How Danmarks Nationalbank processes personal data
This privacy policy describes how Danmarks Nationalbank collects and processes personal data. For each of the points, we describe the types of personal data we process, the purpose of the processing, the legal basis that allows us to process data, the sources of our data and for how long we store the data.
Data controller
Danmarks Nationalbank is the data controller for the processing of the personal data we process about you. You can contact us at:
Danmarks Nationalbank
Langelinie Allé 47
DK-2100 Copenhagen Ø
Telephone: +45 33 63 63 63
Email: nationalbanken@nationalbanken.dk
Data Protection Officer
If you have any questions about our processing of your data, please contact our Data Protection Officer. You can contact our Data Protection Officer as follows:
By email: dpo@nationalbanken.dk
By letter:
Danmarks Nationalbank,
attn: Data Protection Officer,
Langelinie Allé 47,
DK-2100 Copenhagen Ø
Recipients of your personal data
We treat your data as confidential and we generally do not disclose data to third parties. However, we may disclose data to other authorities, including the police.
If we receive a request for access to documents pertaining to a matter that includes your personal data, we are obliged to disclose the data unless they are confidential.
The data may be passed on to external suppliers, including data processors, who assist Danmarks Nationalbank in the performance of its activities.
Your rights
As a general rule, you have a right of access to the data we process about you in accordance with Article 15 of the General Data Protection Regulation (GDPR). This means that you may request that we provide information about our processing of your data.
You also have the right to rectification, erasure and restricted processing of any data that turn out to be inaccurate or misleading or which have otherwise been processed in violation of existing laws. This is stated in Articles 16, 17 and 18 of the GDPR.
Under Article 21 of the GDPR, you have a right to object to our processing of your data. In such case, we will make a decision on whether your objection is justified. If it is, we are no longer entitled to process the data in question.
You also have the right to withdraw your consent to the processing of your data. If you choose to withdraw your consent, it will not affect the lawfulness of our processing of your personal data based on your previous consent up to the time of its withdrawal. If you withdraw your consent, the withdrawal will consequently only take effect from the time of withdrawal. If you withdraw your consent, you should be aware that we may in some cases be entitled to continue to process your data. In such cases, we will notify you accordingly.
Who can you complain to?
You can complain about our processing of your data to the Danish Data Protection Agency. You can find contact information on the Danish Data Protection Agency at www.datatilsynet.dk.
Processing purposes:
- Careers Evening
- CCTV at Danmarks Nationalbank
- Central government and money market liquidity management
- Conferences and meetings
- Danmarks Nationalbank Alumni
- Emergency Liquidity Assistance
- Enquiries to Danmarks Nationalbank
- Exchange of banknotes and coins
- External stakeholders and calls for tenders
- Facebook page
- Interview and questionnaire survey
- Job applications
- Lectures
- News service
- Payment systems (RTGS systems)
- Press conferences
- Statistics and analyses
- The Erik Hoffmeyer Travel Grant Foundation
- The recruitment process
- The Royal Mint of Denmark's webshop
- Visits to Danmarks Nationalbank
- Website
- Whistleblower scheme
Careers Evening
If you sign up for Danmarks Nationalbank’s Careers Evening event, we process the contact details and education data that we receive from you in connection with your registration. If your travelling expenses are reimbursed, we may also process your account number details.
The purpose is to manage your registration for the Career Evening event and to reimburse any travelling expenses.
The processing of the data that we receive from you is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
The data are stored for the period permitted by law, and we erase them when they are no longer needed.
We collect the personal data directly from you.
CCTV at Danmarks Nationalbank
If you visit Danmarks Nationalbank in person, we process data about you in the form of CCTV footage from the publicly accessible areas in connec-tion with the reception and the speed gates to our meeting rooms.
In addition, we have CCTV of the perimeters of our buildings at Langelinie Allé 47, DK-2100 Copenhagen Ø and Havnegade 5, DK-1093 Copenhagen K, where we may process personal data about you if you walk past the buildings.
