Privacy policy
Version: September 2024
This privacy policy describes how Littler | Denmark (“we” / “us”) handles and protects the personal data that we process in connection with our counselling and legal assistance, visits to our website, webinars/courses, or when you enter into agreements or otherwise exchange personal data with us.
1. Data controller
Enevold Advokatfirma is responsible for the processing of your personal data. You can find our contact details below.
Enevold Advokatfirma (“Littler | Denmark”)
CVR number: 43 40 66 04
Islands Brygge 26
2300 Copenhagen S, Denmark
E-mail:
Enevold Advokatfirma operates under the name of Littler | Denmark. Littler | Denmark is part of a global collaboration with the international law firm, Littler Global.
2. Purposes of processing and categories of personal data
We respect you and your privacy and therefore, we take the protection of your personal data seriously. We process your personal data as described in this privacy policy.
We only process personal data that is adequate, relevant and limited to what is necessary for a lawful purpose. We therefore only collect and process personal data that is necessary to fulfil the lawful purpose(s). However, we may be required by law to collect and process certain personal data.
We only process the personal data which is necessary for us to provide our legal counselling and litigation services and client relationships. In some situations, we may process sensitive personal data if it is necessary to the case that we are processing. This will typically be either health information or information about trade union relationships, but it may also be other categories of sensitive personal data.
Our processing of personal data is done solely for objective and legitimate purposes. If we intend to process personal data for a purpose other than that for which the personal data was originally collected, we will inform you of this, unless the process is covered by our duty of confidentiality or is a matter of enforcing legal claims or similar. However, when personal data is anonymized so that the data subjects are no longer identified or identifiable, we may use the data for other purposes without informing you of this.
Our collection and processing of personal data is based on either a contract, consent, a legal obligation or other legitimate interests, including the establishment, defense or enforcement of a legal claim. We take measures to prevent that the personal data we process is inaccurate or misleading and we make sure to keep personal data up to date.
In some cases, we may need to collect and process personal data from third parties, such as public authorities and private parties. In such case, we will inform you and obtain your consent, unless you are already aware of the collection and processing, or your interest in being informed is overridden by public or private interests, or it is a matter of enforcing legal claims, etc.
3. Disclosure of personal data
We may need to disclose your personal data with affiliated companies under Littler Global, as well as with our business partners who work on our behalf for the purposes described in section 2.
If we use a data processor to process personal data on our behalf, we will enter into data processing agreements that regulate the data processor's processing of personal data on our behalf. The data processing agreement sets out security requirements and states that our data processor(s) may not process personal data they receive from us for purposes other than those for which the personal data was collected. We only transfer personal data for processing outside the EU and EEA if it is to a client, counterparty, court, etc.
By virtue of our function as lawyers, we are subject to a duty of confidentiality in relation to the information that comes to our knowledge in connection with the processing of your case. Thus, personal data may only be disclosed to our client(s), business partners, or other parties and participants involved in a case.
In certain cases, we are required by law to disclose your personal data, for example for tax purposes. We also disclose your personal data for registration in public authorities' databases and for use by these authorities, such as virk.dk or minretssag.dk, and for use by authorities, the courts, labor arbitration, the Danish Board of Equal Treatment or other dispute resolution bodies, or if it is otherwise required to fulfil the purpose for which we process your data.
4. Storage and deletion
We delete your personal data when it is no longer necessary for the purpose for which the personal data was collected and processed.
The retention period may therefore vary depending on the purpose in question. Personal data for case management purposes will generally be stored for 10 years, but there may be shorter or longer storage periods.
5. Security measures
We have implemented appropriate technical and organizational measures regarding confidentiality and information security which protect the personal data collected against destruction, loss, alteration, unauthorized disclosure and against unauthorized access or knowledge.
These technical and organizational measures are, among other things, implemented in our internal guidelines, which ensure that access to personal data is physically and systemically limited to those colleagues who have a work-related need to access it and who have received training and instruction in the processing of personal data. We are all required to maintain confidentiality and we are also bound by professional secrecy.
When necessary, personal data in digital form is protected by access control, personal passwords, encryption, backup systems, updated firewalls and anti-virus protection.
We also have an internal process for handling any security breaches, including notification to you as a data subject and the Danish Data Protection Agency.
6. Your rights
Under the General Data Protection Regulation, you have several rights in connection with the processing of your personal data.
If you wish to exercise your rights, please contact us at
6.1 Right of access to your own data
You have the right to know whether or not personal data concerning you is being processed, and, where this is the case, the right to access the personal data and to receive a copy. In addition, you have the right to receive information in connection with the processing.
6.2 Right to rectification
You have the right to have inaccurate personal data about you corrected or completed.
6.3 Right to erasure
You may, under certain circumstances, have the right to demand an erasure of the personal data that we process about you.
6.4 Right to restriction of processing
In certain cases, you have the right to have our processing of your personal data restricted. If it is decided that you have the right to have the processing restricted, we may going forward only process the personal data in question with your consent, for the purpose of the establishment or defense of legal claims, to protect another natural or legal person, or for reasons of important public interest. However, we may continue to store your personal data.
6.5 Right to notification
You have the right to be informed of all recipients to whom we have disclosed your personal data, unless this is impossible or excessively difficult. At the same time, we must notify the recipients concerned of any rectification, erasure or restriction of processing your personal data, unless this proves impossible or involves disproportionate effort.
6.6 Right to data portability
You have the right to receive your personal data concerning, which you have provided to us, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit those data to another controller where the processing is based on your consent or on a contract and the processing is carried out automatically. If technically feasible, you may require us to transmit the personal data directly to the other data controller.
6.7 Right to object
You have the right to object to the processing of your personal data that is carried out in the interests of society or others, and the personal data may then no longer be processed unless we can demonstrate convincing legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment or defense of legal claims. You also have the right to object at any time to the processing of your personal data for direct marketing purposes.
6.8 Right not to be subject to automated individual decision-making
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. However, this does not apply if the decision is necessary for entering, or performance of a contract to which you are a party, if the decision is based on your consent, or if the decision is based on Danish law.
6.9 Right to notification in the event of a security breach
You have the right to be notified if we have had a personal data breach that would involve a high risk to your fundamental rights and freedoms. However, if we have implemented subsequent measures that ensure that the high risk to your rights and freedoms is no longer likely to be real or if a direct notification to you requires a disproportionate effort, an individual notification to you shall not be made, but instead a public announcement or similar measure shall be made whereby you are notified in a similarly effective manner.
7. Changes to the privacy policy
We reserve the right to change this privacy policy. In case of material changes, or if required by law, we will, to the extent required and possible, ensure that you are notified of any changes.
8. Contact us
If you have any questions or disagree with the way we process your personal data or the purposes for which we process the data, you are welcome to contact us at the email address:
9. Complaint to the Danish Data Protection Agency
You can file a complaint with the Danish Data Protection Agency about the processing of your personal data. You can read more about the Danish Data Protection Agency and how to file your complaint at www.datatilsynet.dk.