Netcompany privacy policy

Data Protection Officer (DPO)
Ronnie Lykke Madsen
+45 70 13 14 40
Dear user of, this information is for you as a user of this website and relates to the nature and scope of our collection of your personal data on our website or in our business operations, the use of such personal data in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), as well as the purpose of this collection.

1 Privacy Policy 
1.1 This “Privacy Policy” explains how Netcompany Group A/S and our affliates (hereinafter together and separately as “Netcompany”, “we”, “us” or “our”), as listed in our consolidated Group Annual Report, processes personal data and what your rights are in relation to Netcompany’s collection, processing and retention of your personal data.
1.2 This Privacy Policy is addressed to our applicants, customers, suppliers, partners, collaborators, consultants, advisors and other parties that we are involved with.
Data Controller 

The entity responsible for the processing of your personal data depends on which entity you are working with:

Location Company Address

Netcompany Group A/S
Netcompany A/S

Grønningen 17
DK-1270 Copenhagen

United Kingdom Netcompany UK Limited

Northburgh House
10 Northburgh Street, London
Greater London, EC1V 0AT
United Kingdom

Poland Netcompany Poland Sp. Z o.o.

ul. Puławska 182
PL - 02-670 Warzaw

Norway Netcompany Norway AS

Henrik Ibsens gate 20
NO - 0255 Oslo

The Netherlands Netcompany Netherlands B.V.

Kanaalweg 3b
2628 EB Delft


The contact details of our Data Protection Officer are as follows:

Ronnie Lykke Madsen
+45 70 13 14 40

Whistleblower system 
3.1 The Whistleblower system found on our website is an independent and autonomous channel, which is secured by using an external law firm (Plesner). Some personal data might be collected in this matter, if you choose to use the system – it will however not be disclosed to Netcompany, unless there is a legal requirement to disclose it. We recommend that you read Plesners Privacy Policy regarding their collection of personal data, which can be found by following this link. (
4 Purposes for processing of personal data
4.1 Netcompany limits our collection, storing and processing of personal data to situations where a specific purpose exists. Below we have listed the most relevant purposes and some of the activities associated with such purpose:
4.1.1 Applications and recruitment:
E.g. applicants applying for a job (whether solicited or non-solicited), potential candidates participating in various events (whether socially or academically), candidates contacting Netcompany with the purpose of hiring (whether as a regular employee or freelancer), entering and participating in Netcompany’s recruitment process and when participating in job interviews and/or personality tests.
4.1.2 Business operations:
E.g. operating and managing the IT and communications systems, managing product and service development, buying various goods and items from suppliers, improving products and services, managing company assets, allocating company assets and human resources, strategic planning, project management, business continuity, compilation of audit trails and other reporting tools, maintaining records relating to manufacturing and other business activities, maintaining security of premises, budgeting, financial management and reporting, communications, managing mergers, acquisitions, and reorganization or disposals.
4.1.3 Communication:
E.g. facilitating communication with employees, use of photographs in newsletters and other material distributed within Netcompany and to partner entities and subsidiaries, providing references, ensuring business continuity, protecting the health and safety of employees and others, safeguarding IT-infrastructure, office equipment and other property, facilitating communication in an emergency, e.g. publication of contact information and pictures on our website in accordance with our general strategy for external communication.
4.1.4 Compliance:
E.g. monitoring compliance with internal policies or applicable laws, complying with legal and other requirements, such as income tax and national insurance deductions, record keeping and reporting obligations, conducting audits, compliance with government inspections and other requests from government or other public or regulatory authorities, responding to legal process such as subpoenas, pursuing legal rights and remedies, defending litigation and managing any internal complaints or claim and complying with internal policies and procedures.
4.1.5 User experience on our website:
When you use our website, cookies are used to collect personal data about your behaviour. See Netcompany’s cookie policy.
Categories of personal data 
5.1 Personal Data

Netcompany generally processes personal data that you provide or that is provided to us by business partners (e.g. your employer). Usually, that amounts to some of the following categories of ordinary personal data e.g.:

Name, maiden name and surname, e-mail and telephone details, home address, date of birth, gender, photograph, details of external references provided by candidates, description of current position and title, employment status and type, details contained in letters of application and resume/CV, previous employment background and references, education history, professional qualifications and academic credentials, language(s) and other relevant skills and personality test results.