The purpose is to prevent and solve incidents of crime and to increase staff security.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDRP).
The footage is stored in accordance with the rules of the Danish Act on CCTV Surveillance (TV-overvågningsloven).
We collect the personal data directly from you.
Central government and money market liquidity management
Danmarks Nationalbank is responsible for the overall central government liquidity management and makes projections for Danmarks Nationalbank’s and the central government’s liquidity impact on the Danish money market. The latter constitutes important input in the individual banks’ liquidity management. In order to calculate this, Danmarks Nationalbank receives incoming and outgoing payments in central government accounts at transaction level. Regarding the central government’s outgoing payments, Danmarks Nationalbank cannot see any information about the individual recipients. For incoming payments to the central government, for example voluntary payment of tax, Danmarks Nationalbank can see any personal data that you have yourself entered in the free text field. This may, for example, be name, civil registration (CPR) number, account number, information about unemployment benefits, sickness benefits, fees and the payment itself.
The purpose of the processing is the management of central government liquidity and the preparation of projections of the liquidity impact on the money market. Danmarks Nationalbank only uses aggregated data in our calculations where individuals cannot be identified.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We store the personal data for one year, after which they are automatically erased.
We collect the data from public authorities via the central government’s payment system, SKB.
Conferences and meetings
If you attend a conference or a meeting hosted by Danmarks Nationalbank, we process the following data about you: name, place of employment, nationality, contact details and any dietary requirements.
The purpose is to manage your participation at the conference or meeting as well as any hotel booking.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We store the data until the event has been held.
We collect the data from you or your employer.
Danmarks Nationalbank Alumni
When you sign up for one of Danmarks Nationalbank’s events in our alumni network, we process the data you provide in connection with your registration, i.e. name and email address. We process your data in connection with the next event as well, unless you opt out of such processing when registering.
The purpose of the processing is to manage your registration for the event.
The processing of your personal data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
Your data are stored for up to 24 months after the event has been held.
We collect the data directly from you or via online sources such as social media.
Emergency Liquidity Assistance
Danmarks Nationalbank can provide Emergency Liquidity Assistance (ELA) to a solvent credit institution with an emergency liquidity need. In this connection, Danmarks Nationalbank may receive data about the customers of credit institutions, including private individuals and sole proprietorships. This will typically involve the following types of data:
- Identification data, including name, address and civil registration (CPR) number
- Data on customers’ loans, including loan types and amounts
- Any options for set-off against the customers’ deposits.
The purpose is to provide ELA to a solvent credit institution, for example against security in the institution’s lending.
The processing of your personal data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
Danmarks Nationalbank stores the data for as long as the institution’s lending is furnished as security and for up to 12 months after any enforcement of the security.
Enquiries to Danmarks Nationalbank
If you contact Danmarks Nationalbank by telephone or email, we process data about your name, telephone number, email address, possibly place of employment and the information you state in your enquiry. Danmarks Nationalbank urge you not to provide civil registration number (cpr-nummer) or other private information in your enquiry. Your enquiry is recorded in our file handling system.
The purpose is to enable us to communicate with you and respond to your enquiries.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
The data are stored for the period permitted by law, and we erase them when they are no longer needed.
The period depends on the nature of the data and the purpose of storing the data.
We collect the personal data directly from you.
Exchange of banknotes and coins
Directly to Danmarks Nationalbank
If you contact Danmarks Nationalbank to exchange damaged or old banknotes and coins, Danmarks Nationalbank is obliged to perform customer due diligence procedures. For this purpose, we process the following data:
- Name
- Address
- Civil registration (CPR) number or similar identification number, e.g. passport number.
We need to have the data confirmed in the form of, for example, a copy of your passport, health insurance card, driving licence or similar proof of identity.
The purpose is to identify our customers in order to prevent money laundering and financing terrorism in accordance with the rules on customer due diligence procedures set out in the Danish Anti-Money Laundering Act.
