and for how long we store your personal data. 

Data controller
Per Aarsleff A/S is the data controller and responsible for the processing of your personal data: 

Per Aarsleff A/S, Hasselager Allé 5, 8260 Viby J, CVR. no. 37542784  

You are always welcome to contact us at persondataansvarlig@aarsleff.com if you have questions about how we process personal data. 

Per Aarsleff A/S collects personal data about you, when you as an individual, or as the employee of a company, enter into an agreement with us either as a customer or a supplier, when you use our website, when you contact us via e-mail, phone or contact form and when you visit some of our locations. 

We only collect the necessary personal data for specific purposes, which you can read more about below, and we erase your data again when there is no longer a legitimate purpose for processing them. Read more about this also. 

How does Per Aarsleff A/S collect personal data?

Personal data are primarily collected as follows: 

  • Via e-mail, phone and contact forms on our website.
  • Via browser cookies.
  • Via registration when you visit one of our locations.
  • Via video surveillance.
  • Via access registration on our construction sites.
  • Via our HR system if you apply for a job or upload your profile to be used for future job opportunities. A separate privacy policy for applicants is found in the recruitment system.
  • When registering in the shareholder portal. A separate privacy policy for shareholders is found in the shareholder portal.
  • When reporting to the whistleblower scheme. A separate privacy policy for whistleblowers is found in the whistleblower scheme. 

When you use our website, we collect cookies
When you use our website, we collect personal information in the form of IP Tracking or cookies. Cookies are small text files which are stored in your browser and which will be recognised each time you visit the website. Cookies make it possible to deliver personalised content to your browser. Cookies cannot contain virus. 

Read more about this in our cookie information where you can also accept and reject different cookies – you can find the link to our cookie information on our website in the lower left corner.  However, you cannot deselect some necessary cookies as they help ensure the function of the website. 

IP Tracking:
LeadEnhancer IP-tracking is a technology that is used to identify and track IP addresses that are unique for (almost) all companies. When somebody visits our website, we can use IP-tracking to find out which company they are from.

How does IP-tracking function:
Our IP-tracking software is called “LeadEnhancer”. It functions in the following way:

1. Tracking code: First, a tracking code is added in the header section on all subpages of the website.

2. Collection of IP addresses: When somebody visits our website, the tracking code collects the IP address of the visitor.

3. Matching of IP addresses: LeadEnhancer has a database of around 25,000 Danish companies and their IP addresses (information that is publicly available). When an IP address is collected from your website, LeadEnhancer compares this IP address with their database.

Purpose 
To optimise the website and collect knowledge/statistics on the use of the website via LeadEnhancer. 

What personal data do we process?
Information about IP address, type of browser, search words, network location.

Legal basis
The legal basis for our processing of personal data is subject to articles 6(1)(a) (consent) and 6(1)(f) (legitimate interest) of the General Data Protection Regulation. Our legitimate interest is our interest in ensuring the function of the website. 

Storage of personal data
Information about how long cookies are stored can be found in our cookie information. 

Sharing of information
Via our website, functionalities from other sites can be accessed. Videos, links etc. may contain cookies from these sites, e.g. they may track that you are using a function on their site via our site. A third party may e.g. be a provider’s comment field or blog field, Vimeo or YouTube. 

When you are a customer, supplier or other business partner – or on the way to becoming it
When we enter into dialogue about the performance of a task for the company that you are representing, we collect your personal data. The same applies if you e.g. are representing a supplier, and we are having a dialogue with the purpose of performing tasks or services for Per Aarsleff A/S. 

If we enter into a customer or supplier relationship or if we collaborate with you in any other way, we will process your personal data to be able to communicate and cooperate with you or to prepare the contractual basis etc. 

When you visit Aarsleff, we collect personal information via video surveillance, and we may collect information to issue a guest card. As a starting point the, the video surveillance will take place at the company’s entrance, and in guest and employee areas, in the reception as well as at the goods delivery. 

Purpose for processing personal data
Administration of your relation to Aarsleff, including invoicing and accounting, safety and security for employees and guests as well as sale and marketing. 

What personal data do we process?
Primarily name, company, position, mobile phone number, e-mail address and visits to certain locations (via video surveillance and guest registration). If you contact us via a contact form, we also process the data submitted in this form. 

Legal basis
The legal basis for our processing of personal data is subject to article 6(1)(b) and 6(1)(c) as well as 6(1)(f) (legitimate interest) of the General Data Protection Regulation. Our legitimate interests are the possibility for dialogue and establishment of a working relationship, safety for our employees and visitors, and minimisation of the risk of theft. 

Storage of personal data
We will store your data for as long as we have a legitimate reason. We have this for as long as a customer or supplier relationship exists and for a period thereafter. 

When a customer or supplier relationship ends, we will assess what data that will be deleted and what data that will be stored and for how long. As an example, under the Danish Bookkeeping Act we are obliged to store certain information for at least five years. 

Surveillance videos are overwritten regularly, and the information is saved for 30 days. Information for issuing of guest cards will be anonymised after one year. The guest card with your name will be shredded after use. 

Security of processing
We protect your personal data, and we have adopted internal rules about information security comprising instructions and measures protecting your personal data against unauthorised disclosure and against unauthorised persons getting access to or knowledge about them. We have established procedures for how we assign access rights to those of our employees who process personal data. To avoid data loss, we currently make a backup of our data set. 

In case of a personal data breach resulting in a high risk of discrimination, identity theft, financial loss, loss of reputation or other significant inconvenience, we will inform you of the security breach as soon as possible. We will also report the breach to the Danish Data Protection Agency. Our security procedures are currently revised based on the latest technological development. 

In addition to our internal systems, we use external suppliers of IT services, and we have data processor agreements with these suppliers. 

Your rights
When we process your personal data, you have the following rights: 

Right to access your personal data
You have the right to get access to the personal data we process about you. 

Right to rectification
You have the right to have inaccurate personal data rectified. 

Right to erasure
In certain cases, you have the right to request the erasure of your personal data. 

Right to restriction of processing
In certain cases, you have the right to request that the processing of your personal data is restricted to storage. 

Right to withdraw your consent
If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time according to the personal data protection rules. Unless the company has another legal basis for processing, we can no longer process the data in question. 

Right to object
In certain cases, you have the right to object to our processing of your personal data. This is the case, for example, when the processing is based on section 6(1)(f) of the GDPR.  

If you want to make use of your rights or if you have questions to our personal data policy, you can write to persondataansvarlig@aarsleff.com or contact Group HR Manager Gregers Pedersen, Hasselager Allé 5, 8260 Viby J. 

You can also read more about your rights and personal data policy in the guideline of the Danish Data Protection Agency at www.datatilsynet.dk

Complaint to the Danish Data Protection Agency
You have the right to file a complaint to the Danish Data Protection Agency, Carl Jacobsens Vej 35, 2500 Valby. Or on e-maildt@datatilsynet.dk. Complaint guide can be found on www.datatilsynet.dk.

The Danish Data Protection Agency and Per Aarsleff A/S recommend and appreciate that you always contact Per Aarsleff A/S directly before contacting the Danish Data Protection Agency.

August 2024