Privacy Policy

KommuneKredit collects and processes personal data as part of our daily operations, and we take responsibility for the personal data we collect and process. In our privacy policy, you will find information about your rights and how we handle and protect your personal data.

Processing and storage of your personal data

Depending on the services or products that form the basis of your relationship with us, we process different types of personal data. We do this to fulfil agreements, manage your relationship with us, measure your satisfaction with our products and services or to comply with legal requirements. We only collect the necessary data for each specific purpose, and we only store it for as long as necessary.

The personal data we collect and process include:

  • General personal data, such as name, position and contact details received by email or phone. 
  • Civil registration number and other personal data if we are required to collect it, for example, when establishing the entity you represent as a customer.
  • Traffic data showing how you use our website and other websites we manage.
  • Unique numbers of the devices you use when you visit our website or communicate with us by email.

Legal basis for processing your personal data

We must have a legal basis for processing your personal data. The legal basis will be one of the following:

  • You have given us consent to process your personal data for a specific purpose, see Article 6(1)(a) of the General Data Protection Regulation (GDPR). 
  • You represent a legal entity, such as a municipality, region, association or business, that has entered or is considering entering into an agreement with us for a service or product, see Article 6(1)(b) of the GDPR.
  • Compliance with a legal obligation, see Article 6(1)(c) of the GDPR, pursuant to, for example:
    • The Danish Anti-Money Laundering Act (hvidvaskloven)
    • The Danish Bookkeeping Act (bog­fø­rings­lo­ven)
    • The Danish Act on the Credit Association of Municipalities and Regions in Denmark (lov om kre­dit­for­e­nin­gen af kommuner og regioner i Danmark)
    • The General Data Protection Regulation (GDPR) and the Danish Data Protection Act (da­ta­be­skyt­tel­ses­lo­ven)
    • The Danish Capital Markets Act (ka­pi­tal­mar­keds­lo­ven)
    • The Market Abuse Regulation (MAR)
  • It is necessary for the purposes of our legitimate interests, see Article 6(1)(f) of the GDPR. This can be for documentation and security purposes, to prevent and detect money laundering, fraud, abuse and loss or to enhance IT security. We only do this if our legitimate interests override your interests or fundamental rights and freedoms in each individual case.

Sensitive information

In some cases, we may exchange and thereby process sensitive information, also known as special categories of personal data. This may occur if you send us an email with sensitive information about, for example, your political beliefs.

If we process sensitive information, we often do so without consent if you have made it public in connection with your political role or affiliation.

Generally, we only process sensitive information when necessary, including in the following cases:

  • For the purposes of the product or service that we deliver to the legal entity you represent, such as a municipality, region, association or business. This could be if you have contacted us for a loan or lease agreement and/or have accepted an agreement or terms in that connection.
  • For identification and verification purposes to comply with the requirements set out in, for example, the Anti-Money Laundering Act.
  • To comply with other legal requirements applicable to us.
    Apart from the situations where you have made sensitive information public yourself, our basis for processing sensitive information may be as follows:
    Your explicit consent, see Articles 6(1)(a) and 9(2)(a) of the GDPR.
  • If necessary to establish, exercise or defend legal claims, see Articles 6(1)(f) and 9(2)(f) of the GDPR.
  • For reasons of substantial public interest, see Articles 6(1)(c) or 6(1)(f) and 9(2)(g) of the GDPR.

Control, updating and erasure of your personal data

We ensure that the personal data we collect and process about you are accurate and up to date when we become aware of changes. If there are changes to your data, we ask you to inform us so we can keep it updated.

We only store your data as long as necessary for the purposes for which it was collected and used, after which we erase or irreversibly anonymise it.

Generally, we store data related to the product or service you were associated with as a representative until the end of the current year plus five years, or when the customer relationship between us and the legal entity ends, whichever is later. We do so primarily to comply with our obligations under the Bookkeeping Act, the Anti-Money Laundering Act and the requirements stipulated by the Danish Financial Supervisory Authority (Finanstilsynet). In some cases, we store your data for longer, for example:

  • If the limitation period is 10 years. In such cases, we may store the data for up to 10 years, plus a reasonable period to process and manage the data if an issue arises when the limitation period expires. 
  • If we need to retain the data to comply with other legal or regulatory requirements.
  • If you, as a representative of a potential new customer, request a loan or lease proposal, but the proposal is rejected and the legal entity does not become a customer, your personal data will usually be stored for six months. However, for various reasons, it may be stored for longer to comply with legal requirements, such as the Anti-Money Laundering Act.

Obtaining your consent

In cases where we process your personal data, we often do it based on agreements to fulfil contracts, legal obligations or regulatory requirements. If we need your consent to process your data for other purposes, we will obtain it first. Your consent is voluntary, and you can withdraw it at any time by sending an email to persondata@kommunekredit.dk.

Disclosure of your personal data

We only disclose your personal data to third parties when necessary to fulfil our obligations or comply with the law. In some cases, we may share your data for marketing purposes, but only if we have obtained your consent beforehand.

Your rights

You have the rights granted under the EU General Data Protection Regulation (GDPR) and applicable data protection laws.

You have:

The right of access (Access)

  • You have the right of access to the data we process about you and other supplementary information.

The right to rectification (Rectification)

  • You have the right to have inaccurate personal data about you corrected.

The right to erasure (Erasure)

  • In certain circumstances, you have the right to have personal data about you erased prior to expiry of our general retention period.

The right to restrict processing

  • In certain circumstances, you have the right to have the processing of your personal data restricted.

The right to object (Objection)

  • In certain circumstances, you have the right to object to our otherwise lawful processing of your personal data.

The right to data portability

  • In certain circumstances, you have the right to receive a copy of your personal data or have the data transferred directly from us to another data controller.

The right to withdraw consent

  • If our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. You can do so by contacting us using the contact details below. Withdrawing your consent will not affect the lawfulness of our processing of your personal data based on your previous consent up until the time of withdrawal. If you withdraw your consent, your withdrawal will only take effect from that point in time.

If you wish to exercise any of the above rights, please send an email to persondata@kommunekredit.dk.

Contact us

If you have any questions about how we use your personal data or wish to exercise your rights, you are welcome to contact us at persondata@kommunekredit.dk or by phone at +45 3311 1512.

Changes to our privacy policy

We regularly update our privacy policy, and we will change the date of the document when updates occur. If the changes of the way we process your personal data significantly affect you, we will take reasonable steps to inform you of the changes to enable you to exercise your rights, including to object to the processing.

Complaints

In addition to the option to complain directly to KommuneKredit using the above email address, you can also complain to the Data Protection Agency – read more here.

Contact details

KommuneKredit
Kultorvet 16
DK-1175 Copenhagen K
Phone: +45 3311 1512
Email: persondata@kommunekredit.dk
www.kommunekredit.dk
Central Business Register (CVR) No.: 22 12 86 12

Contact us

If you would like to know more about treasury and sustainable financing in KommuneKredit, please feel free to contact us.

Treasury

funding@kommunekredit.dk+45 3311 1512

Sustainable finance

bf@kommunekredit.dk+45 3311 1512

Telephone hours

Monday - Friday