Bioflight Privacy Policy
This Privacy Policy is issued by Bioflight A/S, a company registered in Denmark with its principal place of business at Hangarvej E12, 4000 Roskilde, Denmark (“Bioflight”, “we”, “our”, or “us”). We will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and this Privacy Policy.
Bioflight Privacy Policy
This Privacy Policy is issued by Bioflight A/S, a company registered in Denmark with its principal place of business at Hangarvej E12, 4000 Roskilde, Denmark (“Bioflight”, “we”, “our”, or “us”). We will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and this Privacy Policy.
Bioflight Privacy Policy
This Privacy Policy is issued by Bioflight A/S, a company registered in Denmark with its principal place of business at Hangarvej E12, 4000 Roskilde, Denmark (“Bioflight”, “we”, “our”, or “us”). We will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and this Privacy Policy.
Jump to
Scope of this Privacy Policy
This Privacy Policy applies to and we act as data controllers of your data when you:
Visit our website at www.bioflight.dk, including any subpages;
Communicate with us or place an order by email, telephone, online forms or other channels (for example, when you request information or provide feedback);
Apply for a job or submit any application materials to us (such as a CV, cover letter, or references); and
Represent or are employed by our customers, suppliers or business partners, where we process limited business contact details to manage our professional relation
This Privacy Policy does not apply to any third-party websites or services that may be linked from our website.
Categories of personal data and retention
We will process the following categories of personal data:
Category
Examples
Legal Basis
Retention
Contact Data
Name, email address, phone number, address
Consent / Performance of contract / Legitimate interest
12 months
Technical Data
IP address, browser type, device info, time zone settings
Legitimate interest / Consent (via cookies)
12 months (cookies’ retention time described below)
Applicant Data
CV, cover letter, references
Contract / Legitimate interest
Up to 6 months after process ends
We keep personal data only as long as necessary for the purposes described. After these periods, data will be securely deleted or anonymized.
Special categories of personal data: We do not collect financial data, identity data, or special category data through our service or website.
Minors’ data: Our website and services are not targeted or designed for individuals under the age of 18. We do not knowingly collect or process personal data relating to children.
Applicants and recruitment data
If you apply for a position at Bioflight, we process the personal data that you choose to provide to us, such as your name, contact details, CV, cover letter, educational background, professional experience, and any references you may include. This information is used exclusively to evaluate your qualifications, manage communication throughout the recruitment process, schedule interviews, and make decisions regarding your application.
Your personal data will be retained for up to six months after the recruitment process has concluded, unless you give explicit consent for us to keep your details longer for potential future opportunities. After this period, your data will be securely deleted or anonymized in accordance with our retention procedures.
We do not share your application data with any third parties, except where this is required by law, necessary for the recruitment process, or based on your explicit consent.
How we collect data
We collect personal data in several ways, depending on how you interact with Bioflight. The main methods are:
Directly from you: We collect personal data that you voluntarily provide to us when you contact Bioflight by email, telephone, or other communication channels. This may occur, for example, when you request information about our services, send us general inquiries, sign up for a newsletter or submit your personal details as part of a job application (such as your name, contact details, and the contents of your CV or cover letter). Any data you choose to share with us in these circumstances will be used solely for the purposes for which it was provided.
Automatically through your use of our website: When you visit www.bioflight.dk, certain technical information is collected automatically through your browser or device. This includes data such as your IP address, browser type, operating system, device information, and general location derived from your IP address. We collect this information to ensure the website functions properly, maintain its security, and improve performance.
Through cookies and similar technologies: We use cookies and comparable tracking technologies to understand how visitors use our website, to remember user preferences, and to improve functionality. For example, analytical tools help us understand aggregated usage trends without identifying individual users. Non-essential cookies are only activated if you give consent through the consent banner, which also allows you to review, manage, or withdraw your choices at any time.
From third-party service providers or partners: In limited cases, we may receive personal data indirectly from trusted third parties, such as analytics providers, email service providers, or professional recruitment platforms, when necessary to operate our business or manage our recruitment process. These third parties act as data processors on our behalf and are bound by contractual obligations to handle your data in accordance with applicable data protection laws and our instructions.
Purposes and legal bases of our processing
We process personal data only when it is necessary and lawful to do so, and always in accordance with the purposes for which the data was originally collected. The following outlines the main purposes for which we process personal data, along with the corresponding legal bases under the GDPR:
Website operation and improvement
Purpose: To operate, maintain, and improve our website, including ensuring its functionality, performance, and security, and understanding how visitors interact with it.
Legal basis: Our legitimate interest in providing a secure and user-friendly website, and, where analytics or non-essential cookies are used, your consent obtained through the cookie banner.
