The website you are visiting is owned and operated by VISDA – Visual Rights Denmark S/I, Bryggervangen 8, 2100 Copenhagen Ø, Denmark. When we use your personal data on our website or manage your copyright, VISDA is your data controller and the entity you can contact.

We collect your personal data when you give it to us by accepting cookies, including when you communicate with us by e-mail or other channels; when you, as a customer, buy image licences from us; when you apply for a position with us; and when you respond to our communication or request information. When managing your copyright, we will also collect your personal data in accordance with the collective management of your copyright as approved by the Danish Ministry of Culture – see the Act on Collective Management of Copyright and Related Rights (‘the Copyright Act’) – and carry out checks to ensure it is complied with. You can read more about your rights in connection with collective management here.

When you use our website

When you interact with our website, we collect cookies to enable the website to function properly and be optimised. You will find more information about this practice in the ‘Cookies and pixel tags’ section below. Our processing is based on Article 6 (1) (a) of the General Data Protection Regulation.

When you buy image licences

When you buy image licences, we collect certain personal information, including your name, address, e-mail address and payment details to enable us to fulfil our part of the contract with you regarding the delivery of a licence to copyright-protected material. In this case our processing is based on Article 6 (1) (b) of the General Data Protection Regulation.

When we manage your copyright

In your capacity of right holder, we collect information about you, such as your name, address, bank account number and civil registration number (CPR number) in order to comply with the legal requirements regarding the collective management of your copyright. This information is also collected when we distribute Cultural Funds under the guidelines laid down by the Danish Ministry of Culture. In this case our processing is based on Article 6 (1) (c) of the General Data Protection Regulation.

To ensure compliance with the Copyright Act, we carry out checks adapted to the individual activities. Our processing is based on Article 6 (1) (f) of the General Data Protection Regulation, where our legitimate interest in being able to enforce or defend a legal claim takes precedence over your interests and fundamental rights.

We receive information about you from social media, including when you interact with us on social media and what content you access on social media. The information we receive is governed by the privacy policy of the relevant social media, which we encourage you to review.

If you are a right holder, we receive data about the use of your copyright from other management organisations as part of our management of your copyright.

We do not sell, rent or in any other way share your personal data with others for their independent use, unless expressly described in this privacy policy or we have obtained your prior permission.

We share your personal data with our suppliers who carry out services on our behalf, such as hosting, e-mail and analytical services, payment card suppliers and IT providers. Regardless of where we, or the suppliers carrying out such services on our behalf, use your personal data, we take appropriate measures to protect your personal data.

We will also share your personal data when required by legislation, when data sharing is necessary in order for us to fulfil our contract with you and when we consider data sharing necessary in order to provide our services. In such cases, disclosure will be based on Article 6 (1) (b) or Article 6 (1) (f) of the General Data Protection Regulation.

In principle, we do not transfer your data to countries outside the EU/EEA. In special cases we may, in connection with managing your copyright, transfer data to non-EU/EEA countries to approved management organisations with which we have a personal data exchange agreement. In such cases, disclosure will be based on Article 49.1.e of the General Data Protection Regulation pursuant to Article 6.1.c of the General Data Protection Regulation.

We store your data for no longer than necessary to fulfil the purposes for which we collected the data or for as long as required in order for us to meet our legal obligations towards you or similarly to protect our rights.

As regards job applications, we erase your personal data six months after a specific job application has been finally rejected.

As regards image licence purchases, we erase your personal data on expiry of the copyright to the specific work for which an image licence has been purchased, unless payment has been made immediately prior to or after expiry of the copyright. In such cases, we erase your personal data five years after the closing of the financial year in which the last payment was made relative to the copyright to the work that we administer (a financial year runs from 1 January to 31 December).

When managing your copyright, we erase your personal data when the copyright to the work administered by us expires, unless payment has been made immediately prior to or after expiry of the copyright. In such cases, we erase your personal data five years after the closing of the financial year in which the last payment was made relative to the copyright to the work that we administer (a financial year runs from 1 January to 31 December).

