Every day, EG handles data for organisations and companies and, as such, hundreds of thousands of citizens in many countries.
Therefore, we adhere to the EU GDPR and do everything we can every day to take good care of your data.
Digitisation and data utilisation is the future
Without greater digitisation and better use of data it will be difficult to maintain and develop our welfare system.
We need to know more if we are to act in the right way when managing local and global challenges such as shortage of resources and the green shift.
This is why EG takes responsibility for safely receiving, storing, handling and sending data, so that together we can exploit the great potential in digitisation and effective use of data - securely and to the benefit of all.
As a data processor, EG must ensure that our customers have provided us with instructions on how they want their data to be processed in our systems.
We are therefore responsible for ensuring that there is an updated data processing agreement between ourselves and our customers.
EG's standard data processing agreement is based on the Danish Data Protection Agency's template, while the customised agreements in the same manner are based on the customer's specific requirements and as a minimum comply with all the minimum requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
If you have questions regarding data processing agreements, please email email@example.com.
In its ruling of 16 July 2020 in what has been referred to as the Schrems II case, the European Court of Justice has determined that Privacy Shield cannot be used as the basis for transfer to the USA.
EG has therefore agreed with all its suppliers that, in general, personal data will only be stored in the EU. It is thus only when updating security systems and other technical updates that personal data can be accessed by employees from third countries, including the USA. In exceptional cases, personal data is stored outside the EU.
Storage and handling of personal data takes place in accordance with the European Commission's Standard Contractual Clauses (SCC) and/or Binding Corporate Rules.
EG checks the suppliers' technical and organisational security measures to ensure that our customers' personal data is stored and handled correctly, and that the suppliers continue to have a security level that at least guarantees an equivalent level of security as in the EU.
EG regularly has IT audit statements of the type ISAE 3000 and ISAE 3402 drawn up, which document how we comply with legal requirements and good IT practice.
If you have questions concerning the audit statements or use of audit statements from one of our business units, please send an email directly to firstname.lastname@example.org.
Secure email to and from EG
We have made it easy and secure to exchange emails with us. Do the following to be secure:
Support cases must be sent to: email@example.com, which is a secure, encrypted mailbox. Queries concerning the data processing agreement must be sent to firstname.lastname@example.org Additionally, EG can make available a secure mailbox using a secure email address with TLS encryption, which ensures tunnel encryption, i.e. secure transfer from sender to recipient.
The mailbox supports end-to-end certification with NETS' certificate.
The certificate gives you the assurance that
the message is from the person that sent it
the message has not been changed during transmission
unauthorised parties cannot read the contents of the message.
Sign your agreements digitally
To make it easy for our customers to sign agreements and contracts from EG, we use the Contract Lifecycle Management System, DocuSign.
The solution makes it easy, for example, to review and accept the data processing agreement while also ensuring that certain basic details that we are required to keep up to date, such as contact person and contact details in the case of security breaches, as well as contact details of your data protection advisor, are in order.
With DocuSign, documents can be:
accessed 24/7 from all platforms
read, signed and returned immediately
securely stored, encrypted with complete audit trail
Apart from our data processing agreements, EG has a set of standard delivery terms, which govern the cooperation with our customers.
The delivery terms apply to all our agreed deliveries unless otherwise expressly waived in writing, and where it can with certainty be determined that it has been our intention to waive these delivery terms.