Communication and customer support
Purpose: To respond to inquiries, provide customer support, and communicate with individuals who contact us for information or assistance.
Legal basis: Your consent (when you choose to contact us) or our performance of contract or legitimate interest in responding to communications and providing efficient support.
Marketing and business development
Purpose: To provide information about our activities, services, or events that may be of interest, to maintain contact with existing or prospective customers, and to evaluate the effectiveness of our outreach and communication efforts.
Legal basis: This processing is based on your consent (where required) or our legitimate interest in maintaining and developing relationships with existing and potential business contacts.
Service delivery and business relationships
Purpose: To perform services, fulfill contractual obligations, and manage relationships with customers, suppliers, and business partners, including completing orders and maintaining necessary records.
Legal basis: The performance of a contract or taking steps at your request prior to entering into a contract.
Recruitment
Purpose: To manage recruitment processes, evaluate job applications, and select suitable candidates for employment.
Legal basis: Your consent and our legitimate interest in managing recruitment and taking necessary steps prior to entering into an employment contract.
Security and legal compliance
Purpose: To ensure the security of our IT systems, detect and prevent unauthorized access, and comply with legal or regulatory obligations.
Legal basis: Our legitimate interest in maintaining a secure environment and compliance with applicable legal obligations regarding data protection and information security.
Sharing and disclosure
We may share limited personal data with carefully selected third parties who provide essential operational, technical, or administrative services to us. These third parties act as data processors on our behalf and process personal data only in accordance with our written instructions and under strict confidentiality obligations.
Such processing activities may include services related to:
website hosting and maintenance,
email and cloud storage,
analytics and performance monitoring,
IT support, or
professional business administration.
All such parties are contractually bound to maintain appropriate security measures and comply with the requirements of the applicable privacy laws.
We do not sell, rent, or otherwise disclose personal data to any third party for their own commercial or marketing purposes.
Personal data will only be further disclosed outside Bioflight when required by law, in response to a valid legal request from a public authority, or when necessary to protect our legitimate rights, safety, or property.
International transfers
Bioflight stores and processes all personal data within the European Union (EU) and the European Economic Area (EEA), primarily in Denmark and through secure data centers operated by our trusted service providers. In case we transfer personal data outside the EU/EEA, such transfers will only take place where appropriate safeguards are in place to ensure an equivalent level of data protection.
These safeguards may include the use of:
EU Standard Contractual Clauses (SCCs) or, where applicable,
the EU–U.S. Data Privacy Framework (DPF).
We continuously review our data processing arrangements to maintain compliance with the GDPR and protect your personal information.
Your privacy rights
As an individual whose personal data we process, you have several rights under the privacy laws. We respect and uphold these rights and will respond to any valid request in accordance with applicable legal requirements.
Right of Access:
You have the right to request confirmation of whether we process your personal data and, if so, to receive a copy of the information we hold about you, along with details about how and why it is processed.Right to Rectification:
If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated.Right to Erasure (“Right to be Forgotten”):
In certain circumstances, such as when data is no longer necessary for the purposes for which it was collected, you have the right to request the deletion of your personal data from our systems.Right to Restriction of Processing:
You may request that we limit how we use your personal data while we verify its accuracy, assess an objection, or when processing is unlawful but you prefer restriction instead of deletion.Right to Data Portability:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit it directly to another data controller where technically feasible.Right to Object:
You have the right to object to our processing of your personal data when it is based on legitimate interests. We will stop processing your data unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.Right to Withdraw Consent:
Where we process your data based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, please contact us at info@bioflight.dk. We may need to verify your identity before responding to your request to protect your privacy and security.
If you are not satisfied with our response, or if you believe that your personal data has been processed in violation of applicable data protection laws, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet). You can contact Datatilsynet via their website at www.datatilsynet.dk or by mail at Carl Jacobsens Vej 35, 2500 Valby, Denmark.
Cookies and tracking technologies
Our website uses cookies and similar tracking technologies to ensure essential functionality, enhance user experience, and collect limited analytical information to understand how visitors use our website. Cookies are small text files that are stored on your device when you visit a website and are commonly used to make websites work more efficiently, as well as to provide statistical insights that help us improve their performance and usability.
Necessary cookies: Some cookies are considered strictly necessary, meaning they are essential for the website to function properly, for example, to enable basic navigation, security features, or to remember your cookie preferences. These cookies are always active and do not require user consent.
Non-necessary cookies: Other cookies, such as those used for analytics, functionality, or marketing, are considered non-essential and will only be used and placed on your device if you provide your consent.