We have a duty to update the data that are still relevant for the transaction, and we may therefore contact you for this purpose.
The processing of the data is necessary to comply with a legal obligation to which we are subject under the Danish Anti-Money Laundering Act (Article 6(1)(c) of the GDPR).
We store the data for five years after the transaction has been completed, as prescribed by the Danish Anti-Money Laundering Act.
We collect the personal data directly from you or the company in which you are employed.
Via your bank
If you hand in damaged, including coloured, banknotes or coins via your bank, we may process data about your name, address and telephone number from the bank requesting an exchange of the banknotes/coins as well as about the reason for the damage to the banknotes/coins.
The purpose of the processing of your personal data is to enable us to assess whether the submitted banknotes/coins can be exchanged.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We store the data for five years after the case has been closed. Data pertaining to unsettled cases may be stored for up to ten years.
We collect the personal data from your bank.
External stakeholders and calls for tenders
External stakeholders, including suppliers and cooperation partners
If you are an external stakeholder, e.g. for example economist with an interest in Danmarks Nationalbank’s area or employed with one of our suppliers or cooperation partners, we may process data about your name, email address, telephone number and place of employment.
The purpose is to enable us to communicate with you, manage our cooperation, accounting and provide information about Danmarks Nationalbank’s activities.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We store your data for as long as our business relationship or cooperation lasts.
We collect the personal data directly from you or your employer.
Calls for tender
If you are employed with a company that participates in a tendering procedure, we may process data about your name, email address, telephone number and place of employment.
The purpose is to enable us to communicate with you and manage the tendering procedure.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We store your data for as long as it is necessary in relation to the tendering procedure.
We collect the personal data directly from you or your employer.
Facebook page
Danmarks Nationalbank and Facebook are joint data controllers in connection with the collection of personal data about visitors to our Facebook page.
You can read the agreement on joint controllership here.
When you visit Danmarks Nationalbank’s Facebook page, we process the data about you that you send to us, for example in connection with a direct enquiry from you to us on Facebook. Such data will typically be your name and the question(s) you send to us.
In the privacy policy for Facebook, you can read what data Facebook collects when you visit Danmarks Nationalbank’s Facebook page and how Facebook processes the data. Find it here.
The purpose of processing of your personal data is to enable us to respond to your enquiries to us via Facebook and to allow Facebook to provide us with anonymous data about visitors to our Facebook page.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
Danmarks Nationalbank does not store and does not have access to data about your online behaviour collected by Facebook. The data are stored by Facebook as described in Facebook’s Privacy Policy.
The data are stored for the period permitted by law, and we erase them when they are no longer needed.
We collect the data directly from you when you visit our Facebook page or ask us a question.
Interview and questionnaire survey
If you participate in an interview or questionnaire survey for Danmarks Nationalbank, we may process personal data about you in the form of responses, including data on gender, age, geography, your finances and payment habits. Your civil registration (CPR) number may also be processed if questionnaires are sent out via digital post.
The purpose is to acquire an understanding of different aspects of the Danish economy, such as citizens’ payment habits, their expectations for the economy or their financial actions.
The processing is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR). Any processing of your civil registration (CPR) number for the purpose of sending you a questionnaire via digital post is necessary to ensure unambiguous identification, see section 11(1) of the Danish Data Protection Act (Databeskyttelsesloven).
As a general rule, your response is stored for as long as necessary for the survey in question – typically no more than one year after the conclusion of the survey. Danmarks Nationalbank will subsequently only store anonymised data where individuals cannot be identified.
Danmarks Nationalbank may use a data processor who is responsible for the collection and systematisation of data on behalf of Danmarks Nationalbank, for example Epinion P/S. In addition, the responses may be passed on to Statistics Denmark, where Danmarks Nationalbank may have access to the data in pseudonymised form via the public authority scheme.
