Data Protection Policy

At the Danish Health Data Authority, we process a range of personal data in various contexts. Here, you can read how we collect, manage, and protect your personal data.

The Danish Health Data Authority is the data controller for the personal data we process in connection with the performance of our public authority tasks or when you have been in contact with us.

Tasks and responsibilities of the Danish Health Data Authority

The Danish Health Data Authority is an agency under the Ministry of the Interior and Health. The Authority’s main tasks are regulated in Section 220 a of the Danish Health Act.

The Danish Health Data Authority’s primary task is to support the healthcare sector by collecting and making health information available to healthcare professionals, decision makers, and citizens.

We ensure digital coherence and create digital solutions for the benefit of citizens, patients, and healthcare professionals, as well as for administrative, statistical, and scientific purposes in the healthcare and eldercare sectors.

We are responsible for a number of databases, registers, and services that, among other things, contain information about treatments in the healthcare system, the health of the Danish population, and the use of medication.

Some of this information includes personal data that is registered in connection with patient treatment at hospitals, in municipalities, and by general practitioners and is reported to the Authority.

Principles for the collection of personal data

We only collect personal data for lawful purposes and only to the extent necessary to fulfil the purpose of the processing.

Most of the personal data we process are based on other legal provisions than the Danish Data Protection Act, such as the Danish Healthcare Act and the Pharmacy Act.

Secure storage and processing of personal data

We have implemented a range of security measures to protect your personal data processed by the Danish Health Data Authority.

These security measures include, among other things, ensuring that employees at the Danish Health Data Authority only have access to your personal data when they need it for their work.

In addition, our employees must complete training in information security and data protection once a year.

Other service providers

In some cases, we ask others to carry out tasks on behalf of the Danish Health Data Authority.

This may include, for example, the display of your personal data on sundhed.dk or the operation of the Shared Medication Record.

We enter into data processing agreements with these providers to ensure that your personal data is only processed for the specific task and according to our instructions. When the provider’s task is completed, the personal data is either deleted or returned to the Danish Health Data Authority.

Do you have any questions?

If you have questions about our processing of personal data or about your rights in connection with the processing, you can contact us via borger.dk.

You can find guidance (in Danish) on how to send secure mail to the Danish Health Data Authority here:

Go to Borger.dk

In the field 'Recipient', select 'Sundhedsdatastyrelsen', and in the field 'Category', select 'Databeskyttelse' (Data Protection).

You can also contact our Data Protection Officer. Contact details can be found at the bottom of this page.

The Data Protection Officer is employed by the Danish Ministry of the Interior and Health and advises, among others, the ministry and the agencies on data protection and data protection legislation.

When we process your personal data, you have a number of rights under data protection law. However, there may be exceptions that mean your rights do not apply in certain cases.

Below you can read about your rights. Please contact us, if you wish to exercise your rights.

Right of access

You have the right to access the personal data we process about you, and a range of other information about how we process your personal data.

On sundhed.dk, you can view some of the personal data that the public healthcare system has registered about you.

This includes, among other things, some of the information we process at the Danish Health Data Authority:

  • Medication data
  • Your basic information, such as address, preferred language, etc.
  • Your appointments with the healthcare system
  • Your decision to opt out of resuscitation attempts

In addition, you can view the ‘Log’ page on sundhed.dk to see who has accessed your personal data, including medication or basic information.

Right to rectification

You have the right to have incorrect information about you corrected.

If you find errors in the information registered about you on sundhed.dk and wish to have the information corrected, you must contact the hospital, doctor, or other medical practice that registered the information.

Please note that the information will rarely be fully deleted, as it formed the basis for your treatment and is therefore covered by the healthcare professionals’ duty to keep records.

If you have requested access to your personal data from the Danish Health Data Authority and find errors, you must initially contact the hospital, doctor, or medical practice that registered it.

Right to erasure

In certain cases, you have the right to have your personal data erased. However, there are significant exceptions to this right in relation to the data processed by the Danish Health Data Authority.

You can request deletion of data if it is incorrect or misleading. You can do this by contacting us, and we will assess whether deletion is possible.

However, please note that the Danish Health Data Authority, as a public authority, in most cases is obligated to keep the data on record under applicable legislation, including for example the Danish Health Act, the Danish Public Administration Act, and the Danish Access to Public Administration Files Act.

Right to restriction of processing

You have the right to have the processing of your personal data restricted in certain cases.