Your cookie preferences: Consent for non-essential cookies is collected and managed through our cookie consent management platform. When you first visit our website, a cookie banner will appear explaining how cookies are used and allowing you to accept, reject, or customize your preferences. You can change or withdraw your consent at any time through the consent management platform settings on our website or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality or performance of the website.
See below the detailed cookie list automatically generated and maintained by our consent management platform:
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business operations, applicable laws, or regulatory requirements. When we make any significant or material changes, we will post a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data and your associated rights. Any changes to this Policy will take effect upon publication on our website unless otherwise stated.
Contact us
For questions or concerns about this Privacy Policy or our data processing practices, please contact info@bioflight.dk.
Scope of this Privacy Policy
This Privacy Policy applies to and we act as data controllers of your data when you:
Visit our website at www.bioflight.dk, including any subpages;
Communicate with us or place an order by email, telephone, online forms or other channels (for example, when you request information or provide feedback);
Apply for a job or submit any application materials to us (such as a CV, cover letter, or references); and
Represent or are employed by our customers, suppliers or business partners, where we process limited business contact details to manage our professional relation
This Privacy Policy does not apply to any third-party websites or services that may be linked from our website.
Categories of personal data and retention
We will process the following categories of personal data:
Category
Examples
Legal Basis
Retention
Contact Data
Name, email address, phone number, address
Consent / Performance of contract / Legitimate interest
12 months
Technical Data
IP address, browser type, device info, time zone settings
Legitimate interest / Consent (via cookies)
12 months (cookies’ retention time described below)
Applicant Data
CV, cover letter, references
Contract / Legitimate interest
Up to 6 months after process ends
We keep personal data only as long as necessary for the purposes described. After these periods, data will be securely deleted or anonymized.
Special categories of personal data: We do not collect financial data, identity data, or special category data through our service or website.
Minors’ data: Our website and services are not targeted or designed for individuals under the age of 18. We do not knowingly collect or process personal data relating to children.
Applicants and recruitment data
If you apply for a position at Bioflight, we process the personal data that you choose to provide to us, such as your name, contact details, CV, cover letter, educational background, professional experience, and any references you may include. This information is used exclusively to evaluate your qualifications, manage communication throughout the recruitment process, schedule interviews, and make decisions regarding your application.
Your personal data will be retained for up to six months after the recruitment process has concluded, unless you give explicit consent for us to keep your details longer for potential future opportunities. After this period, your data will be securely deleted or anonymized in accordance with our retention procedures.
We do not share your application data with any third parties, except where this is required by law, necessary for the recruitment process, or based on your explicit consent.
How we collect data
We collect personal data in several ways, depending on how you interact with Bioflight. The main methods are:
Directly from you: We collect personal data that you voluntarily provide to us when you contact Bioflight by email, telephone, or other communication channels. This may occur, for example, when you request information about our services, send us general inquiries, sign up for a newsletter or submit your personal details as part of a job application (such as your name, contact details, and the contents of your CV or cover letter). Any data you choose to share with us in these circumstances will be used solely for the purposes for which it was provided.
Automatically through your use of our website: When you visit www.bioflight.dk, certain technical information is collected automatically through your browser or device. This includes data such as your IP address, browser type, operating system, device information, and general location derived from your IP address. We collect this information to ensure the website functions properly, maintain its security, and improve performance.
Through cookies and similar technologies: We use cookies and comparable tracking technologies to understand how visitors use our website, to remember user preferences, and to improve functionality. For example, analytical tools help us understand aggregated usage trends without identifying individual users. Non-essential cookies are only activated if you give consent through the consent banner, which also allows you to review, manage, or withdraw your choices at any time.
From third-party service providers or partners: In limited cases, we may receive personal data indirectly from trusted third parties, such as analytics providers, email service providers, or professional recruitment platforms, when necessary to operate our business or manage our recruitment process. These third parties act as data processors on our behalf and are bound by contractual obligations to handle your data in accordance with applicable data protection laws and our instructions.
Purposes and legal bases of our processing
We process personal data only when it is necessary and lawful to do so, and always in accordance with the purposes for which the data was originally collected. The following outlines the main purposes for which we process personal data, along with the corresponding legal bases under the GDPR:
Website operation and improvement
Purpose: To operate, maintain, and improve our website, including ensuring its functionality, performance, and security, and understanding how visitors interact with it.
Legal basis: Our legitimate interest in providing a secure and user-friendly website, and, where analytics or non-essential cookies are used, your consent obtained through the cookie banner.
Communication and customer support
Purpose: To respond to inquiries, provide customer support, and communicate with individuals who contact us for information or assistance.