We collect the data in the form of responses directly from you. Any processing of civil registration (CPR) numbers for the purpose of sending out questionnaires is based on data collected from Statistics Denmark, which provides an extract of CPR numbers.
Job applications
If you apply for a position with Danmarks Nationalbank, the data you provide in your application will be processed in our recruitment system.
The purpose is to process your application and compile internal statistics to optimise the application process.
Processing is necessary to exercise for the exercise of our official authority (Article 6(1)(e) of the GDPR).
Any health data that you have provided in your application or CV will be processed with your explicit consent, granted when you upload the application in our recruitment system (Article 9(2)(a) of the GDPR). You may withdraw your consent at any given time by contacting Danmarks Nationalbank at hr@nationalbanken.dk.
If you do not get the position with Danmarks Nationalbank, your application will be erased six months after the vacancy has been filled, unless you actively extend the storage period by an additional six months. If you are employed with Danmarks Nationalbank, your application will be filed in your HR file.
Information about applications received for use for internal statistics is stored in anonymised form.
We collect the personal data directly from you.
Lectures
If you register your class for a lecture at Danmarks Nationalbank, we process the contact details you provide in connection with the booking.
The purpose is to manage your booking of a lecture.
The processing of the data you have provided is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
The data are stored for the period permitted by law, and we erase them when they are no longer needed.
We collect the personal data directly from you.
News service
When you sign up for Danmarks Nationalbank’s news service, we process the data you have provided about email address, company and subscription categories.
The purpose of the processing is to send you the news you have signed up for.
Your email address is registered in a database managed by our data processor Novicell ApS and MailGun, which is responsible for sending the newsletter. Your email address will not be used for other purposes and will not be passed on to others.
When you sign up for our news service, you also consent to our processing of your data (Article 6(1)(a) of the GDPR). You can withdraw your consent at any time by unsubscribing to the service via the link at the bottom of the email.
We process your data until you unsubscribe to the news service, after which we erase them.
We collect the personal data directly from you.]
Payment systems (RTGS systems)
Digital signatures
When you sign various documents, including agreements, authorisations, forms and declarations, digitally via mit-id on behalf of a bank or mortgage credit institution, we store your digital signature.
The purpose of the processing is to be able to verify that it is you, as authorised, who has signed the document in question.
The processing of your personal data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We store your data for as long as it is necessary to exercise Danmarks Nationalbank’s official authority (section 1 of Danmarks Nationalbank Act).
We collect the data directly from you.
User data
When, as an employee of a Danish bank, you have access to the payment systems that Danmarks Nationalbank makes available, we process data about you related to your access to the system, including name, user ID, contact details and workplace.
The purpose of the processing is to manage your access to the payment systems, including the issue of a digital certificate.
The processing of your personal data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We will store your data for as long as you are designated as a security officer/administrator and/or user in the payment systems. Documentation of requests for the creation and deactivation of users is stored for one year after the end of the year in question.
We collect the data directly from you or from your employer.
Data in transactions (MT103 payment instructions)
Danmarks Nationalbank and S.W.I.F.T. SC, Avenue Adèle 1, 1310 La Hulpe, Belgien (Swift) are joint data controllers. You can read how Swift processes your personal data here: Swift Data Protection Policies.
In connection with transfers from one customer to another customer (MT103 payment instructions), a bank may disclose personal data about the payee for the receiving bank’s processing of the transfer. In this connection, Danmarks Nationalbank and Swift may process data on your account number, name and civil registration (CPR) number.
The purpose is the execution of the payment instruction, including enabling Swift to send and receive financial messages or files, and to pre-validate, track and manage financial transactions.
The processing of your personal data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR). Further to this, Swift has a legitimate interest in processing your personal data, namely to ensure the security, efficiency and transparency of financial transactions you may be involved in (Article 6(1)(f) of the GDPR).
We store your personal data for as long as is necessary for the exercise of our official authority, see section 1 of the Danmarks Nationalbank Act (Lov om Danmarks Nationalbank). Your personal data is deleted by Swift from its systems according to Swift’s data retention and deletion procedures, and in any event when this information is no longer necessary for the purposes for which it is processed.
