Privacy policy

1. Data Controller

1.1. Purpose

We process personal data and have therefore adopted this privacy policy that tells you how we process your data.

To protect your personal data in the best possible way, we continuously assess the risk of our data processing negatively affecting your fundamental rights. We are particularly aware of the risk of you being subjected to discrimination or ID theft or suffering financial loss, loss of reputation or data confidentiality.

1.2. Contact information

Whitsun Festival Lolland is the data controller and we ensure that your personal data is processed in accordance with the law.

Whitsun Festival Lolland
Kristianssædevej 3,
4930 Maribo
CVR no:

Phone number: (+45) 60 13 25 02
E-mail: info@whitsun.dk

1.3. We ensure fair and transparent data processing

When we ask you to provide us with your personal data, we will inform you which data we process about you and for what purpose. You will be informed of this at the time of collection of your personal data.

If we collect data about you from others, e.g. a supplier, authority or business partner, we will inform you no later than 14 days after we have collected your personal data. We also provide information about the purpose of the collection and the legal basis that allows us to collect your personal data

2. What data is collected

We use data about you to improve our service and ensure quality in our products and services and in our contact with you. The data we use includes:

2.1. Automatically collected data

Our digital solutions are based on different technologies to ensure user-friendliness and security. These technologies may automatically collect data to provide the best possible solution, either directly by us or by a third party on our behalf. Analysis of clickstream data and cookies are examples of this.

Every visit to a digital solution results in information being sent from your browser to a server. It is through the analysis of this data that we optimize digital solutions. Data is collected via third parties on our behalf. Data may be collected about your computer for system administration and internal marketing-related analytics. This data is statistical information about user behavior in the digital solutions. Examples of data that is collected and analyzed:

  • Date and time of visit.
  • The pages visited in the solution.
  • The IP address of the visitor.
  • Geographical location.
  • Information about the browser and computer used (type, version, operating system, etc.)
  • Referrer URL (the page from which the visitor has arrived at our solution)

We use Google Analytics and Facebook Pixel as web analytics solutions in our digital solutions. In this context, web analytics data from our digital solutions is sent for analysis in the service provided by Google Analytics and Facebook. Here, Google Analytics and Facebook act as “data processors” of data for which we are responsible, and this data may only be disclosed by agreement or to comply with legal requirements.

Find out more about the privacy policies we use:

2.2. Information you provide yourself

In addition to the information collected automatically, we also process data that users have actively provided to us.

Examples of data that users actively provide are:

  • Information you share with us via social media
  • Information sent by email
  • Information we receive from you when you fill out a contact form.
  • Information you share with us when you participate in surveys, events and competitions
  • Information you share with us when you complete an order in our webshop.
  • And so on.

3. Use and storage of collected data

3.1. Purpose of collection

Below are examples of how to use the information collected:

  • Order fulfillment.
  • Follow up on sales.
  • Communication related to your order or other inquiries to us.
  • Ensuring usability and security.
  • Continuous optimization of our digital solutions.
  • Ability to participate in customer surveys, competitions, prize draws, etc. via digital solutions.
  • Archive of registered products and associated personal information.
  • We may target offers and campaigns to you based on behavioral history and demographic data combined with third-party solutions and data.

3.2. Storage

We store information about you for as long as we have a legitimate and objective basis for doing so, including to enable us to serve you in the best possible way.

3.3. Disclosure of information

We only disclose customer information to third parties in accordance with what is stated in this privacy policy.

We may disclose your information if we are required to disclose or share data to comply with a legal obligation. Disclosure may also be made at the direction of a court or other authority, or to protect trademarks, rights or property. This involves exchanging information with other companies and organizations for fraud protection purposes.

We use service providers and data processors who perform work on our behalf. The services can be e.g. be server hosting and system maintenance, analytics, payment solutions, address and solvency checks, email service, etc. These partners may access data to the extent necessary to provide their services and services. Partners will be contractually obliged to keep all data strictly confidential and are not allowed to use data for anything other than what is covered by the contractual obligation to us, and we check that our partners comply with their obligations. If we transfer your data to a service provider or data processor outside the EU, we will ensure that we comply with the legal requirements for such transfers.

We never collect personal data unless you have provided us with this information when placing an order, making a purchase, participating in a survey, etc.

4. Safety and security

We protect your personal data and have internal rules on information security.

We have adopted internal information security rules that contain instructions and measures to protect your personal data from being destroyed, lost or altered, from unauthorized disclosure, and from unauthorized access or knowledge.

We have established procedures for granting access rights to those of our employees who process sensitive personal data and data that reveals information about personal interests and habits. We control their actual access through logging and auditing. To avoid data loss, we continuously back up our data sets. We also protect the confidentiality and authenticity of your data using encryption.

In the event of a security breach that results in a high risk to you of discrimination, ID theft, financial loss, loss of reputation or other significant inconvenience, we will notify you of the security breach as soon as possible.

5. Your rights

5.1. General

If you wish to access your data, have it corrected or deleted, or object to our data processing, we will investigate whether this is possible and respond to your request as soon as possible and no later than one month after we have received your request.

5.2. You have the right to access your personal data

You have the right to know at any time what data we process about you, where it comes from and what we use it for. You can also find out how long we store your personal data and who receives data about you to the extent that we disclose data in Denmark and abroad.

If you request it, we can give you access to the data we process about you. However, access may be restricted to protect the privacy of other persons, trade secrets and intellectual property rights.

You can exercise your rights by contacting us. You can find our contact details at the top of section 1.2.

5.3. You have the right to have inaccurate personal data corrected or deleted.

If you believe that the personal data we process about you is inaccurate, you have the right to have it rectified. You must contact us and inform us of the nature of the inaccuracies and how they can be corrected.

In some cases, we will have an obligation to delete your personal data. This applies, for example, if you withdraw your consent. If you believe that your data is no longer necessary for the purpose for which we collected it, you can ask for it to be deleted. You can also contact us if you believe that your personal data is being processed in violation of the law or other legal obligations.

When you contact us with a request to correct or delete your personal data, we will check whether the conditions are met and, if so, make the changes or deletion as soon as possible.

5.4. You have the right to object to our processing of your personal data.

You have the right to object to our processing of your personal data. You can also object to our disclosure of your data for marketing purposes. You can use the contact details at the top to send an objection. If your objection is justified, we will make sure to stop processing your personal data.

5.5. In certain cases, you have the right to have your data disclosed.

You have the right to receive the personal data you have provided to us and the personal data we have collected about you from other actors based on your consent. If we process data about you as part of a contract to which you are a party, you can also receive your data. You also have the right to transfer this personal data to another service provider.

If you wish to exercise your right to data portability, you will receive your personal data from us in a commonly used format.

6. Version

This privacy policy was last modified on March 10, 2022