Data Responsibility and Confidentiality Policy
Protection of customers’ confidential information and personal data
Processing of confidential information
Information shared with Human House by customers is often business-critical and covered by the rules set out in the trade secrets act. Furthermore, Human House employees are subject to additional confidentiality obligations under legislation, including the psychologists act, the health act, etc.
Human House always processes costumers’ confidential information securely in connection with project execution and in accordance with good business practices. We have therefore implemented strict frameworks for the handling and protection of information, effectively safeguarding against leaks and unauthorized access. Data is processed solely within a controlled operating environment, based on recognized solutions from trusted providers such as Microsoft, where all activities and tools are subject to high standards for security and confidentiality.
This allows customers, partners, and employees to have complete confidence that their information and trade secrets are processed securely and responsibly.
Processing of personal information
At Human House, we take data security and the processing of personal information seriously. We always ensure appropriate measures are in place and always comply with the General Data Protection Regulation (GPDR) when handling personal information as part of our services.
Independent Data Controller
Depending on the assignment agreed with the customer, different processing activities will be carried out. Human House acts as an independent data controller in assignments where:
- The customer shares personal data with Human House for the fulfillment of a contract, where the data subjects are a party to the contract (GPDR, art. 6(1)(b)).
- Human House collects personal data from the data subjects for compliance with specific legal requirements (GPDR, art. 6(1)(c), 9(2)(a), and 9(2)(b)).
- Human House discloses personal data to the employer on the basis of legal grounds for disclosure (GDPR, art. 6(1)(a)).
Data Processor
Human House acts as a data processor in assignments where, based on a project service agreement and data processing agreement, the customer instructs Human House to collect personal data from, e.g. employees and to disclose the personal data to the employer, colleagues, etc. (GDPR, art. 6(1)(b)).
Data Processing Agreement (DPA)
Download our current data processing agreement for the relevant service area here:
Data processing agreements are based on the official templates from the Danish Data Protection Agency, adapted to the processes in the specific service area.
Should you request changes, such a request will need to be assessed both commercially and legally by our consultants and potentially by our suppliers. This assessment will be performed at the applicable hourly rates.
Any questions?