5.2 Sensitive personal data

Sensitive personal data is defined as:

  • Personal data regarding racial or ethnic origin;
  • Political opinions;
  • Religious or philosophical beliefs;
  • Trade-union membership;
  • Genetic and biometric data for the purpose of uniquely identifying a natural person;
  • Data concerning health or data concerning a natural person's sex life or sexual orientation;
  • Criminal offences.
5.2.2 As a general rule, Netcompany does not process sensitive personal data. However, in connection with an application, We may ask for a criminal record to be provided.
Collection of personal data 

We may collect personal data from the following source(s):
(1) directly from you, such as through the application process, partnerships or other forms where you provide information to Netcompany in connection with your application, partnership, consultancy work, advisory work etc.;

(2) from group entities or subsidiaries such as through the application process, partnerships, or other forms where you provide information to the group entity or subsidiary in connection with your employment, partnership, consultant work etc.;

(3) during your activities in the course of your application, partnership, consultant work, such as through your performance and interaction with other employees, customers, or other individuals;

(4) from third parties which may include:

  • references from former employers, business partners or similar, background checks from relevant agencies and external recruiters;
  • from public authorities, procurements, registries, databases or websites;
  • furthermore we may collect personal data that is available to the public online, such as from websites, LinkedIn, or similar medias.

7  Legal basis for processing of personal data

We process personal data on the following legal bases:

(A) Article 6.1.a (Consent):
E.g. when you provide Netcompany with the relevant personal data directly or you provide Netcompany with your explicit consent to obtain such personal data.
(B) Article 6.1.b (Necessary for the performance of the contract between you and Netcompany):
E.g. when it is necessary for Netcompany to comply with a contractual obligation.
(C) Article 6.1.c (Necessary for Netcompany to comply with a legal obligation):
E.g. when Netcompany has to comply with laws on bookkeeping and financial reporting etc.
(D) Article 6.1.f (Necessary for the pursuit of legitimate purposes of Netcompany):
E.g. when Netcompany stores contact information in our CRM system to handle client relations.
(E) Article 9.2.b (necessary for the purpose of carrying out obligation in the field of employment, social security and social protection):
E.g. when Netcompany must comply with employment laws etc.
(F) Article 9.2.f (necessary for the establishment, exercise or defence of legal claims):
E.g. in cases where it is necessary for Netcompany to either establish, exercise or defend legal claims.

8 Recipients of personal data

Netcompany will generally limit any sharing of your personal data and always only to the extent necessary. However, we might share your personal information with:

  • Suppliers, business partners and vendors that we work with to assist our business (meaning service providers, technical support, supply services, and financial institutions);
  • Group entities (see below);
  • Public authorities.
8.2 Certain recipients process personal data on behalf of Netcompany (so called data processors) and may only process your personal data in accordance with the instructions given by Netcompany. These third parties may not process your personal data for their own purposes.
8.3 To the extent Netcompany disclose or transfer your personal data to these third parties who may use your personal data for their own purposes, such disclosure or transfer will only take place if it is in accordance with applicable law or with prior consent obtained from you, where required.
8.3.1 Some of your personal data may be shared internally within the Netcompany Group. Note that we generally use the same systems across the entire Netcompany Group. All entities in the Netcompany Group has entered into an Intra Group Agreement to ensure that all entities follows the same procedures and level of security for processing your personal data.
Transfer to countries outside the EU/EEA 
9.1 Netcompany generally refrains from transferring personally data to countries outside the EU/EEA.

Should transferring personally data to countries outside the EU/EEA be necessary, such transfers will only take place for the specific purposes mentioned above under Section 3, and we will always ensure to notify you and ensure that appropriate safeguards are in place for such transfer as set out below:

(a) Either if the country/countries has/have been deemed by the Commission of the European Union to have an adequate level of protection of personal data.

