Personal Data

Personal information may have different meanings, ranging from ordinary information about names and addresses to more private information about health, affiliations to trade unions or political convictions. Notwithstanding the character of any such personal information, the data protection rules must be observed for the purpose of avoiding excessive fines or claims for damages from registered parties.

A company’s possession of its employees’ private contact information, disease information, financial affairs or its possession of customers’ purchase history or contact information will all be subject to the data protection rules.


For the purpose of transforming complex rules into specific solutions in the various affected areas, HjulmandKaptain has decided to bring together a team of judicial experts within data protection law, employment law, marketing law, administrative law, procurement law, and IT law, who will all be prepared to assist you in the following situations:


Handling of personal data in connection with

  • Mergers & Acquisitions and insolvency;
  • credit facilities;
  • marketing;
  • employment and dismissal of employees;
  • day-to-day operation of your Human Resources department;
  • establishment of a whistleblower arrangement;
  • surveillance, control, and registration of employees and customers;
  • inquiries from registered parties concerning the processing of personal information
  • transmission of data out of the EU.


IT security

  • Data processing agreements and sub-data processing agreements;
  • storing and erasure of personal information;
  • outsourcing of IT systems, Cloud solutions;
  • purchase of IT solutions, including preparation of requirement specifications.


Compliance process based on internationally acknowledged standards

  • Preparation of data protection impact assessment (DPIA);
  • establishment of DPO function (data protection officer);
  • definition of policies and education of personnel;
  • counselling on technical and organisational changes.


Data failures

  • Handling of specific data failures;
  • notification to the Danish Data Protection Agency;
  • assistance in connection with the Data Protection Agency’s investigation;
  • notification to the registered parties;
  • handling of claims for damages;
  • handling of imposition of fines;
  • securing against future data failures