Personal data policy
Producer Rights Denmark (PRD)
Download PRD personal data policy (pdf)
Personal data policy
Producer Rights Denmark (hereafter ‘the Organisation’) uses and processes your personal data in accordance with this personal data policy.
For the purpose of this personal data policy, personal data means personally identifiable information that can be used to identify a specific individual. This data can include first name, last name, address, e-mail address, phone number, ID number or similar. The data can relate to private individuals or to contact persons in a professional capacity.
The Organisation respects all wishes concerning the non-disclosure of personal data, and we are mindful of the need to protect and process the personal data we receive and register in an appropriate and responsible manner.
The purpose of collecting, storing and processing data
The Organisation’s primary purpose is to manage copyrights on behalf of film and TV producers, etc, which includes redistributing rights revenue received from Copydan. In this connection, we collect and process data for the purpose of disbursing rights revenue and safeguarding our members’ interests when it comes to rights management. We also collect data in order to comply with current legislation and safeguard other legitimate interests (eg, the EU’s General Data Protection Regulation).
The Organisation exclusively collects, registers, stores and processes personal data that are used for this purpose.
The Organisation does not use collected data or personally identifiable information for marketing purposes. If the Organisation wants to use data/information as part of its marketing, we will ask for your consent.
What information do we collect and how do we collect it?
With reference to the purpose of collecting personally identifiable information, the Organisation collects the data listed below. We only collect the data necessary to enable us to safeguard the interests of the data subjects.
We collect most of the data directly from individuals/enterprises. The Organisation also obtains and registers data from publicly available credits lists, as well as from our cooperation partners.
We collect and process the following types of personal data:
- List of rights
- Job title
- Company name
- CVR no. (business registration number)
- Phone number
- E-mail address
- Bank account details
- Civil registration number
- ID number
- Information about previous distributions
- User name
As a member and right holder, you can check our members’ portal to see what information we have registered about you or the enterprise you represent. If you want to change, delete or add information, you must send us an e-mail.
If you do not have a member log-in with us, you can find out what information we have registered about you or the enterprise you represent by sending us an e-mail to firstname.lastname@example.org.
Members: Our data processing is done to enable us to honor our contract and thus meet the obligations that follow from the member’s declaration in which you or the right holder you represent authorize PRD to safeguard your interests as a right holder, which includes managing disbursements.
Other right holders: For other right holders, the legal basis for our processing is our legal obligation under the provisions of the Danish Copyright Act on extended collective licence, according to which we are also required to manage disbursements to right holders that are not members of our Organisation.
In other contexts, for example, when we receive personally identifiable information about productions that have been shown on TV, the legal basis is either agreements concluded or our legitimate interest in being able to comply with the provisions of the Copyright Act on extended collective license and in providing correct copyright management.
When you receive our newsletter, your consent constitutes the legal basis. You are entitled to withdraw your consent at any time. Withdrawal of consent does not, however, affect any data processing that has taken place prior to your withdrawal of the consent.
The Organisation’s legal basis in terms of initiating and maintaining security measures is the legislation concerning the balance of interests, as the Organisation has a legitimate interest in protecting its website and systems against, for example, hacker attacks.
We collect, use, disclose, transfer and store data for the above purpose in accordance with the legislation in force at any time in the field, including the principles for processing personal data.
Our ability to safeguard right holders’ interests relative to the purpose described above and to ensure the quality of our services depends on our having correct and complete data about you or the enterprise you represent at all times. It is the right holder’s duty at all times to keep the Organisation up-to-date with the relevant information.
If the information or data we process about you proves to be incorrect or misleading, you are entitled to have it rectified or erased. If the information concerns the enterprise that you represent, we reserve the right to contact the enterprise for confirmation of the change.
The Organisation is obliged to respond to your enquiry as quickly as possible and no later than a month after your request.
To whom do we disclose data?
We only disclose information and data to internal departments and trusted cooperation partners, including, for example:
- Auditors, attorneys and any others who may advise the Organisation
- The Danish Customs and Tax Administration
We disclose information and data for the sole purpose of safeguarding the interests of the enterprise you represent or your interests relative to the purpose described. The Organisation may also be required to disclose data to a third party if required by law.
We use MailChimp, a service provided by The Rocket Science Group, LLC, which is based in the USA, for sending out news mails. MailChimp thus stores and processes information about names and e-mail addresses for us in connection with sending out such mails. MailChimp participates in the EU Commission’s Privacy Shield framework.
The Organisation does not otherwise share personally identifiable information with other countries, either inside or outside the EU, without your knowledge. In those cases where the Organisation shares data with another country, we take the necessary steps to protect the data in the best possible manner.
How do we protect your data?
The Organisation has implemented physical and technical measures to protect all personally identifiable information. We have also adopted internal information security rules containing instructions, measures and access rights to prevent unauthorized persons from gaining access to or knowledge of your data.
In the event of an unintended breach of the Organisation’s security systems, all affected parties will be informed directly.
How long do we store your data?
The Organisation stores data for as long as is necessary for the purposes stated above. We have internal rules and erasure procedures that ensure data is erased when we no longer need to store it. However, for the purpose described above, the Organisation stores a large quantity of data indefinitely, for example, information about productions.
If you represent an enterprise in the capacity of contact person and no longer wish to be registered as a representative of the enterprise, please send us an e-mail with details on the new contact person. We reserve the right to contact your enterprise for confirmation of the change.
Regarding processing of personal data in connection with job applications.
If you send an application in connection with a position advertised by PRD or if you send an unsolicited application to PRD, we process you information in accordance with the Data Protection Regulation. The information will only be used internally in PRD in the recruitment process. However, in agreement with you we can store and process the information in connection with other or future positions. Only the persons directly involved in the recruitment will have access to the information. The information will not be shared.
The purpose of our processing of the information is to fill the advertised position or to process your unsolicited application. The processing is done according to Article 6 paragraph 1, letter b (fulfilment of contract) and letter f (interest guidance as we have a legitimate interest in processing applications and fill the position with a suitable candidate) of the Data Protection Regulation. If you submit sensitive information, we are processing this information in accordance with Article 9 paragraph 2, letter f and paragraph 1, letter f of the Data Protection Regulation.
If you are not employed, we will delete your information no later than three months after the rejection date unless you have given your consent for us to store your data for a longer period or there has arisen a legitimate need to store the data for an extended period. The purpose of the storage is to be able to document that the recruitment process has taken place in an orderly and lawful manner.
Subject to the restrictions imposed by law, you have certain rights regarding the processing of personal data, including the right of access to personal data, the right to have inaccurate data rectified, the right to have data erased, the right to have the extent of personal data restricted and the right to object to the processing of personal data.
You are entitled to receive the personal data you have provided to the Organisation (and the data we have obtained from other entities). If we process data about you as part of a contract to which you are a party, you can also have your data sent to you. You are also entitled to transfer this personal data to another service provider.
If you wish to exercise your right to data portability, you can receive your personal data from us in a commonly used format.
If you have any questions concerning the above personal data policy or would like further information, you are welcome to contact us at email@example.com
If you wish to send a complaint about the processing of your information and data, you can send it by e-mail to firstname.lastname@example.org or by letter to Producer Rights Denmark, Bernhard Bangs Allé 29, 2000 Frederiksberg, Denmark.
You are also entitled to file a complaint with a competent supervisory authority, including the Danish Data Protection Agency.
Full information about the data controller:
Producer Rights Denmark
Bernhard Bangs Allé 29