We erase cookies and tags six months after collection.

On our website, we use various methods such as cookies and pixel tags to collect data including (1) IP address, (2) personal cookie identifier, cookie information and information about whether your device has software that can access certain functions, (3) personal device identifier and device type, (4) domain, browser type and language, (5) operating system and system settings, (6) country and time zone, (7) previously visited websites, (8) information about your interaction with our websites, such as click behaviour, purchases and settings selected , and (9) access time and reference URLs.

We basically use two categories of cookies on our website:

Functional: These cookies are necessary for the website’s basic functionality and as such are always enabled. Among other things, functional cookies mean you will be remembered as you browse our site in a single session or from visit to visit, if you so wish. They enable the purchasing process and help with security issues and regulatory compliance.

Performance: Performance cookies allow us to improve the functionality of our site by following its use. In some cases, these cookies improve our processing time in response to your request and allow us to remember your website settings. Disabling performance cookies may impair the customisation level of recommendations and website performance.

You can see a list of the cookies we place in your browser when you visit our website here (in Danish only).

When you use social media or a social media plug-in, you give the social media concerned permission to use your personal data for the media’s own purposes, which we do not control, and where registration takes place via the given social media. This use is described in more detail here:

• Facebook
• LinkedIn
• Instagram

If you do not want us to place or download cookies onto your equipment, you can disable cookies in your web browser settings, where you can choose which cookies to allow, block or delete.

You can also choose to have your computer warn you every time a cookie is sent, or you can choose to disable all cookies. You can do this in the internet settings in each of your browsers and devices. All browsers are slightly different, so check your browser’s help function for the right way to change your cookie settings.

We use suppliers that implement security measures consistent with good industry practice, and we use only encrypted data communication when transferring sensitive personal data. When necessary, appropriate and possible, this entails obtaining written assurance from third parties with access to your personal data guaranteeing that they will protect the data with security measures designed to provide an adequate level of protection.

However, no information system can be totally secure. Accordingly, we cannot guarantee the absolute security of your data. Furthermore, we are not responsible for the security of the data you send us via networks not under our control, including the internet and wireless networks.

Under Chapter III of the General Data Protection Regulation, you have a number of rights with regard to our processing of your personal data:

• You are entitled to request access to your personal data as well as to have your personal data rectified or erased.
• You are also entitled to object to the processing of your personal data and to have such processing restricted.
• Specifically, you have an unconditional right to object to the processing of your personal data for direct marketing purposes.
• If your personal data processing is based on your consent, you have the right to withdraw your consent at any time either by using the cancellation functions highlighted in our latest communication or by contacting us via the contact details above. Your withdrawal of consent will not affect the lawfulness of any processing carried out prior to your withdrawal of consent.
• You are entitled to receive the personal data that you have personally submitted in a structured, commonly used and machine-readable format (data portability).

Your rights may be subject to conditions or restrictions. Accordingly, you are not certain, for example, to be entitled to data portability or erasure in a given case – this will depend on the specific circumstances associated with the processing activities.

You can read more about your rights in the Danish Data Protection Agency’s guidance on data subjects’ rights, which you will find here www.datatilsynet.dk.

You are entitled to file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You will find the Agency’s contact details at www.datatilsynet.dk.

If you have any questions about our privacy policy or wish to exercise your rights, you can use one of the following options:

• Ordinary mail – VISDA – Visual Rights Denmark S/I, Bryggervangen 8, 2100 Copenhagen Ø, Denmark.
• E-mail – mail@visda.dk

We may occasionally change this privacy policy in response to new technologies, industry practice, legal requirements or for other purposes. We will inform you by e-mail and on our website if such changes are significant, and if required by current legislation, we will obtain your consent.

The use of our website is governed by Danish law, and any disputes concerning or arising out of the use of our website will be decided by the courts of Denmark.