Privacy policy

1. Introduction

This privacy policy describes how Ørsted processes your personal data. 

We also refer to our other privacy policy on our websites (orsted.dk and orsted.com). These privacy policies apply to our business customers, suppliers, shareholders and job applicants.

2. Data controller

The legal entity responsible for collecting and processing your personal data is stated under the individual processing activities in section 3.

The data controllers’ contact details are listed below:

 Ørsted Services A/S
Company reg (CVR) no. 27446485
Kraftværksvej 53
DK-7000 Fredericia

Tel. +45 99 55 11 11
info@orsted.com

 

3. Processing activities

In the table below, we describe how we process your personal data. We recommend that you do not send or inform us of your national identification number or any sensitive information when you use our website and its features.

Purpose
Categories of personal data Legal basis for processing
Erasure

Using our digital services:

Data controller: Ørsted Services A/S

We process your personal data by using cookies and similar technologies when you use our digital services (website or apps). 

This is done for the following purposes:

  • Delivery of the digital service you have requested. 
  • Optimisation and development of the user experience of our website and the services we provide.
  • Statistics for how our website is used and to improve the website.

Read more about this in our cookie policy.

We also use various third-party cookies and social media plugins to make it easier for you to share content from our website on Facebook, LinkedIn, etc. For these types of processing, Ørsted will in some instances be a joint data controller with the supplier of the third-party cookies in question. You can read more about this and find a link to the privacy policies of the relevant third parties on the cookie list, which is found in our cookie policy.

We collect the data from the following sources:

  • Directly from you whenever you use our digital services

We process the following data about you:

General personal data:

  • Information about your behaviour on our digital services (e.g. number of visits, information about how you access our digital services, including IP address, use of browsers and operating system, cookies, your domains of origin as well as what content you read).
  • Information about clicks on our advertisements, including if you are doing this from the website of another organisation or company.

We process your personal data as described on the following legal basis:

  • GDPR, Article 6(1)(a) (consent).
  • GDPR, Article 6(1)(f) (necessary to pursuit our legitimate interest in providing the service you have requested, improving customer experience, developing and improving our digital services (in terms of both functionality and the system itself) and making it possible to share content on social media.)

We store your personal data as long as it is necessary for the purposes mentioned:

  • We store your personal data for up to two years from the date on which we registered your visit on our website. The specific storage period depends on the individual cookie. 
Read more about this in our cookie policy.

Customer communication:

Data controller: Ørsted Services A/S

Ørsted processes your personal data in order to communicate with you and to respond to your requests (e.g. providing service to you as an investor and giving you the best possible service).

We collect the data from the following sources:

  • Directly from you

We process the following data about you:

General personal data:

  • Name, telephone number, email address and company.
 

We process your personal data as described on the following legal basis:

  • GDPR, Article 6(1)(f) (necessary to pursuit our legitimate interest in being able to respond to your enquiry and communicate with you).
 

We store your personal data as long as it is necessary for the purposes mentioned:

  • We store your personal data for up to two years from the date on which you contact us. 
 

Social media: 

Data controller:
 Ørsted Services A/S

We collect your personal data when you visit our pages on social media, when you tag, recommend or mention us, our brand, etc., on the Internet, including social media, and otherwise whenever you communicate with us in these contexts.  

We have profiles on Facebook, Instagram, Twitter, LinkedIn, YouTube and other platforms. 

Together with Facebook and LinkedIn (‘social media’), Ørsted Services A/S is the joint data controller for the collection of personal data about you whenever you visit our company’s social media sites. You can read more in the agreement on joint data responsibility with Facebook here, and LinkedIn here

You can read more about the specific data that social media process about you when you visit our company site on social media in the privacy policies of the relevant third parties, which we have a link to in the cookie list found in our cookie policy.

We also use media monitoring providers to monitor coverage of our company on the Internet, including on social media.

We collect data from the following sources:

  • Directly from you when you visit our digital services and our company’s social media sites or if you send enquiries to us via social media.

  • Social media 

We process the following data about you: 

General personal data: 

  • Name, profile photo, username, IP address.

