Privacy Policy
This policy explains to you how we, in Tusass, collect and process your data and why we do so. At Tusass, we take security seriously, and if you have any questions about the below, or experience a problem, you are very welcome to contact us.
We process your data in accordance with the applicable General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016), also known as GDPR, accounting legislation, the Telecommunications Act and the Logging Order.
1. Data Controller and Contact Details
Data Controller:
Tusass A/S
Farip Aqqutta 8
3900 Nuuk
Greenland
CVR number: 17516345
(hereinafter referred to as "Tusass")
Contact Person:
Josefine Andreasen – Personal Data Controller
E-mail: privacy@tusass.gl
2. Definitions
"Personal Data" – Any information that can be used to identify an individual. This can be, for example, name, address, IP address, telephone number and location data.
"Processing" – Any type of activity to which your information may be subject. This applies, among other things, when Tusass organizes data, stores data, deletes data, analyzes data or discloses data.
"Data Controller" – The data controller is Tusass. This is because we decide how, and for what purposes, your personal data may be processed.
3. What Information is Collected?
When you become a customer of Tusass, we collect some personal data in order to be able to register you. When you are a customer, Tusass also collects some information automatically when you use our services and, in some cases, we collect data from third parties.
Information collected directly from you
In order for us to register you as a customer, we need some information to ensure that you are the person you are pretending to be and for Tusass to receive payments. The information we collect when you register as a customer is:
Name, address, telephone number, e-mail and CPR number, payment information, and payment history
If you wish to receive a newsletter, your contact information will also be used for this purpose.
Information collected automatically
When you use Tusass' telecommunications services, Tusass collects some information automatically. This information includes:
Phone numbers you call and/or write to, and phone numbers that call or write to you, as well as the times of calls and messages.
Duration of calls made on Tusass' network
Location data
Internet traffic
When you use Tusass' website, the following information is collected:
IP address
Network information
Login details (If you use "My Tusass")
Where and when and the website is used
Browser type and plug-ins
Information collected from third parties
In some cases, Tusass' may need to obtain information from third parties in connection with the use of our services. This will only happen if you have consented to this or if it is required under applicable law. This may, for example, be in connection with the validation of the CPR number against the Danish CPR register.
4. Purpose and Use of Your Information
At Tusass, we store and process your information in order to provide the service and services you pay for by being a customer of ours. We only collect the information we need and do not store your information for longer than is necessary or we are legally obligated to.
There are a number of purposes that make Tusass may, and can, process the information we collect.
1. Managing your subscription
In order for Tusass to comply with the contract entered when purchasing a service, we process your data in order to be able to administer this service on an ongoing basis. This could be, for example, a mobile subscription or internet. We store your personal data in order to be able to identify that it is you who is the customer and that your bills are paid in order for us to provide the service you pay for.
2. Self-service solution (Mit Tusass)
We store your information for My Tusass to make sure that you can use the self-service solution. In addition to your personal information, you must create a personal password here to ensure that only you can access your account. This password is also stored in Tusass' system.
3. Communication in connection with your purchases
We process your information so that we can identify your product or service, and thus provide the best customer service in connection with, for example, returns or complaints.
4. Traffic and location data
When you are a customer of Tusass, we need to know where you are and how you communicate in order for us to make sure that your signal hits the right mast so that you can communicate with those you want in the way you want. For example, via call or SMS.
At the same time, traffic and location data ensure that we can bill you correctly, depending on where you are located in the world.
5. Product development and troubleshooting
At Tusass, we have a responsibility to offer you the best possible solution when you purchase our product or service. This also means that we must continuously test and develop our services and products. This can happen, for example, in connection with testing of optimization of networks, satellite connections, expansion of the radio chain, and that we ensure that our self-service solution runs as it should, among other various initiatives.
At the same time, your personal data can help us to more quickly identify an error if you experience a problem with our services or products.
6. Regulatory requirements
As a telecommunications company, Tusass is subject to laws that we must comply with in order for us to offer the services we do. This applies, among other things, to the Telecommunications Act, which ensures that Tusass, under no circumstances, may disclose information about persons' use of our services without a legal basis. The Telecommunications Act also says that Tusass has a universal service obligation, which means that it is our responsibility to ensure that people have access to a range of basic electronic services at a reasonable price.
Tusass is also subject to the Logging Order. This legislation means that we, as a telecommunications company, must log all traffic data for one year.
In addition, we are subject to accounting legislation, which requires us to store all information about financial matters 5 years + current years, after the end of the contract. After this, your information in our systems will be deleted or anonymized.
7. Emergency situations and the directory
In emergency situations, and if possible, Tusass may provide location data (on mobile phone or satellite phone) to the Police or another emergency service so that they can find you if this becomes necessary.
Your number will also be handed over to the directory, unless you ask us not to do so.
8. Marketing
It is not a requirement to sign up for marketing in order to become a customer of Tusass. If you have consented to marketing, we may contact you for the purpose of, for example, offers, news, products or in connection with competitions.
Please note that you can always withdraw your consent if you do not wish to receive emails or other marketing from us.