Legal basis: Your consent (when you choose to contact us) or our performance of contract or legitimate interest in responding to communications and providing efficient support.
Marketing and business development
Purpose: To provide information about our activities, services, or events that may be of interest, to maintain contact with existing or prospective customers, and to evaluate the effectiveness of our outreach and communication efforts.
Legal basis: This processing is based on your consent (where required) or our legitimate interest in maintaining and developing relationships with existing and potential business contacts.
Service delivery and business relationships
Purpose: To perform services, fulfill contractual obligations, and manage relationships with customers, suppliers, and business partners, including completing orders and maintaining necessary records.
Legal basis: The performance of a contract or taking steps at your request prior to entering into a contract.
Recruitment
Purpose: To manage recruitment processes, evaluate job applications, and select suitable candidates for employment.
Legal basis: Your consent and our legitimate interest in managing recruitment and taking necessary steps prior to entering into an employment contract.
Security and legal compliance
Purpose: To ensure the security of our IT systems, detect and prevent unauthorized access, and comply with legal or regulatory obligations.
Legal basis: Our legitimate interest in maintaining a secure environment and compliance with applicable legal obligations regarding data protection and information security.
Sharing and disclosure
We may share limited personal data with carefully selected third parties who provide essential operational, technical, or administrative services to us. These third parties act as data processors on our behalf and process personal data only in accordance with our written instructions and under strict confidentiality obligations.
Such processing activities may include services related to:
website hosting and maintenance,
email and cloud storage,
analytics and performance monitoring,
IT support, or
professional business administration.
All such parties are contractually bound to maintain appropriate security measures and comply with the requirements of the applicable privacy laws.
We do not sell, rent, or otherwise disclose personal data to any third party for their own commercial or marketing purposes.
Personal data will only be further disclosed outside Bioflight when required by law, in response to a valid legal request from a public authority, or when necessary to protect our legitimate rights, safety, or property.
International transfers
Bioflight stores and processes all personal data within the European Union (EU) and the European Economic Area (EEA), primarily in Denmark and through secure data centers operated by our trusted service providers. In case we transfer personal data outside the EU/EEA, such transfers will only take place where appropriate safeguards are in place to ensure an equivalent level of data protection.
These safeguards may include the use of:
EU Standard Contractual Clauses (SCCs) or, where applicable,
the EU–U.S. Data Privacy Framework (DPF).
We continuously review our data processing arrangements to maintain compliance with the GDPR and protect your personal information.
Your privacy rights
As an individual whose personal data we process, you have several rights under the privacy laws. We respect and uphold these rights and will respond to any valid request in accordance with applicable legal requirements.
Right of Access:
You have the right to request confirmation of whether we process your personal data and, if so, to receive a copy of the information we hold about you, along with details about how and why it is processed.Right to Rectification:
If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated.Right to Erasure (“Right to be Forgotten”):
In certain circumstances, such as when data is no longer necessary for the purposes for which it was collected, you have the right to request the deletion of your personal data from our systems.Right to Restriction of Processing:
You may request that we limit how we use your personal data while we verify its accuracy, assess an objection, or when processing is unlawful but you prefer restriction instead of deletion.Right to Data Portability:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit it directly to another data controller where technically feasible.Right to Object:
You have the right to object to our processing of your personal data when it is based on legitimate interests. We will stop processing your data unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.Right to Withdraw Consent:
Where we process your data based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, please contact us at info@bioflight.dk. We may need to verify your identity before responding to your request to protect your privacy and security.
If you are not satisfied with our response, or if you believe that your personal data has been processed in violation of applicable data protection laws, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet). You can contact Datatilsynet via their website at www.datatilsynet.dk or by mail at Carl Jacobsens Vej 35, 2500 Valby, Denmark.
Cookies and tracking technologies
Our website uses cookies and similar tracking technologies to ensure essential functionality, enhance user experience, and collect limited analytical information to understand how visitors use our website. Cookies are small text files that are stored on your device when you visit a website and are commonly used to make websites work more efficiently, as well as to provide statistical insights that help us improve their performance and usability.
Necessary cookies: Some cookies are considered strictly necessary, meaning they are essential for the website to function properly, for example, to enable basic navigation, security features, or to remember your cookie preferences. These cookies are always active and do not require user consent.
Non-necessary cookies: Other cookies, such as those used for analytics, functionality, or marketing, are considered non-essential and will only be used and placed on your device if you provide your consent.
Your cookie preferences: Consent for non-essential cookies is collected and managed through our cookie consent management platform. When you first visit our website, a cookie banner will appear explaining how cookies are used and allowing you to accept, reject, or customize your preferences. You can change or withdraw your consent at any time through the consent management platform settings on our website or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality or performance of the website.
