Privacy policy CitySafes

Last updated: June 3, 2024

1. Controller’s contact information

1.1 Name of the Controller:

CitySafes Denmark ApS
Pilestræde 60, 1. Sal,
1112 København K
Cvr-nr. 41702516
Email: gpdr-dk@citysafes.com

2. Personal data we collect

2.1 We collect the following types of personal information from a lessee or a co-lessee:

2.1.1 Gender, First Name, Family name, surname, date of birth, address, country of residence, email address, phone number and camera footage of restricted areas where we keep our safe deposit boxes.

2.1.2 We do not store your passport or ID card, but we extract and store a copy of the photo on your passport or ID Card together with the following information: the type of identification, country of issue, document number, date of issue, and date of expiry.

2.1.3 We also collect information about your use of your safe deposit box, including footage of your visit to a facility or your interactions with us if you want to change or terminate your contract with us and your use of a power of attorney, including the power of attorney itself.

2.1.4 We also collect information about your payments, including deposit payment and any information pertaining to payment of fees or the lack of same.

2.2 We collect certain information collected through our use of cookies. We usually collect the following types of information from cookies if you consent to cookies:

2.2.1 Session information, user preferences, analytics data and advertising data.

2.3 We usually only collect information that you submit to us when you enter into a contract with us, or when you use your safe deposit box, and if we need to update your information. Please accept that if you are a co-lessee or a holder of a power of attorney from a lessee, we will register your personal information under the lessee’s account with us.

2.4 We may also receive information from third parties about you, but that would normally only be when we take over your contract for the use of a deposit box from your present supplier.

3. Purposes of processing

3.1 The personal data collected is processed for the following purpose(s):

3.1.1 The delivery of and access to a rented safe deposit box in a secure environment to manage our contractual relationship and to handle insurance claims.

3.1.2 To send service messages to you about changes to our services.

3.1.3 To send marketing information to you (only against your prior consent to the use of your e-mail or phone number, if this is required under national law).

3.1.4 Improving our service, including combating terrorist financing, money laundering and fraud and establishing, exercising, or defending legal claims whenever courts act in their judicial capacity and support the police with their investigations if we receive a legitimate request for handing out information on a specific safe deposit box.

3.1.5 To comply with our legal obligations.

4. Legal basis for processing

4.1 The legal basis for processing your personal data for entering and fulfilling your contract is the performance of a contract (Article 6(1)(b) of the GDPR).

4.2 Our legitimate interest is the legal basis for processing your personal data to improve our services, send you marketing information, and establish, exercise or defend legal claims (Article 6(1)(F) of the GDPR).

4.3 The legal basis for processing your personal data to comply with our legal obligations is (Article 6(1)(c) of the GDPR).

5. How we use your information

5.1 Your information is used in the following ways:

5.2 To enter into and fulfil our contractual obligations, including but not limited to granting you access to your safe deposit box, invoicing you, ensuring that the use of your safe deposit box is safe, and no misuse takes place and to keep records of your use of your safe deposit box and to ensure that you comply with our terms of service.

5.2.1 To improve our services to you and to optimize our offerings to you.

5.2.2 To communicate with you about your use of our services and to send you marketing information.

5.2.3 To comply with legal obligations, including but not limited to keeping records, to meet legitimate requests from authorities, to fulfil our obligation to undertaking anti-money laundering compliance and to prevent fraud.

5.3 We store your personal information inside the European Union.

6. Data retention

6.1 We retain your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

6.2 If you terminate your service with us, we will delete the personal information we no longer need, but we will keep your information or part of it for as long as required to comply with our legal obligations.

6.3 We normally delete any camera footage after 30 days unless we have a legitimate reason to keep it for longer.

7. Your rights under GDPR

7.1 Under the GDPR, you have several rights regarding your personal data, including:

7.1.1 Right to access: You have the right to request access to your personal data and to obtain information about how we process it.

7.1.2 Right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data about you.

7.1.3 Right to erasure: You have the right to request the deletion of your personal data where there is no compelling reason for its continued processing.

7.1.4 Right to restrict processing: Under certain circumstances, you have the right to request that the processing of your personal data be restricted.

7.1.5 Right to data portability: You have the right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

7.1.6 Right to object: You have the right to object to processing your personal data under certain circumstances, including for marketing purposes.

7.1.7 Rights in relation to automated decision-making and profiling: We do make decisions based solely on automated processing.

8. Right to lodge a complaint 

8.1 If you believe that the processing of your personal data infringes on the GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement. The supervisory authority will then inform you of the progress and outcome of your complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

8.2 For more information on how to lodge a complaint or to find the contact details, please visit the website of the Danish supervisory authority, the Danish Data Protection Agency, www.datatilsynet.dk.

Contact information:
Datatilsynet
Carl Jacobsens Vej 35
2500 Valby
Tlf. 33 19 32 00
dt@datatilsynet.dk

9. Changes to this privacy policy 

9.1 We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

10. Contact us

10.1 If you have any questions about this Privacy Policy, please get in touch with us at gdpr-dk@citysafes.com.

 

Rent a safe