9. Statistics and analysis
Tusass continuously develops, tests and improves our products and services to give you the best experience. As far as possible, we always anonymize data where this is possible. Customer segmentation and customer behavior patterns can often help us research who is using our services so that we can better target our products and services to the right people and ensure that we improve where it is needed most for the sake of customers.
10. Disclosure of anonymized data to third parties
Tusass may, in some cases, provide statistics and analysis to third parties. This can for example be in connection with statistics about sales, network traffic, location patterns or mapping of overall trends. If data or statistics are handed over to third parties, it will always be about anonymized data – i.e. data that cannot be referred to a single person.
Because the information, in these cases, is anonymized, the information no longer falls under the General Data Protection Regulation, as it cannot be used to identify individuals.
11. Deletion protocols
In Tusass, we have different deletion procedures depending on what the data is about. Below, you can read when the various personal data we store are deleted:
Traffic data: Deleted after 1 year, in accordance with the Logging Order
Personal data registered in connection with subscription on mobile or internet: Deleted after 5 + current years, in accordance with the Danish Bookkeeping Act
Cases (e.g. in connection with unpaid debts): Deleted after 10 years, according to the Statute of Limitation
5. The Processing of Children's Data
Tusass offers a subscription for children between the age of 5 and 17. We never market ourselves directly to children, and in order for us to create such a subscription, it requires that the child be associated with a parent or guardian's social security number.
According to the General Data Protection Regulation, children are entitled to special protection of their data. Tusass therefore only uses children's data in order to be able to verify age, so that we can ensure that they are under 18, and therefore can use our subscription at a reduced price.
6. Corporate
Tusass Erhverv offers its customers various services in the form of mobile subscriptions, business telephony as well as a wide range of internet products adapted to the Greenlandic business community.
In addition, Tusass Erhverv offers a number of services adapted to the Greenlandic business community in the form of infrastructure and hosted solutions. For both areas, Tusass alone stores and protects the customer's data and/or operates and monitors the customer's infrastructure.
In connection with the purchase of services and products, where Tusass is processing data on behalf of a customer, a data processing agreement is signed by both parties. When we register you as a business customer, we register the following information on the company:
CVR number
Address
Phone number and e-mail of the company's contact person
7. Security
As a company, Tusass has a responsibility to "put in place appropriate technical and organizational security measures". This means that we have a responsibility to ensure that your personal data is protected so that other parties cannot enter our systems and misuse your information. At Tusass, we have a department that works to ensure that the right precautions are taken so that you are sure your information is in safe hands when you buy a product or service from us.
This is done, among other things, through the use of firewalls, two-factor authentication and user management on all systems. At the same time, Tusass' employees are continuously trained in how we process personal data, as well as in IT security in general.
8. Partners
Tusass has a number of partners who help us run the business on a daily basis. In some cases, it is necessary to entrust personal data in connection with these tasks. This may, for example, be in connection with an external invoice collection system, external companies that help repair and maintain Tusass' services, or external consultants or companies that manage our systems and databases.
If it is necessary to provide personal information in connection with cooperation, Tusass always ensures that the necessary security measures are taken before starting cooperation and ensures that applicable legislation is complied with. In these cases, a data processing agreement is always signed between Tusass and our business partner.
In addition, Tusass is obliged to disclose your information to the directory, unless you do not want the information to be disclosed. You can always ask Tusass not to disclose your information to the directory.
9. Transfer of Data to Third Countries
Tusass, in some cases, transfers data to third countries located outside the EU and EEA countries. If this is the case, Tusass ensures that a data processing agreement and the European Commission's standard contracts have been signed. These contracts ensure that personal data is processed in accordance with EU law in relation to the transfer and storage of personal data.
10. Cookie Policy
Tusass does not use Cookies or other tools to track your behavior on the website.
11. Your Rights
As a person, you have some rights when you are a customer of ours and we store your data. You can read more about your rights below:
The right to information: You have the right to know how, why, and for how long your data is processed by us.
The right of access: You always have the right to know what information Tusass holds about you.
The right to rectification: You have the right for Tusass to correct your information if it is incorrect.
The right to erasure: Also known as the "right to be forgotten" – You may, under any circumstances, ask Tusass to delete your information. This applies, for example, if Tusass' processing of your data is no longer relevant, if you withdraw your consent or if Tusass processes your information unlawfully.
The right to restriction of processing: If you believe that Tusass is using your information for an undue purpose, you can ask us to restrict this processing, in some cases.
The right to data portability: In some cases, you have the right for Tusass to transfer your information from our systems to another data controller.
The right not to be subject to automatic decision: You have the right that Tusass does not make decisions about whether, for example, you can create a subscription despite debts without a person having been involved in the decision.
The right to object: You always have the right to complain about the processing of your personal data if you believe Tusass does not comply with the applicable rules. You can send a complaint via the Danish Data Protection Agency's own website, at the following link: https://www.datatilsynet.dk/borger/klage
If you have any questions about the above policy, want to know more, or make use of your rights, you are welcome to contact the Personal Data Controller, Josefine Andreasen, privacy@tusass.gl.