See below the detailed cookie list automatically generated and maintained by our consent management platform:
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business operations, applicable laws, or regulatory requirements. When we make any significant or material changes, we will post a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data and your associated rights. Any changes to this Policy will take effect upon publication on our website unless otherwise stated.
Contact us
For questions or concerns about this Privacy Policy or our data processing practices, please contact info@bioflight.dk.
Scope of this Privacy Policy
This Privacy Policy applies to and we act as data controllers of your data when you:
Visit our website at www.bioflight.dk, including any subpages;
Communicate with us or place an order by email, telephone, online forms or other channels (for example, when you request information or provide feedback);
Apply for a job or submit any application materials to us (such as a CV, cover letter, or references); and
Represent or are employed by our customers, suppliers or business partners, where we process limited business contact details to manage our professional relation
This Privacy Policy does not apply to any third-party websites or services that may be linked from our website.
Categories of personal data and retention
We will process the following categories of personal data:
Category
Examples
Legal Basis
Retention
Contact Data
Name, email address, phone number, address
Consent / Performance of contract / Legitimate interest
12 months
Technical Data
IP address, browser type, device info, time zone settings
Legitimate interest / Consent (via cookies)
12 months (cookies’ retention time described below)
Applicant Data
CV, cover letter, references
Contract / Legitimate interest
Up to 6 months after process ends
We keep personal data only as long as necessary for the purposes described. After these periods, data will be securely deleted or anonymized.
Special categories of personal data: We do not collect financial data, identity data, or special category data through our service or website.
Minors’ data: Our website and services are not targeted or designed for individuals under the age of 18. We do not knowingly collect or process personal data relating to children.
Applicants and recruitment data
If you apply for a position at Bioflight, we process the personal data that you choose to provide to us, such as your name, contact details, CV, cover letter, educational background, professional experience, and any references you may include. This information is used exclusively to evaluate your qualifications, manage communication throughout the recruitment process, schedule interviews, and make decisions regarding your application.
Your personal data will be retained for up to six months after the recruitment process has concluded, unless you give explicit consent for us to keep your details longer for potential future opportunities. After this period, your data will be securely deleted or anonymized in accordance with our retention procedures.
We do not share your application data with any third parties, except where this is required by law, necessary for the recruitment process, or based on your explicit consent.
How we collect data
We collect personal data in several ways, depending on how you interact with Bioflight. The main methods are:
Directly from you: We collect personal data that you voluntarily provide to us when you contact Bioflight by email, telephone, or other communication channels. This may occur, for example, when you request information about our services, send us general inquiries, sign up for a newsletter or submit your personal details as part of a job application (such as your name, contact details, and the contents of your CV or cover letter). Any data you choose to share with us in these circumstances will be used solely for the purposes for which it was provided.
Automatically through your use of our website: When you visit www.bioflight.dk, certain technical information is collected automatically through your browser or device. This includes data such as your IP address, browser type, operating system, device information, and general location derived from your IP address. We collect this information to ensure the website functions properly, maintain its security, and improve performance.
Through cookies and similar technologies: We use cookies and comparable tracking technologies to understand how visitors use our website, to remember user preferences, and to improve functionality. For example, analytical tools help us understand aggregated usage trends without identifying individual users. Non-essential cookies are only activated if you give consent through the consent banner, which also allows you to review, manage, or withdraw your choices at any time.
From third-party service providers or partners: In limited cases, we may receive personal data indirectly from trusted third parties, such as analytics providers, email service providers, or professional recruitment platforms, when necessary to operate our business or manage our recruitment process. These third parties act as data processors on our behalf and are bound by contractual obligations to handle your data in accordance with applicable data protection laws and our instructions.
Purposes and legal bases of our processing
We process personal data only when it is necessary and lawful to do so, and always in accordance with the purposes for which the data was originally collected. The following outlines the main purposes for which we process personal data, along with the corresponding legal bases under the GDPR:
Website operation and improvement
Purpose: To operate, maintain, and improve our website, including ensuring its functionality, performance, and security, and understanding how visitors interact with it.
Legal basis: Our legitimate interest in providing a secure and user-friendly website, and, where analytics or non-essential cookies are used, your consent obtained through the cookie banner.
Communication and customer support
Purpose: To respond to inquiries, provide customer support, and communicate with individuals who contact us for information or assistance.
Legal basis: Your consent (when you choose to contact us) or our performance of contract or legitimate interest in responding to communications and providing efficient support.
Marketing and business development
Purpose: To provide information about our activities, services, or events that may be of interest, to maintain contact with existing or prospective customers, and to evaluate the effectiveness of our outreach and communication efforts.