You have the right to restriction of processing in the following situations:

  • You believe that the personal data is incorrect. In this case, we must restrict processing until we have determined whether the data is correct.
  • If the data is processed unlawfully.
  • If we determine that your personal data is no longer needed for the original purpose, but it is needed to establish, exercise, or defend a legal claim.
  • You have objected to our processing of your data. In this case, we must restrict processing until it has been determined whether our legitimate interests override your interest in restriction.

If you wish to exercise this right, please contact us. We will assess whether restriction is possible in your case.

Right to object to processing

In certain cases, you have the right to object to our otherwise lawful processing of your personal data.

You must contact us, and we will assess whether restriction of processing is possible.

Right to data portability

In certain cases, you have the right to obtain your personal data and request that it be transferred from one data controller to another.

However, the General Data Protection Regulation does not grant the right to data portability when:

  • The processing is necessary to perform a task in the public interest.
  • The processing is part of the exercise of official authority vested in the controller.
  • A data controller performs public tasks or complies with a legal obligation.

This means that the Danish Health Data Authority is generally not required to ensure data portability.

Right to withdraw consent

As a general rule, the Danish Health Data Authority processes personal data based on legal authority. This means that processing does not require your consent.

If the Danish Health Data Authority processes your personal data on the basis of your consent, you have the right to withdraw your consent at any time. You can do so by contacting us. If you choose to withdraw your consent, this does not affect the lawfulness of the processing that was carried out on the basis of your previous consent before you withdrew it. Therefore, the withdrawal only takes effect from that point in time.

If you have contacted the Danish Health Data Authority either electronically or by physical letter, we will process the personal data that appears in your inquiry. Your data will be included in a case file that is created in our electronic records management system.

If you have contacted us regarding access to your personal data, deletion of personal data, or other matters, we ask that you send your inquiry via Digital Post on borger.dk. We do this to confirm your identity, help us locate your information, ensure it is sent to the correct recipient, and so communication is secure.

It is voluntary whether you use Digital Post and whether you provide your civil registration number (CPR). If you choose not to, it may mean that we cannot respond to your inquiry.

Purpose and legal basis for processing your personal data

The Danish Health Data Authority processes your personal data in connection with your contact with us for the purpose of:

  • Complying with our administrative obligations under the Danish Public Administration Act and the Danish Access to Public Administration Files Act
  • Handling your inquiry
  • Ensuring effective and efficient case management
  • Keeping records of the cases we have handled and enabling access to previous practice

The purpose of processing your inquiry may also be linked to our statutory task under Section 220 a of the Danish Health Act, as the case processing forms part of the fulfilment of the Danish Health Data Authority’s responsibility for managing digitalisation and data in the healthcare and eldercare sectors.

Thus, the Danish Health Data Authority processes your personal data under its statutory authority, Health Act Section 220 a, as well as the Danish Public Administration Act and the Danish Access to Public Administration Files Act.

We also process your personal data under data protection legislation.

We process general personal data under:

  • GDPR Article [CHH2] 6(1)(b): When necessary for entering into or performing a contract with you
  • GDPR Article 6(1)(c): When necessary to comply with a legal obligation that applies to us
  • GDPR Article 6(1)(e): When necessary for the performance of a task in the public interest or in the exercise of official authority vested in us

We process sensitive personal data under:

  • GDPR Article 9(2)(f): When necessary for the establishment, exercise or defence of legal claims
  • GDPR Article 9(2)(h): When necessary for preventive or occupational medicine, medical diagnosis, provision of healthcare or social care, treatment, or the management of health or social care services
  • GDPR Article 9(2)(i): When necessary for reasons of public interest in the area of public health
  • GDPR Article 9(2)(j): When necessary for archiving purposes, scientific or historical research purposes, or statistical purposes

We process your civil registration number (CPR) under:

  • Danish Data Protection Act § 11(1): For the purpose of uniquely identifying you

Categories of personal data we process about you

Depending on what you or others include in your contact with the Danish Health Data Authority, the Authority may process all categories of personal data.

Disclosure of your personal data

The Danish Health Data Authority may, in a number of cases, be required to disclose your personal data to other public authorities.

We may also disclose your personal data to private individuals if we are obligated to do so in connection with a request for access under the Danish Access to Public Administration Files Act or the Danish Public Administration Act.

If you have contacted us about potentially unauthorised access to the Shared Medication Record (FMK), your personal data may be disclosed to the healthcare professional, medical practice, or clinic that accessed the data — if necessary to investigate the access.