We collect the data from your bank. Swift may use data processors for problem investigation purposes.
In limited circumstances, Swift may transfer your personal data outside of the EEA, using adequate transfer arrangements to secure the data. For resiliency, availability and security purposes, Swift stores message data in its data centres located in the EU, the United States and in Switzerland. The EU Commission has recognized Switzerland as providing adequate data protection. Further, to allow the transfer of personal data from the EEA to Swift operating centre in the United States, Swift executed with its local entity in the United States the EU standard contractual clauses and implemented additional technical and organizational safeguards to ensure that all personal data transfers comply with the GDPR.
Press conferences
If you participate in one of Danmarks Nationalbank’s press conferences, we may process personal data about you in the form of a video recording of the press conference.
The purpose is to share Danmarks Nationalbank’s messages.
Recording of and subsequent access to video recordings of press conferences on our website are necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
The data are stored for the period permitted by law, and we erase them when they are no longer needed.
We use Vimeo, Inc. for live streaming and storage of the videos. Vimeo is located in the United States. Danmarks Nationalbank’s disclosure of data to Vimeo, Inc. is regulated by the European Commission’s standard contractual clauses, which lay down data protection rules and security measures for transfer of the data.
You can read more about Vimeo’s processing of your personal data here.
Statistics and analyses
Danmarks Nationalbank collects personal data on the Danish population to support the performance of Danmarks Nationalbank’s tasks as described in section 1 of the Danmarks Nationalbank Act. The data are used for a number of purposes, including regular analyses of the Danish economy (e.g. of household debt), oversight and assessments of financial stability as well as payment, pension and wealth statistics.
The data are collected in accordance with section 14a of the Danmarks Nationalbank Act unless otherwise expressly stated. The data are covered by Danmarks Nationalbank’s special duty of confidentiality (section 20(1) of the Danmarks Nationalbank Act) and may only be disclosed in accordance with section 20(2). The recipient of the data is subject to a similar duty of confidentiality regarding the data (section 20(3) of the Danmarks Nationalbank Act).
The processing of ordinary personal data is necessary for the exercise of our official authority and to perform a task carried out in the public interest (Article 6(1)(e) of the GDPR). The processing of sensitive personal data is necessary for statistical purposes (Article 9(2)(j) of the GDPR and section 10 of the Danish Data Protection Act (Databeskyttelsesloven)).
Processing of your civil registration (CPR) number is necessary to ensure unambiguous identification, see section 11(1) of the Danish Data Protection Act (Databeskyttelsesloven).
The data are processed for as long as necessary for the performance of Danmarks Nationalbank’s tasks (section 1 of the Danmarks Nationalbank Act).
You can read more about the specific data processed here:
Analysis of the effect of carbon tax on Danish agriculture
Danmarks Nationalbank processes data on Danish agriculture at farm level. These data cover a number of aspects, including specific farm conditions such as cultivated area, number of livestock and fertiliser con-sumption as well as financial conditions, such as accounting ratios and loan information, including information on gross yield, annual profit and debt. As many farms are run as sole proprietorships, data about name and civil registration number may also be processed.
As a security measure, we pseudonymise the data after collection. This means that those of our employees who have access to the data cannot see your name and civil registration number.
We buy the data from SEGES Innovation P/S.
Credit data
Danmarks Nationalbank’s credit register collects data about you as a borrower in the form of income and default, data about your loan, including principal amount, interest rate, repayment profile, loan type, ar-rears, impairment charges/write-offs as well as any data on collateral for your loans, including collateral type, value and location in connection with the mortgaging of real property as well as identification data, including name, address and civil registration (CPR) number.