Legal basis: This processing is based on your consent (where required) or our legitimate interest in maintaining and developing relationships with existing and potential business contacts.
Service delivery and business relationships
Purpose: To perform services, fulfill contractual obligations, and manage relationships with customers, suppliers, and business partners, including completing orders and maintaining necessary records.
Legal basis: The performance of a contract or taking steps at your request prior to entering into a contract.
Recruitment
Purpose: To manage recruitment processes, evaluate job applications, and select suitable candidates for employment.
Legal basis: Your consent and our legitimate interest in managing recruitment and taking necessary steps prior to entering into an employment contract.
Security and legal compliance
Purpose: To ensure the security of our IT systems, detect and prevent unauthorized access, and comply with legal or regulatory obligations.
Legal basis: Our legitimate interest in maintaining a secure environment and compliance with applicable legal obligations regarding data protection and information security.
Sharing and disclosure
We may share limited personal data with carefully selected third parties who provide essential operational, technical, or administrative services to us. These third parties act as data processors on our behalf and process personal data only in accordance with our written instructions and under strict confidentiality obligations.
Such processing activities may include services related to:
website hosting and maintenance,
email and cloud storage,
analytics and performance monitoring,
IT support, or
professional business administration.
All such parties are contractually bound to maintain appropriate security measures and comply with the requirements of the applicable privacy laws.
We do not sell, rent, or otherwise disclose personal data to any third party for their own commercial or marketing purposes.
Personal data will only be further disclosed outside Bioflight when required by law, in response to a valid legal request from a public authority, or when necessary to protect our legitimate rights, safety, or property.
International transfers
Bioflight stores and processes all personal data within the European Union (EU) and the European Economic Area (EEA), primarily in Denmark and through secure data centers operated by our trusted service providers. In case we transfer personal data outside the EU/EEA, such transfers will only take place where appropriate safeguards are in place to ensure an equivalent level of data protection.
These safeguards may include the use of:
EU Standard Contractual Clauses (SCCs) or, where applicable,
the EU–U.S. Data Privacy Framework (DPF).
We continuously review our data processing arrangements to maintain compliance with the GDPR and protect your personal information.
Your privacy rights
As an individual whose personal data we process, you have several rights under the privacy laws. We respect and uphold these rights and will respond to any valid request in accordance with applicable legal requirements.
Right of Access:
You have the right to request confirmation of whether we process your personal data and, if so, to receive a copy of the information we hold about you, along with details about how and why it is processed.Right to Rectification:
If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated.Right to Erasure (“Right to be Forgotten”):
In certain circumstances, such as when data is no longer necessary for the purposes for which it was collected, you have the right to request the deletion of your personal data from our systems.Right to Restriction of Processing:
You may request that we limit how we use your personal data while we verify its accuracy, assess an objection, or when processing is unlawful but you prefer restriction instead of deletion.Right to Data Portability:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit it directly to another data controller where technically feasible.Right to Object:
You have the right to object to our processing of your personal data when it is based on legitimate interests. We will stop processing your data unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.Right to Withdraw Consent:
Where we process your data based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, please contact us at info@bioflight.dk. We may need to verify your identity before responding to your request to protect your privacy and security.
If you are not satisfied with our response, or if you believe that your personal data has been processed in violation of applicable data protection laws, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet). You can contact Datatilsynet via their website at www.datatilsynet.dk or by mail at Carl Jacobsens Vej 35, 2500 Valby, Denmark.
Cookies and tracking technologies
Our website uses cookies and similar tracking technologies to ensure essential functionality, enhance user experience, and collect limited analytical information to understand how visitors use our website. Cookies are small text files that are stored on your device when you visit a website and are commonly used to make websites work more efficiently, as well as to provide statistical insights that help us improve their performance and usability.
Necessary cookies: Some cookies are considered strictly necessary, meaning they are essential for the website to function properly, for example, to enable basic navigation, security features, or to remember your cookie preferences. These cookies are always active and do not require user consent.
Non-necessary cookies: Other cookies, such as those used for analytics, functionality, or marketing, are considered non-essential and will only be used and placed on your device if you provide your consent.
Your cookie preferences: Consent for non-essential cookies is collected and managed through our cookie consent management platform. When you first visit our website, a cookie banner will appear explaining how cookies are used and allowing you to accept, reject, or customize your preferences. You can change or withdraw your consent at any time through the consent management platform settings on our website or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality or performance of the website.
See below the detailed cookie list automatically generated and maintained by our consent management platform:
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business operations, applicable laws, or regulatory requirements. When we make any significant or material changes, we will post a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data and your associated rights. Any changes to this Policy will take effect upon publication on our website unless otherwise stated.