Storage of your personal data

The Danish Health Data Authority is obligated to document its activities, and therefore we store information as long as necessary for documentation purposes.

The Danish Health Data Authority transfers data from its electronic records management system to the Danish National Archives in accordance with the Danish Archives Act.

If you are a researcher registered as a user on the Danish Health Data Authority’s Secure Research Platform, the retention period for your personal data is agreed with you individually.

When you apply for a job at the Danish Health Data Authority via our recruitment system, you accept that we process the personal data you register as part of your application.

By registering your personal data, you confirm that:

  • You have read and understood the information text in the recruitment system
  • We may collect and use your data for recruitment in the Danish Ministry of the Interior and Health

Below you can read about our processing of your personal data in connection with your application.

Data controller and data processor

The Danish Agency for Public Finance and Management is the system administrator for the state and for the Ministry of the Interior and Health as the hiring authority and is therefore the joint data controller for the personal data processed about you in connection with your application.

You can read more about joint data responsibility in Circular CIS no. 9223 of 23/03/2018 on joint data responsibility concerning the Danish Agency for Public Finance and Management’s shared public systems.

Purpose and legal basis for processing your personal data

The purpose of processing the data we collect in connection with recruitment and employment processes is to hire qualified candidates for the advertised positions.

In addition, the Danish Agency for Public Finance and Management uses your data for statistical purposes to develop and improve the State eRecruitment system.

The processing of your personal data is based on data protection legislation.

We process general personal data under:

  • GDPR Article 6(1)(a): When you have given consent
  • GDPR Article 6(1)(b): When processing is necessary for entering into or fulfilling a contract to which you are a party

We process sensitive personal data under:

  • GDPR Article 9(2)(a): When you have given explicit consent
  • GDPR Article 9(2)(b): When processing is necessary for us to fulfil our obligations under employment law, particularly under the Executive Order on compensation for people with disabilities in employment
  • GDPR Article 9(2)(f): When processing is necessary to establish, exercise, or defend a legal claim, particularly in relation to the same Executive Order

We process your civil registration number (CPR) under:

  • Danish Data Protection Act § 11(1): For the purpose of uniquely identifying you

Categories of personal data we process about you

In connection with recruitment, we generally process only general personal data about you — such as your name, address, phone number, email addresses, qualifications, education, previous employment, personality test results, etc.

In addition, we may process civil registration numbers (CPR) if you have not redacted them from submitted documents such as exam certificates.

If you indicate in your application that you are covered by the rules in the Executive Order on compensation for people with disabilities in employment, this will be treated as health information under the rules for sensitive personal data in the GDPR.

If we take references as part of the recruitment process, we collect general personal data such as assessments of your professional and social competencies.

We do not collect sensitive personal data or data about criminal offences.

Disclosure of your personal data

We may share your data with third parties who assist us in the recruitment process. This may include external providers of personality tests.

We may also share your data with public authorities or legal entities if required by law. This may include your municipality (e.g., if you have a disability and exercise preferential rights) or your school (if you have applied for an internship).

Storage of your personal data

We store the personal data you provided in connection with your application until the recruitment process is completed.

Your personal data will not be stored for more than 6 months unless you specifically request otherwise.

Persons involved in the recruitment process must also destroy any collected material.

You can also delete your profile from the State eRecruitment system by clicking 'Manage my data'.
Click 'Delete my candidate profile' to request deletion of your data.

Your request will be processed, and a few days later, you will receive an email confirming that your data has been deleted.

Right to withdraw your consent

If our processing of your personal data is based on your consent, you may withdraw your consent at any time by contacting the Ministry of the Interior and Health or the contact persons listed in the job posting.

If you withdraw your consent, this only affects future processing. The legality of processing based on your previous consent remains unaffected.

According to Section 193 b of the Danish Health Act, the Danish Health Data Authority is responsible for operating a shared digital infrastructure, the National Service Platform.

It enables registration and sharing of selected data about citizens’ health conditions and other confidential data.

Healthcare professionals and others bound by confidentiality under law can access the data in the National Service Platform when necessary for disease prevention, medical diagnosis, nursing, treatment, or management of healthcare services.

The digital solutions that you can also access via sundhed.dk include:

  • Shared Personal Information (Stamkort)
  • Appointments
  • Organ Donation
  • Living Will 
  • Access Log (Min Log)
  • Opting out of resuscitation

Below you can read how we process your personal data in these digital solutions. If you would like to know more, you are welcome to contact us.