As a security measure, we pseudonymise the credit data after collection. This means that those of our employees who access the credit data for the purpose of performing Danmarks Nationalbank’s tasks generally cannot see your name, address and civil registration (CPR) number. If there is a work-related need, data, for example Building and Housing Register (BBR) number, can be made identifiable, for example to ensure the data quality or to identify a concentration risk entailed by the actions of natural persons for financial institutions. The identity of the individual person is thus not in itself significant to Danmarks Nationalbank’s work.
We use Statistics Denmark as data processor when we enrich the collected credit data with Statistics Denmark’s register data and subsequently gain access to the overall data via Statistics Denmark’s public authority scheme (Myndighedsordning), which is described in further detail below. We also disclose certain identification details and data on loan type and creditor institution to Statistics Denmark.
We collect the data from your bank or mortgage credit institution.
Land register data
Danmarks Nationalbank collects publicly available data from the land register, including name and address, as well as real property data, title data and liability data.
We collect the data from the land register.
Payment statistics
Danmarks Nationalbank collects data on aggregated transactions made with payment cards to prepare payment statistics on a daily basis. Generally, the data cannot be identified as the transactions are aggregated and broken down by the payees’ geographical location (postcode), industry affiliation and sales channel and the country in which the card was issued. However, the data are treated as personal data, as it cannot be ruled out that certain sole proprietorships and their card turnover can be identified. In these cases, Danmarks Nationalbank processes data about the sole proprietorships concerned and their daily card payments turnover.
We collect the data from card acquirers (e.g. Nets Danmark A/S).
Pension data
Danmarks Nationalbank collects pension data in the form of data about savings, contributions and pension company as well as identification data, including name, address and civil registration (CPR) number.
The pension data are collected by our data processor, the Danish Tax Agency. The data are then disclosed to Statistics Denmark, after which Danmarks Nationalbank obtains access to the data via Statistics Den-mark’s public authority scheme.
We collect the data from your pension company.
Statistics Denmark’s public authority scheme
Danmarks Nationalbank has access to data at corporate level and individual level via Statistics Denmark’s public authority scheme (section 1(3) para (3) of the Danish Act on Statistics Denmark (Lov om Danmarks Statistik)). Your name and civil registration (CPR) number do not appear in the data, and access is in accordance with Statistics Denmark’s guidelines for the use of data.
The Erik Hoffmeyer Travel Grant Foundation
The Erik Hoffmeyer Travel Grant Foundation has been dissolved and no longer awards grants. If you have received a grant within the past five years, your application and disbursement documents will be stored.
The purpose is to document the foundation’s disbursements in accordance with the Danish Bookkeeping Act.
Your data are processed in order to comply with the legal obligation imposed on us under the Danish Bookkeeping Act (Article 6(1)(c) of the GDPR).
The recruitment process
In the recruitment process regarding your application for a position at Danmarks Nationalbank, we may process the following personal data:
•References from previous employers and/or others who are likely to be able to contribute relevant information concerning your potential employment. References are only obtained from referees provided by you
•Personality test answers
•Information regarding a Google search of your name
•Civil registration (CPR) number
The purpose is to be able to assess you and your suitability for the specific position, so that Danmarks Nationalbank can fill the position with the most suitable candidate, signing the employment contract and setting up salary payments, etc.
We will inform you of the extent to which the specific position involves obtaining credit information from RKI, and we will not obtain this personal data without you being informed.
Processing of your personal data in connection with personality tests, Google searches and references is necessary for Danmarks Nationalbank’s exercise of official authority (Article 6(1)(e) of the General Data Protection Regulation).
The processing of your CPR number is necessary to uniquely identify you (section 11(1) of the Danish Data Protection Act) and for Danmarks Nationalbank’s exercise of official authority (Article 6(1)(e) of the General Data Protection Regulation).
Your personal data may be entrusted to external suppliers, including data processors, who assist Danmarks Nationalbank with the operation of the business.
For employed candidates, the personality test and references from previous employers are stored for two years. The personality test is stored for six months for candidates who are not employed. Other information is not stored after the position is filled.