Contact us
For questions or concerns about this Privacy Policy or our data processing practices, please contact info@bioflight.dk.
Scope of this Privacy Policy
This Privacy Policy applies to and we act as data controllers of your data when you:
Visit our website at www.bioflight.dk, including any subpages;
Communicate with us or place an order by email, telephone, online forms or other channels (for example, when you request information or provide feedback);
Apply for a job or submit any application materials to us (such as a CV, cover letter, or references); and
Represent or are employed by our customers, suppliers or business partners, where we process limited business contact details to manage our professional relation
This Privacy Policy does not apply to any third-party websites or services that may be linked from our website.
Categories of personal data and retention
We will process the following categories of personal data:
Category
Examples
Legal Basis
Retention
Contact Data
Name, email address, phone number, address
Consent / Performance of contract / Legitimate interest
12 months
Technical Data
IP address, browser type, device info, time zone settings
Legitimate interest / Consent (via cookies)
12 months (cookies’ retention time described below)
Applicant Data
CV, cover letter, references
Contract / Legitimate interest
Up to 6 months after process ends
We keep personal data only as long as necessary for the purposes described. After these periods, data will be securely deleted or anonymized.
Special categories of personal data: We do not collect financial data, identity data, or special category data through our service or website.
Minors’ data: Our website and services are not targeted or designed for individuals under the age of 18. We do not knowingly collect or process personal data relating to children.
Applicants and recruitment data
If you apply for a position at Bioflight, we process the personal data that you choose to provide to us, such as your name, contact details, CV, cover letter, educational background, professional experience, and any references you may include. This information is used exclusively to evaluate your qualifications, manage communication throughout the recruitment process, schedule interviews, and make decisions regarding your application.
Your personal data will be retained for up to six months after the recruitment process has concluded, unless you give explicit consent for us to keep your details longer for potential future opportunities. After this period, your data will be securely deleted or anonymized in accordance with our retention procedures.
We do not share your application data with any third parties, except where this is required by law, necessary for the recruitment process, or based on your explicit consent.
How we collect data
We collect personal data in several ways, depending on how you interact with Bioflight. The main methods are:
Directly from you: We collect personal data that you voluntarily provide to us when you contact Bioflight by email, telephone, or other communication channels. This may occur, for example, when you request information about our services, send us general inquiries, sign up for a newsletter or submit your personal details as part of a job application (such as your name, contact details, and the contents of your CV or cover letter). Any data you choose to share with us in these circumstances will be used solely for the purposes for which it was provided.
Automatically through your use of our website: When you visit www.bioflight.dk, certain technical information is collected automatically through your browser or device. This includes data such as your IP address, browser type, operating system, device information, and general location derived from your IP address. We collect this information to ensure the website functions properly, maintain its security, and improve performance.
Through cookies and similar technologies: We use cookies and comparable tracking technologies to understand how visitors use our website, to remember user preferences, and to improve functionality. For example, analytical tools help us understand aggregated usage trends without identifying individual users. Non-essential cookies are only activated if you give consent through the consent banner, which also allows you to review, manage, or withdraw your choices at any time.
From third-party service providers or partners: In limited cases, we may receive personal data indirectly from trusted third parties, such as analytics providers, email service providers, or professional recruitment platforms, when necessary to operate our business or manage our recruitment process. These third parties act as data processors on our behalf and are bound by contractual obligations to handle your data in accordance with applicable data protection laws and our instructions.
Purposes and legal bases of our processing
We process personal data only when it is necessary and lawful to do so, and always in accordance with the purposes for which the data was originally collected. The following outlines the main purposes for which we process personal data, along with the corresponding legal bases under the GDPR:
Website operation and improvement
Purpose: To operate, maintain, and improve our website, including ensuring its functionality, performance, and security, and understanding how visitors interact with it.
Legal basis: Our legitimate interest in providing a secure and user-friendly website, and, where analytics or non-essential cookies are used, your consent obtained through the cookie banner.
Communication and customer support
Purpose: To respond to inquiries, provide customer support, and communicate with individuals who contact us for information or assistance.
Legal basis: Your consent (when you choose to contact us) or our performance of contract or legitimate interest in responding to communications and providing efficient support.
Marketing and business development
Purpose: To provide information about our activities, services, or events that may be of interest, to maintain contact with existing or prospective customers, and to evaluate the effectiveness of our outreach and communication efforts.
Legal basis: This processing is based on your consent (where required) or our legitimate interest in maintaining and developing relationships with existing and potential business contacts.