Purpose and legal basis for processing your personal data

As mentioned above, we process your personal data in the various digital solutions to ensure that healthcare professionals and other authorised persons have access to the information when treating you.

The purpose is also to ensure that healthcare professionals involved in your treatment can see, for example, whether you are an organ donor or whether you want life-prolonging treatment.

The processing of your personal data in the National Service Platform is related to our authority tasks pursuant to Sections 220 a and 193 b of the Danish Health Act, as well as Executive Order No. 131 of 3 February 2025 on the operation of the shared digital infrastructure.

The processing also takes place in accordance with other provisions of the Danish Health Act and related Executive Orders.

Our legal basis for processing personal data in the National Service Platform also derives from the data protection legislation.

We process general personal data under:

  • GDPR Article 6(1)(e): When necessary for the performance of a task in the public interest or in the exercise of official authority

We process sensitive personal data under:

  • GDPR Article 9(2)(h): When necessary for preventive medicine, occupational medicine, medical diagnosis, the provision of healthcare or social care, or management of health/social care systems and services

We process your CPR number under:

  • Danish Data Protection Act § 11(1): For the purpose of uniquely identifying you

Categories of personal data

In the digital solutions available via the National Service Platform, we may process general, sensitive, and confidential personal data.

We may process the following general personal data:

  • First and last name
  • Current address and, if applicable, temporary address
  • Relatives and their contact information and relation to you
  • Health insurance group
  • General practitioner
  • Dentist
  • Telephone number
  • Your decisions regarding living will, organ donation, and resuscitation opt-out
  • Information about your appointments in the healthcare system

We may process the following sensitive personal data:

  • Health data

We also process your civil registration number (CPR), which is considered confidential personal data.

We may also process other personal data than those listed above if you have entered such data yourself in text fields on sundhed.dk — for example, under “Additional Information” in the “Relatives Info” section of the Shared Personal Information. You can edit or delete these entries yourself on sundhed.dk.

You can view the data registered about you in the National Service Platform on sundhed.dk under:

  • Appointments
  • Living Will
  • Access Log (Min Log)
  • Organ Donation
  • Shared Personal Information (Stamkort)

Recipients or categories of recipients

The information processed in the digital solutions of the National Service Platform may be accessed by healthcare professionals or other individuals who, under law, are bound by confidentiality when you are in treatment with them. This includes, for example, staff treating you in hospitals, general practice, or municipal healthcare services.

On sundhed.dk, you can opt out of certain data in the National Service Platform being accessed by healthcare professionals or others. This does not apply to information registered in the Shared Personal Information (Stamkort).

Storage of your personal data

  • In Appointments, we store your personal data for two years after the appointment has taken place or one year after your death.
  • In the Living Will, we store your personal data until you or your proxy withdraws the directive, or one year after your death.
  • In the Access Log (Min Log), we store your personal data for two years from the time of the log entry, or in specific cases for up to five years.
  • In Plans and Interventions, we store your personal data in accordance with the deletion deadlines applicable to the underlying data sources — for example, your medical record.
  • In Organ Donation, we store your personal data until one year after your death. You or your proxy can change the information at any time via sundhed.dk or by contacting us at the Danish Health Data Authority.
  • In the Shared Personal Information (Stamkort), we store your personal data until you or your proxy changes or deletes it, or until one year after your death.

If you have registered information in the Shared Personal Information, Living Will, or Organ Donation via a paper form, the form is archived in our electronic records management system.

As a public authority, the Danish Health Data Authority is obligated to document its activities. Therefore, we store information as long as necessary to fulfil this purpose. The Danish Health Data Authority transfers data from its records management system to the Danish National Archives in accordance with the Archives Act.

In the Danish healthcare system, healthcare professionals and pharmacy staff use the Shared Medication Record (FMK) when they create or dispense an electronic prescription.

The Danish Health Data Authority is the data controller for the Shared Medication Record. Below you can read how we process your personal data in FMK when your doctor issues an electronic prescription or your pharmacy dispenses your medicine.

Purpose and legal basis for processing your personal data

Our purpose in processing your personal data in the Shared Medication Record is to make necessary information available — for example, in connection with your treatment in the healthcare system.

Our purpose with processing your personal data in FMK is also linked to our legal responsibility for maintaining an electronic registry of each citizen’s medication data. This includes information on prescriptions, purchases, dispensing, intake, dosage changes, discontinuation, healthcare professionals’ instructions on medicine use, and other data related to medication.