(b) If the country/countries has/have not been deemed by the Commission of the European Union to have an adequate level of protection of personal data, We will provide appropriate safeguards for the transfer, either:

  • Through the use of "Model Contracts for the Transfer of Personal Data to Third Countries", as published by the Commission of the European Union, or any other contractual agreement approved by the competent authorities.
  • or through the use of an approved code of conduct pursuant to Article 40, an approved certification mechanism pursuant to Article 42.

10 Retention Policy 
10.1 We will store Personal Data as long as it is necessary in order to fulfil the purposes mentioned, unless there are specific legal reasons, and/or a legal requirement for a longer retention period.
10.2 Person data obtained in connection with applications and recruitment will be deleted after 6 months from the time the candidate is rejected, unless there are specific legal reasons, and/or a legal requirement for a longer retention period.
10.3 Personal data obtained in connection with business operations will be deleted according to either Netcompany’s Internal Privacy Policy or according to the agreed upon terms with our suppliers within the purpose of the use of your data, unless there are specific legal reasons, and/or a legal requirement for a longer retention period.
10.4 Personal data obtained in connection with  communications will be deleted according to Netcompany’s Privacy Policy, unless there are specific legal reasons and/or a legal requirement for a longer retention period. 
Your rights as a data subject
11.1 Overview of rights 
11.1.1 You have certain rights, which are listed and further described below. Netcompany has taken necessary and adequate steps to protect your personal data and ensure your rights as a data subject.
11.1.2 Please note that certain exceptions may apply, e.g. if the processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims.

As a main rule, you have the following rights:

  • To request access to your personal data;
  • To request rectification of your personal data;
  • To request erasure of your personal data;
  • To object to the processing of your personal data and have the processing of your personal data restricted;
  • You have the right to receive your personal information in a structured, commonly used and machine-readable format (data portability);
  • You may always lodge a complaint with a data protection supervisory authority, e.g. The Danish Data Protection Agency.
11.2 Exercising your rights

You may take steps to exercise your rights by contacting Netcompany’s appointed DPO.

Ronnie Lykke Madsen
+45 70 13 14 40 

11.2.2 Please note, that there may be more conditions or limitations on these rights than stated above. It is therefore not certain for example you have the right of data portability in the specific case - this depends on the specific circumstances of the processing activity.

12  Withdrawal of consent
12.1 We hereby inform you, that when the processing of your personal data is based on your consent, you may withdraw your consent at any time.
12.2 However, please note that this does not affect Netcompany's processing of your personal data prior to withdrawal of your consent.

You may withdraw your consent by contacting Netcompany’s appointed DPO.

Ronnie Lykke Madsen
+45 70 13 14 40

13  Filing of complaint 

If you wish to file a complaint regarding Netcompany’s processing of your personal data, you can contact Netcompany’s DPO.

Netcompany Group A/S
Grønningen 17
DK-1270 Copenhagen
CVR-no. 39 48 89 14
+45 71 13 14 40
Email address:

If your complaint is not resolved, please feel free to contact the local Supervisory Authority.

Country Supervisory Authority 
Denmark Danish Data Protection Agency (Datatilsynet)
Borgergade 28, 5
DK-1300 København K
Tel: +45 33 19 32 00
Poland Urząd Ochrony Danych Osobowych (Personal Data Protection Office)
ul. Stawki 2
00-193 Warsaw
Tel. +48 22 531 03 00
Fax: +45 22 531 03 01
Norway Datatilsynet
Tollbugata 3
0152 Oslo
Tel: +47 22 39 69 00
United Kingdom The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow - Cheshire SK9 5AF
Tel: +44 1625 545 700
The Netherlands Autoriteit Persoonsgegevens
Bezuidenhoutseweg 30
P.O. Box 93374
2509 AJ Den Haag/The Hague
Tel: +31 70 888 8500
Fax: +31 70 888 8501
14 Changes to the Privacy Policy 
14.1 This Privacy Policy will be updated on a regular basis and when necessary due to changes in applicable law. The Privacy Policy will always include information on the effective date of the latest version.
Latest version was approved and adopted on 1 November 2019.