Theshepherd.dk

Privacy & Data Protection Policy

The Shepherd is determined to ensure the accuracy, confidentiality and security of the personal data the company processes on you. This data protection policy is intended to inform you about which personal data the company collects, how The Shepherd uses the data and who has access to the data.
This data protection policy applies to the personal data of The Shepherd’s customers. This policy will refer to The Shepherd as we or us and to customers as you.   

If you are in any doubt about how this policy apply to you, please contact us at cs@theshepher.dk for further information.   

1. Purpose and legality
The Shepherd aims to meet the requirements of all applicable data protection legislation and this policy is based on the European Union, GDPR protection of privacy as regards the processing of personal data (“Data Protection Legislation”). 

2. What is personal data? 
Personal data within the meaning of this policy is information about an identified or an identifiable person, i.e., information that can be directly or indirectly linked to a particular person. Data that is unidentifiable or anonymous is not considered to be personal data.  

3. Personal data that The Shepherd collects and processes
In connection with our communication and collaboration with you, we may collect personal data about you. Different personal data may be collected on different parties and the processing and collection of personal data may depend on your relationship with us.

Our customers are mainly individuals, but they may also be legal persons. When customers are a legal person they have representatives and employees whose personal data we may process. The personal data is primarily contact information, e.g., name, email address, job title and phone number. 
Regarding our communication with you we may need to process a variety of personal data, e.g.: 
  • contact information, e.g., name, ID number, address, phone number and email address;
  • interests;
  • travel period;
  • information on the purpose of the trip and special wishes for the trip;
  • information regarding the combination of the travel group; 
  • health and religion information;
  • country of residence;
  • IP number, when needed; and
  • billing information. 
 

In addition to the aforementioned information, The Shepherd may collect and process other data that you provide to the company, e.g., photographs, as well as data that is essential for the company’s business. 

In general, The Shepherd obtains the personal data directly from you. If data is obtained from a third party the company will ensure to inform you. 

 

4. Why do we collect and process personal data and on what grounds?
The processing of personal data about you is mainly based on our agreement with you, or the party which you work for. This includes contact information so we can contact you and send invoices.  

Personal data may also be processed based on your request to enter into an agreement. This includes data on interests, travel period, information on the purpose of the trip and special wishes for the trip. Sensitive personal data will only be processed based on your explicit consent. Such data is only collected when deemed necessary.  
In addition, personal data may be processed on the ground of our legitimate interests, e.g., when your email address is used to send customer surveys and, as appropriate, direct marketing. If you do not provide The Shepherd the necessary information the company may not be able to enter into an agreement with you, or the legal person you represent, for the requested service and/or the company may be unable to fulfill its obligations on the basis of the agreement.  
 
If the collection and processing is based on your consent, you can always withdraw the consent. All communications relating to such withdrawal or changes to the consent shall be directed to cs@theshepherd.dk 
The Shepherd undertakes to ensure that all processing of personal data is lawful, fair and transparent. Data will only be collected for a specific, explicit and legitimate purpose and collecting and processing will not go beyond what is necessary for the purpose of the processing. The processing shall always be adequate, relevant and limited to what is necessary for the purpose for which they are processed. 
 

5. Disclosure to third parties
The Shepherd may disclose your personal data to contractors, consultants and suppliers in relation to their work for the company only. Therefore, personal data may for example be disclosed to external parties that provide us with IT services, but also to service providers of trips or accomendation that we book on your behalf. 

The Shepherd will not disclose data to parties located outside of the European Economic Area unless such transfer is permitted according to appropriate data protection legislation. The Shepherd ensures to inform you about any disclosure of personal data to countries outside of the European Economic Area. Finally, your personal data may be disclosed to the extent permitted or required by applicable legislation or regulations or to respond to legal actions such as search of premises, subpoenas or court rulings. Disclosure may also be necessary in emergency situations to ensure the safety of the employees of The Shepherd or third parties.  

6. How is the safety of personal data secured?
The Shepherd ensures to take appropriate technical and organisational measures to protect the safety of your personal data, with special regard to the nature of the data. For example, The Shepherd has access controls to systems which store data about you. These measures are meant to secure personal data against accidental destruction or alteration and against unauthorised access, duplication, use or disclosure of the personal data.

7. Retention of personal data
The Shepherd will ensure to retain your personal data only for as long as necessary for the purpose of the processing, unless otherwise permitted or obligated by law.

8. Your rights regarding the company’s processing 

You are entitled to request access to the personal data we process on you and information on the processing. You may also be entitled to a copy of the personal data undergoing processing.

Under certain circumstances you may have the right to request that we erase personal data concerning you without undue delay. You may also have the right to obtain from us the restriction of processing, where certain requirements are fulfilled. You are also entitled to request rectification of inaccurate data on you. It is therefore important that if your personal data happens to change during the course of your relationship with The Shepherd, that you keep us informed of such changes

You may furthermore be entitled to a copy of the personal data that you have provided to us in electronic form, or request that we transmit them direct to a third party.

When we process your personal data based on legitimate interests you are at any time authorised to object to the processing.

The aforementioned rights are however not without limitation. Laws and regulations may authorise or oblige the company to deny your request. However, your right to object the processing of your personal data for direct marketing purposes is unconditional. 

9. Enquiries and complaints to the data protection authority
If you wish to exercise your rights according to Clause 8 of this policy, or if you have any questions regarding this data protection policy or how we process your personal data, please contact cs@theshepherd.dk who will seek to answer any enquiries you may have and instruct you on your rights pursuant to this policy.

10. Communication with the company

If you have any questions about the way our data protection policy is enforced at The Shepherd, please contact: cs@theshepher.dk

Scroll to Top