This follows from Section 157 of the Danish Health Act and Executive Order no. 191 of 27 February 2024 on access to and registration of medication and vaccination information.

Our legal basis also includes data protection legislation.

We process general personal data under:

  • GDPR Article 6(1)(e): When necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

We process sensitive personal data under:

  • GDPR Article 9(2)(h): When necessary for preventive or occupational medicine, medical diagnosis, provision of health or social care or treatment, or management of health or social care systems and services.

We process your civil registration number (CPR) under:

  • Danish Data Protection Act § 11(1): For the purpose of uniquely identifying you.

Categories of personal data

The personal data we process in the Shared Medication Record may be general, sensitive, or confidential personal data, depending on what is necessary for the purpose of processing your information.

We may process the following general personal data:

  • Basic information (name, address, insurance group, chosen general practitioner)
  • Information identifying the healthcare professionals who have accessed your FMK, including name, workplace or organisation, and authorisation ID
  • Medicine prescriptions or prescriptions for cannabis products
  • Electronic prescriptions
  • Dispensed medication
  • Information about current hospital admissions
  • Other relevant data, such as blood test values, municipal home care services, use of nutritional supplements, dietary supplements, over-the-counter medicines, etc., and other data relevant to medication handling.

We may process the following sensitive personal data:

  • Health information, such as prescriptions, reasons for prescriptions, dispensed medications, and other data relevant to your medication.

We also process your civil registration number (CPR), which is confidential personal data.

You can view the data recorded about you in the Shared Medication Record via:

  • sundhed.dk
  • fmk-online.dk

Disclosure of your personal data

We may disclose medication data to the Danish Patient Safety Authority for supervision purposes, such as for monitoring prescriptions of specific drug types (e.g., addictive drugs, antipsychotics), [CHH5] pharmacist renewals of certain prescriptions, and prescriptions for dose-dispensed medicines with reimbursement.

Under certain circumstances, disclosure may include medicine data and information about cannabis-based products that can be linked to individual citizens.

To make sure you receive correct treatment and medication, we make data in FMK available to the healthcare professionals involved in your care. This includes healthcare personnel or assistants, pharmacists and pharmacy staff who dispense your prescription, or other persons who handle your medication.

Storage of your personal data

Medication orders are deleted according to the Executive Order after 2 years. Prescriptions and dispensing information are deleted 2 years after issuance or registration. However, they are not deleted after 2 years if the medicine was dispensed within the last 2 years, or if it is a medication that remains active for more than 2 years after being dispensed.

Personal data such as name, civil registration number (CPR), address, and your general practitioner are deleted 2 years after your death.

The Danish Health Data Authority is responsible for operating the National Database of Non-Consent to the Use of Tissue Samples for Scientific Purposes.

In this register, you can indicate that biological material provided in connection with treatment may only be used for your own treatment and not, for example, for research purposes.

You can also register that genetic information derived from biological material during your treatment, and stored at the Danish National Genome Center, may only be used for your own treatment.

When you register in the Tissue Use Register, we process personal data about you.

Purpose and legal basis for processing your personal data

The purpose of processing your personal data in connection with your registration in the National Database of Non-Consent to the Use of Tissue Samples for Scientific Purposes is to ensure that your wish — that your biological material or genetic information must not be used for research purposes but only for your own treatment — is respected.

Our legal basis for processing your personal data in connection with registration in the National Database of Non-Consent to the Use of Tissue Samples for Scientific Purposes is Section 29 of the Danish Health Act and Executive Order no. 361 of 4 April 2019 on the National Database of Non-Consent to the Use of Tissue Samples for Scientific Purposes.

Our legal basis also includes data protection legislation.

We process general personal data under:

  • GDPR Article 6(1)(e): When necessary for the performance of a task in the public interest or in the exercise of official authority.

We process your CPR number under:

  • Danish Data Protection Act § 11(1): For the purpose of uniquely identifying you.

Categories of personal data

When you register in the National Database of Non-Consent to the Use of Tissue Samples for Scientific Purposes, we process the following data about you:

We process general personal data:

  • First and last name
  • Address
  • Your decision, including date and selected option.

We also process your civil registration number (CPR), which is considered confidential personal data.

Disclosure of your personal data

We disclose information from the National Database of Non-Consent to the Use of Tissue Samples for Scientific Purposes to:

  • Healthcare professionals responsible for biobanks, when they intend to use biological material for purposes unrelated to your treatment
  • The Danish National Genome Center, when it intends to use genetic information derived from biological material stored at the center for purposes unrelated to your treatment.

