• AS3
  • Data Protection Policy

AS3 Corporate Group DATA PROTECTION POLICY

Updated April 10, 2025

AS3’s Data Protection Policy
At AS3, we work with people. We assist individuals through job-related transitions based on their unique situations. Therefore, we focus greatly on protecting personal data and handle it with care.
We are committed to protecting your information in accordance with applicable data protection legislation, including GDPR.
This policy explains how AS3 and our subsidiaries in Denmark, Sweden, Finland, and Norway process personal data in connection with our services and collaborations.
We continuously update this policy, and the latest version will always be available on our website.

  1. Who does the policy apply to?
    • Customers, partners, suppliers, and job applicants.
    • Exception: Employees of AS3 and individuals receiving counseling in AS3's programs, as these individuals receive information in a different manner.
  2. Data Controller and Contact Information
    AS3 A/S (CVR number 26017297) is the data controller for the processing of personal data as described in this policy.
    If you have any questions regarding our data protection policy, you can contact us at:
    • Email: dataprotection@as3.dk
    • Mail: AS3 A/S, Hasselager Centervej 35, 8260 Viby J, Denmark. Attn: Data Protection Officer
  3. What personal data do we process?
    We process your personal data depending on our relationship with you:
    • Customers and partners: Name, contact details, job title, company, payment information, and correspondence.
    • Job applicants: Name, contact details, CV, application, photos, test results (if relevant), examination documents, and other information you choose to share.
    • Marketing: We only send marketing materials if you have actively consented. You can withdraw your consent at any time by writing to dataprotection@as3.dk
    We only process sensitive personal data when necessary and based on a lawful basis.
  4. Automatically collected information when using our websites
    When you visit our website, we automatically collect certain information to understand how the site is used and to improve your experience.
    This information includes:
    • User behavior: Time of visit, duration, and the page you came from
    • Operating system
    • Browser type
    We use this information to optimize the website based on our legitimate interest. The data is anonymized and cannot be used to directly identify you.
    Learn more about cookies and your options in our Cookie policy
  5. Purpose and Legal Basis for Processing

Purpose

Legal Basis

Fulfillment of contract (customer/supplier relationship)

GDPR Art. 6, para. 1, letter b

Communication and collaboration

GDPR Art. 6, para. 1, letter f (legitimate interest)

Job recruitment and applicant assessment

GDPR Art. 6, para. 1, letters b and f

Marketing (newsletters, events)

GDPR Art. 6, para. 1, letter a (consent)

We ensure that we only process data when necessary and based on a lawful basis.

  1. Retention of Personal Data
    We retain your personal data for as long as necessary for the purpose for which it was collected:
    • Job applicants: Information is deleted after 6 months unless you consent to a longer retention period.
    • Customer/supplier relationships: Information is retained for up to 5 years after the end of the collaboration in accordance with the Accounting Act.
    • Marketing: Information is retained until you withdraw your consent.
    We regularly review our retention periods and delete information that is no longer necessary.
  2. Your Rights
    You have the following rights:
    • Access: You can request information about what data we hold about you.
    • Rectification: You can request corrections to inaccurate or incomplete information.
    • Deletion: You can request the deletion of your information if it is no longer necessary.
    • Restriction: You can request that the processing of your data be restricted.
    • Data portability: You can request that your data be provided in a structured format.
    • Objection: You can object to the processing of your data, e.g., for direct marketing.
    Contact us if you wish to exercise your rights. We will respond to your request as quickly as possible – and no later than within one month.
  3. Disclosure and Transfer of Information
    We only share your personal data with third parties when necessary and based on a lawful basis.

Ensuring Data Protection with Third-Party Providers
We have data processing agreements with all our suppliers and ensure that they comply with GDPR. Additionally, we conduct regular risk assessments to protect your data.

Transfer of Data Outside the EU/EEA
As a rule, we do not transfer data outside the EU/EEA. If we use cloud solutions with servers outside the EU, we ensure protection through standard contracts or other approved security measures.

  1. IT and Data Security
    We protect your personal data against loss, misuse, unauthorized access, alteration, and disclosure through a range of technical and organizational security measures.
    This includes:
    • Access control – only relevant employees have access.
    • Two-factor authentication – extra security for login.
    • Continuous monitoring and risk assessments – to identify and address security threats.
    All employees who handle personal data undergo regular GDPR training and are responsible for following AS3’s internal security procedures.
  2. Complaints
    If you believe that we are violating GDPR, you can file a complaint with the relevant national data protection authority:
  1. Changes to this Policy
    We regularly update this policy, and the latest version will always be available on our website. We will inform you of significant changes on the website.