The Port of Thyboron collects personal data in connection with general business, i.e. when you have business with the port, when communicating with the port by, for example, email, and when, for instance, you use our website.
The collection and processing of data are always done according to the applicable rules for processing personal data (the Danish Data Protection Act).
Proper handling of personal data is essential for the Port of Thyboron to ensure that data is only used for the purpose for which it was collected and that there is the necessary legal basis in the law for the collection and processing of data. Therefore, the necessary organisational and technical measures have also been taken to ensure that the personal data that is collected and processed by the port is kept up to date, stored securely in our systems and only used for the purpose for which it has been collected and that it is only used by employees with functions where it is necessary to process the collected data.
1. Data Controller
The Port of Thyboron is the Data Controller of the personal data we collect in our general business and in our communication with customers, suppliers, business partners and others who have contact and/or communication with the Port of Thyboron.
The contact details in relation to this are:
Tel.: +45 96 90 03 10
2. Data Protection Officer (DPO)
The Port of Thyboron, as a self-governing municipal port, must appoint a Data Protection Officer who can also be contacted about the Port of Thyboron’s processing of personal data. The port has entered into an agreement through the Danish Ports Association (DH) that the port’s DPO is:
Lawyer Maria Helbo Holck
Law firm Kirk Larsen & Ascanius
H.C. Andersens Boulevard 45
DK-1553 Copenhagen V
Tel.: + 45 76 11 54 43
3. Processing of personal data at the Port of Thyboron
The following briefly explains the personal data that the Port of Thyboron collects and processes. The description has been kept brief for the sake of simplicity.
3.1 Cookies on the website
The information in the Cookie Declaration is provided openly and transparently so that you can clearly see how cookies are used to make your visit to the website better and so that you can make an informed choice to accept their use.
If you still want to manage or remove cookies, you can do so through the settings in your Internet browser. Please note that not accepting cookies may affect the functionality of a website. Many of the interactive features that the website offers are dependent on cookies, and blocking or deleting cookies may prevent the features from working or reduce their usefulness.
Different Internet browsers may use different methods for managing cookies. Follow the instructions from the Internet browser manufacturers below to configure your browser settings.
Microsoft Internet Explorer (IE)
The Cookie Declaration is updated every month by Cookie Information. If you have any questions, please send an email to firstname.lastname@example.org.
3.2 General customer data as part of the operation of the Port of Thyboron
The Port of Thyboron operates general port activities based on the premise that all business is aimed at other companies. In principle, we do not have business with private individuals.
In connection with our general business (ship arrivals, handling of goods via the quays, landing of fish, land and premises rentals, deliveries from suppliers, etc.), data is collected for our customer and supplier records. As a starting point, general business data will be collected, just as names may be associated with contact persons. The data is stored and maintained in our CRM system and our financial system. The personal data collected in this context will typically be:
Name of the contact person at the company
The contact person’s company email
The contact person’s company phone number
In principle, the Port of Thyboron does not collect and store private addresses or other private contact information on customers and suppliers.
Data is stored in accordance with the provisions of the Danish Financial Statements Act governing storing accounting documents and their annexes, and will normally be deleted after five years if the data at that time is no longer relevant to the port.
3.3 Data in special systems at the port
The Port of Thyboron has a number of automated systems that customers use or which are set up for security and CCTV surveillance of the port, including International Ship and Port Facility Security (ISPS) of cargo ships.
In some instances, these systems collect personally identifiable data that the port stores either for the purposes of documentation or subsequent invoicing. These are explained below:
3.3.1 Shore-to-ship power (SSP) at the Port of Thyboron
The system to supply shore-to-ship power at the Port of Thyboron is automated. To get power, the customer must identify themselves by using the specially provided key tag or by calling from the mobile phone that is registered in our system.
In connection with registering a phone number, it is also recorded which company the phone number belongs to and which will be invoiced for the power usage. There may be a name associated with the contact person in the company who has access to use the phone in question.