Storage of your personal data

If you withdraw your registration, it will no longer be visible to the healthcare professionals responsible for biobanks or to the Danish National Genome Center.

However, the Danish Health Data Authority will retain historical information about your registration, for example for use in connection with complaints or similar cases.

If you have registered using a paper form, it will be recorded in our electronic records management system.

As a public authority, the Danish Health Data Authority is required to document its activities. Therefore, we store information for as long as necessary for this purpose.

The Danish Health Data Authority transfers data from its case system to the Danish National Archives in accordance with the Archives Act.

The Danish Health Data Authority is responsible for the electronic registration of your opt-out decision from resuscitation attempts in case of cardiac arrest.

In this context, we process your personal data to ensure that your decision can be communicated and respected.

Purpose and legal basis for processing your personal data

If you have registered an opt-out from resuscitation attempts in the event of cardiac arrest, your personal data will be processed to make the necessary information available to healthcare professionals when relevant for your treatment.

We process general personal data under:

  • GDPR Article 6(1)(e): When necessary for the performance of a task in the public interest or in the exercise of official authority.

We process your civil registration number (CPR) under:

  • Danish Data Protection Act § 11(1): For the purpose of uniquely identifying you.

We also receive and process your data under Section 25 a of the Danish Health Act, and make it available to relevant healthcare professionals under Section 193 b of the Danish Health Act and the Executive Order on the operation of the shared digital infrastructure.

Categories of personal data we process about you

When you register your wish not to be resuscitated in case of cardiac arrest, we may process general and confidential personal data about you.

We may process the following general personal data:

  • First and last name
  • Address
  • Telephone number
  • Your decision, including date and selected option.

We may also process your civil registration number (CPR), which is considered confidential personal data.

Disclosure of your personal data

Healthcare professionals may access your personal data when it is relevant for your treatment.

The Danish Health Data Authority may also process your personal data in accordance with its public authority tasks under Section 220 a of the Danish Health Act.

Storage of your personal data

The Danish Health Data Authority stores your resuscitation opt-out registration until one year after your death.

If you withdraw your opt-out decision, it will no longer be visible to healthcare professionals. However, we retain historical information about your registration, for example for use in connection with complaints.

If you have registered via a paper form, it will also be archived in our electronic case management system.

As a public authority, we are required to document our activities, and therefore we store information as long as necessary for this purpose.

We transfer data from our case system to the Danish National Archives in accordance with the Archives Act.

If you have visited our website, sundhedsdatastyrelsen.dk, no personal data is registered about you, and only technically necessary cookies are placed on your device.

Read our cookie policy

When you subscribe to our newsletter, we process personal data about you.

Purpose and legal basis for processing your personal data

When you subscribe to newsletters from the Danish Health Data Authority, we process your personal data to send you newsletters. In addition, we use your data to generate statistics to improve our newsletters.

By subscribing, you give consent to our collection and processing of your data for these purposes.

Legal basis:

  • GDPR Article 6(1)(a): Processing is based on your consent.

Categories of personal data we process about you

When you subscribe to our newsletters, we collect and process at minimum the following personal data:

  • The email address you provide
  • Your preferred newsletter topics (if multiple categories are available).

Depending on the specific newsletter, we may also collect and process:

  • Your name
  • Your organisation.

Disclosure of your personal data

We use:

  • GoPublic Mail for collecting and storing email addresses and sending general newsletters.When subscribing to our general newsletter, your data is also processed under GoPublic’s privacy policy.
  • Peytz Mail for collecting and storing email addresses and sending specialist newsletters. When subscribing to specialist newsletters, your data is also processed under Peytz Mail’s privacy policy.

Right to withdraw your consent

You can withdraw your consent at any time by unsubscribing via the link 'Unsubscribe newsletter' in the emails you receive.

If you withdraw your consent, it only affects future processing. The processing carried out before withdrawal remains lawful.

When you unsubscribe, you will no longer receive newsletters, and your personal data will be deleted within two months.

In connection with whistleblower cases, the Danish Health Data Authority processes a number of personal data.

Read the Privacy Policy for the whistleblower scheme (in Danish)

Complaint to the Danish Data Protection Agency

You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with our processing of your personal data.

Learn more and find details at the website of the Danish Data Protection Agency

Contact

Data Protection

Contact

Helle Ginnerup-Nielsen
Data Protection Officer (DPO)