  • The data you have made available via social media settings, as well as your responses to our social media posts and your sharing of these. 

  • In addition, Ørsted processes the data about you that you send to Ørsted, for example in connection with a direct enquiry from you to us on social media. This will typically be your name and the question you are asking us.

The personal data which Ørsted receives when you commuicate with us on social media.             
 

We process your personal data as described on the following legal basis:

  • GDPR, Article 6(1)(f) (necessary  to pursuit our 
    legitimate interest in marketing and to obtain knowledge about users of Ørsted’s social media sites, as well as to communicate with users of Ørsted’s social media sites. 

We store personal data for as long as necessary to meet these purposes:

  • Erasure of the personal data we receive when you communicate with us on social media will depend on the content of the communication, pursuant to the other storage periods specified in this privacy policy.

  • We erase enquiries received in our social media inbox no later than after one year, unless Ørsted has a legitimate interest in storing the enquiry for a longer period. Examples of this are pending cases or if the processing of a response has not been finalised. 

  • Comments and similar public reactions to our profiles and posts are usually not deleted, unless you decide to delete these yourself, or in the event the tone is derogatory or abusive.

  • Data on social media, such as Facebook and Instagram, is stored by the social media companies according to the specifications in their own privacy policy.

4. Mandatory information

The information marked with asterisk (*) are mandatory. If you do not provide these data, we cannot:

  • Properly identify the pictures, videos and recordings of you and delete them in accordance with our retention policy ; and
  • pay the remuneration in accordance with the licence agreement 

5. Recipients of your personal data

Depending on the circumstances, Ørsted may share your data with:

  • Suppliers, including IT suppliers, support, suppliers of goods and financial institutions that we work with in order to assist Ørsted
  • Ørsted Group entities – see a list here 
  • Public authorities 
  • Business partners
  • Players in the energy sector (distribution companies, Energinet.dk, public authorities and energy suppliers)

6. Transfer to third countries 

In certain situations, we will transfer personal data to countries outside the EU/EEA. Such transfers to third countries will be made on the following legal basis:

  • The countries have been deemed by the Commission of the European Union to have an adequate level of protection of personal data (so called safe third countries). 

  • If the countries have not been deemed by the Commission of the European Union to have an adequate level of protection of personal data: Ørsted will provide appropriate safeguards for the transfer through standard contractual clauses, as published by the Commission of the European Union, for the transfer of personal data to third countries. You can obtain a copy of this contract by contacting us at info@orsted.com

7. Your rights

When we process your data, you have the following rights:

  • You have the right of access to, rectification or erasure of your personal data.

  • You also have the right to object to the processing of your personal data and to have the processing of your personal data restricted.

  • In particular, you have an unconditional right to object to the processing of your personal data for use for direct marketing purposes.

  • If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal of consent will not affect the lawfulness of the processing performed before withdrawal of your consent.

  • You have the right to receive the personal data that you have provided yourself in a structured, commonly used and machine-readable format (data portability).

  • You have the right to lodge a complaint with a supervisory authority (in Denmark: the Danish Data Protection Agency)

You can exercise your rights by contacting us, see section 8. These rights may be subject to conditions or restrictions. For example, you may not have the right to data portability in the case in question. This will depend on the specific circumstances in connection with the processing activities.

If you have requested to receive information from Ørsted, such as newsletters, and you no longer wish to receive these, you can unsubscribe at any time via the email that you receive or by calling us.

8. Contact Ørsted regarding the processing of personal data

If you wish to contact Ørsted regarding our processing of your personal data, please write to info@orsted.com or call us on +45 99 55 11 11. 

If you are not satisfied with our response, you can always lodge a complaint with your local data protection authority. 

In Denmark, the regulator is the Danish Data Protection Agency.

9. Changes in our privacy policy

This privacy policy replaces all previous versions. It will be necessary to update and amend this policy on an ongoing basis, and we thus reserve the right to update and amend it. In the event of an important amendment, we will notify you at orsted.com or send an email if we deem this necessary.
 
This privacy policy was last updated: September 2022.