In addition to recording which phone number has opened for the use of power from a given shore connection, the time for switching on and off, as well as the power usage during the connection period is also recorded. These are stored in a separate system and used for invoicing the usage.
For the tag solution, only the company data, tag number, connection time and usage are recorded.
Data is used exclusively for invoicing. Personally identifiable data such as name and phone number may be disclosed to the debitor company upon request.
The system can only be accessed by selected staff at the port via password-protected access. Data is stored in accordance with the provisions of the Danish Financial Statements Act for storing accounting documents and supporting documents.
3.3.2 Opening gates to the ISPS area
The Port of Thyboron has a number of quay facilities subject to ISPS security, which applies to all berths for handling cargo ships and other vessels subject to ISPS requirements. The ISPS rules prescribe that there should be effective access control to ISPS areas when they are active.
To ensure this, there will be automatic gates that users with access to the area can open by calling from a mobile phone. As the control must be personal access control, the phone number will be associated with the name of the person who has access to the area.
Access to an ISPS secured area cannot be granted without personal access control.
Therefore, all opening and closing of gates to closed areas are logged in the special system, which applies to all ISPS quays at the port and the entrance to South Harbour.
Data from the system is never disclosed to third parties without consent. However, data may be disclosed to authorities upon a reasoned request with reference to the legal basis for the request.
All areas where access control is logged will have ISPS CCTV signs.
The system can only be accessed by selected staff at the port via password-protected access.
In the interests of security, crime prevention and ISPS security of the port, there is CCTV covering most of the Port of Thyboron.
The CCTV recordings are logged in a 30-day loop, after which they are automatically erased unless particular incidents at the port require recordings being saved for subsequent documentation (theft, vandalism, accidents or the like).
Besides relevant staff at the port, the police also have access to the Port of Thyboron’s CCTV.
CCTV recordings are never disclosed to third parties without the consent of the persons who are readily identifiable on the recording.
There is a sign at the entrance to all areas covered by CCTV, i.e. at all entrances to the port.
4. Security and disclosure of personal data
The Port of Thyboron processes all personal data confidentially and in systems that are secured against unlawful access or misuse, as well as data being secured with daily backups. All data is currently stored in IT systems.
Besides the port having access to data, we have a number of suppliers that process data or maintain IT systems for us. We have entered into data processing agreements with all companies to ensure the confidentiality and security of the personal data collected and processed by the port.
In principle, personal data is never disclosed to third parties without the explicit consent of the person to whom the data relates unless otherwise explicitly described in the individual sections above.
However, the port discloses data to other authorities such as the police and the Danish Customs and Tax Administration upon request, provided that the request refers to the legal basis that the authorities concerned can request that the data be disclosed. As a starting point in such cases, no prior consent will be obtained for the disclosure.
5. Your rights in relation to recording and processing personal data
There are a number of rights which the individual has concerning the Port of Thyboron’s collection and processing of personal data. Your rights are briefly described below and you are always welcome to contact the Port of Thyboron either by phone or email if you have any questions about our processing of your data.
You have the right to know what personal data we process about you, why we process it and how long we keep it. A request to this effect must be addressed to us, but you do not have to give a reason.
If the port processes inaccurate data, then you have the right to request that it be corrected so that the data processed is correct.
You have the right to object to our processing of your personal data at any time. If we receive such a request, we will assess whether we should limit or stop the processing of this data. We will assess this based on whether it is essential for our business with you that we can continue to process the data and whether we are doing it on a legal basis.
In some cases, you have the right to obtain your personal data in a commonly used and readable digital format, so that you can pass it on to other data controllers.
Finally, if you have given us consent to the processing of personal data, you always have the right to revoke it. We will then stop processing the personal data that the consent relates to if there is no other legal basis for continued processing.
6. Complaint instructions for the Danish Data Protection Agency
If you have any objection to the processing of your personal data, then you can contact us. However, you always have the right to object about our processing and storage of your personal data to the Danish Data Protection Agency. The Danish Data Protection Agency’s contact details can be found at www.datatilsynet.dk.