Service delivery and business relationships
Purpose: To perform services, fulfill contractual obligations, and manage relationships with customers, suppliers, and business partners, including completing orders and maintaining necessary records.
Legal basis: The performance of a contract or taking steps at your request prior to entering into a contract.
Recruitment
Purpose: To manage recruitment processes, evaluate job applications, and select suitable candidates for employment.
Legal basis: Your consent and our legitimate interest in managing recruitment and taking necessary steps prior to entering into an employment contract.
Security and legal compliance
Purpose: To ensure the security of our IT systems, detect and prevent unauthorized access, and comply with legal or regulatory obligations.
Legal basis: Our legitimate interest in maintaining a secure environment and compliance with applicable legal obligations regarding data protection and information security.
Sharing and disclosure
We may share limited personal data with carefully selected third parties who provide essential operational, technical, or administrative services to us. These third parties act as data processors on our behalf and process personal data only in accordance with our written instructions and under strict confidentiality obligations.
Such processing activities may include services related to:
website hosting and maintenance,
email and cloud storage,
analytics and performance monitoring,
IT support, or
professional business administration.
All such parties are contractually bound to maintain appropriate security measures and comply with the requirements of the applicable privacy laws.
We do not sell, rent, or otherwise disclose personal data to any third party for their own commercial or marketing purposes.
Personal data will only be further disclosed outside Bioflight when required by law, in response to a valid legal request from a public authority, or when necessary to protect our legitimate rights, safety, or property.
International transfers
Bioflight stores and processes all personal data within the European Union (EU) and the European Economic Area (EEA), primarily in Denmark and through secure data centers operated by our trusted service providers. In case we transfer personal data outside the EU/EEA, such transfers will only take place where appropriate safeguards are in place to ensure an equivalent level of data protection.
These safeguards may include the use of:
EU Standard Contractual Clauses (SCCs) or, where applicable,
the EU–U.S. Data Privacy Framework (DPF).
We continuously review our data processing arrangements to maintain compliance with the GDPR and protect your personal information.
Your privacy rights
As an individual whose personal data we process, you have several rights under the privacy laws. We respect and uphold these rights and will respond to any valid request in accordance with applicable legal requirements.
Right of Access:
You have the right to request confirmation of whether we process your personal data and, if so, to receive a copy of the information we hold about you, along with details about how and why it is processed.Right to Rectification:
If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated.Right to Erasure (“Right to be Forgotten”):
In certain circumstances, such as when data is no longer necessary for the purposes for which it was collected, you have the right to request the deletion of your personal data from our systems.Right to Restriction of Processing:
You may request that we limit how we use your personal data while we verify its accuracy, assess an objection, or when processing is unlawful but you prefer restriction instead of deletion.Right to Data Portability:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit it directly to another data controller where technically feasible.Right to Object:
You have the right to object to our processing of your personal data when it is based on legitimate interests. We will stop processing your data unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.Right to Withdraw Consent:
Where we process your data based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, please contact us at info@bioflight.dk. We may need to verify your identity before responding to your request to protect your privacy and security.
If you are not satisfied with our response, or if you believe that your personal data has been processed in violation of applicable data protection laws, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet). You can contact Datatilsynet via their website at www.datatilsynet.dk or by mail at Carl Jacobsens Vej 35, 2500 Valby, Denmark.
Cookies and tracking technologies
Our website uses cookies and similar tracking technologies to ensure essential functionality, enhance user experience, and collect limited analytical information to understand how visitors use our website. Cookies are small text files that are stored on your device when you visit a website and are commonly used to make websites work more efficiently, as well as to provide statistical insights that help us improve their performance and usability.
Necessary cookies: Some cookies are considered strictly necessary, meaning they are essential for the website to function properly, for example, to enable basic navigation, security features, or to remember your cookie preferences. These cookies are always active and do not require user consent.
Non-necessary cookies: Other cookies, such as those used for analytics, functionality, or marketing, are considered non-essential and will only be used and placed on your device if you provide your consent.
Your cookie preferences: Consent for non-essential cookies is collected and managed through our cookie consent management platform. When you first visit our website, a cookie banner will appear explaining how cookies are used and allowing you to accept, reject, or customize your preferences. You can change or withdraw your consent at any time through the consent management platform settings on our website or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality or performance of the website.
See below the detailed cookie list automatically generated and maintained by our consent management platform:
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business operations, applicable laws, or regulatory requirements. When we make any significant or material changes, we will post a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data and your associated rights. Any changes to this Policy will take effect upon publication on our website unless otherwise stated.
Contact us
For questions or concerns about this Privacy Policy or our data processing practices, please contact info@bioflight.dk.