The Royal Mint of Denmark's webshop
On 1 December 2023, Danmarks Nationalbank closed the sale of coins and bank notes via the Royal Mint of Denmark’s webshop. If you have placed an order from the webshop within the past five years, we’ll store the invoice and accounting statements.
The purpose is to handle potential complaints and to document orders The purpose is to document the foundation’s disbursements in accordance with the Danish Bookkeeping Act.
Your data are processed in order to comply with the legal obligation imposed on us under the Danish Bookkeeping Act and the Danish Sale of Goods Act (Article 6(1)(c) of the GDPR).
Your personal data will be stored for five years from the end of the financial year in which the order was placed.
Visits to Danmarks Nationalbank
If you visit Danmarks Nationalbank as a guest, we process the following data about you: name, place of employment and named contact at Danmarks Nationalbank.
We process the data for the following purposes:
- Registration in our reception when you arrive at Danmarks Nationalbank
- Handing-out of guest passes so that you can access our building.
The processing of the is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
We store guest registration data for up to one month after your visit.
We collect the personal data directly from you or from your employer.
As a guest at Danmarks Nationalbank, you can park your car in the visitor car park at Langelinie Allé 47. Danmarks Nationalbank’s parking facilities are managed by ATP Ejendomme and ParkZone A/S. ATP Ejendomme is the data controller for the data you provide in connection with the registration of your car.
Website
When you visit the Danmarks Nationalbank website, we collect data on your behaviour on the website by means of cookies, including data about IP address, country, region, entity and company. The data do not enable us to identify your name or private address. You can withdraw or change your cookie consent by declining cookies in the cookie overview, and you can also block cookies in your browser. Read more about our use of cookies in Danmarks Nationalbank’s cookie policy here [insert link]. We also use various social media plugins that make it easier for you to share content from Danmarks Nationalbank’s website on Facebook, LinkedIn and Twitter. For this type of processing, Danmarks Nationalbank is joint data controller with the provider of the relevant third-party cookie(s).
You can also read more in Facebook’s Privacy Policy and in LinkedIn’s Privacy Policy.
The purpose of our use of cookies is to improve and optimise our website and publications.
The processing of the data is necessary for the exercise of our official authority (Article 6(1)(e) of the GDPR).
The data are stored for five years and are then erased.
We collect the personal data directly from you.
Whistleblower scheme
Danmarks Nationalbank is obliged to have a whistleblower scheme for anonymous and confidential reporting of matters that cannot immediately be handled through ordinary channels. The law firm Lund Elmer Sandager manages Danmarks Nationalbank’s whistleblower scheme. You can read more about their processing of personal data here Danmarks Nationalbank Whistleblowerportal (les.dk).
Danmarks Nationalbank may process the following personal data in connection with the whistleblower scheme if you:
- make a report: As a general rule, Danmarks Nationalbank does not have access to personal data about the reporter unless you specifically consent to such disclosure to Danmarks Nationalbank. Your data are treated as confidential by Lund Elmer Sandager
- form part of the investigation of a case: For example name, contact details, job title and other data shared in connection with the report or that may emerge in connection with the investigation of the case such as potential criminal offences.
We may disclose your personal data to authorities or public bodies if necessary in connection with legal proceedings.
The processing of personal data in connection with a report to Danmarks Nationalbank’s whistleblower scheme is necessary for the exercise of our official authority and to perform a task carried out in the public interest (Article 6(1)(e) of the GDPR). The processing of personal data may also be necessary to comply with a legal obligation to which we are subject under the Danish Act on Protection of Whistleblowers (Lov om beskyttelse af whistleblower) (Article 6(1)(c) of the GDPR).
We store your personal data for as long as it is necessary for the processing of the case in question, after which the data will be erased when they have been handed over in accordance with the Danish Archives Act (Arkivloven).
We receive the data from Lund Elmer Sandager, which manages Danmarks Nationalbank’s whistleblower scheme.