2015_børn_forrude_3.jpg

GDPR

Processing of personal data when using the metro

Metroselskabet I/S owns the metro, and Metro Service A/S is responsible for operations and customer service for the metro on behalf of Metroselskabet I/S.

 

If you want more information about how your personal data is processed when you use the metro, you can read The Metro's personal data policy. You can find it here:
https://dinoffentligetransport.dk/en/customer-service/contact/contact-us-regarding-metro/gdpr/

All questions regarding the processing of personal information in relation to use of the metro, whether that be tickets, fines, lost and found items, ticket control and the like, must likewise be asked via the general customer service form here: https://dinoffentligetransport.dk/en/customer-service/contact/contact-us-regarding-metro/

Metro Service A/S is responsible for all other inquiries, for example about personal information in relation to job application etc. Metro Service processes these in accordance with the personal data policy below.

 

Personal Data Policy for Metro Service A/S

 

Metro Service A/S is data responsible for the processing of personal information, which is not related to operations and customer service in the metro. In the following you can read more about our processing as well as your rights in correlation to this.

 

Metro Service respects the right to your privacy and your personal integrity. It is important to us that you feel secure when we process your personal information. With our personal data policy, we wish to inform you that we process your personal information according to current legislation.

 

Data Responsible

Metro Service A/S is an independent company. Due to this, there is a number of personal information, which we are data responsible for. Metro Service A/S’s information is:

Metro Service A/S (“Metro Service”, “us”, “we”)
Metrovej 3
2300 Copenhagen S
CVR-nr: 21263834
Phone: +45 7015 1615
www: https://metroservice.dk

If you have any questions regarding Metro Service A/S’s processing of your personal information, you can send your inquiry via this form https://dinoffentligetransport.dk/en/customer-service/contact/contact-us-regarding-metro/general-inquiries/

Metro Service A/S’s Data Protection Officer (DPO)

Metro Service has appointed a Data Protection Officer (DPO). If you have any general questions in relation to the handling of your personal information cf. the personal data legislation, you can contact Metro Service A/S’s DPO. The Data Protection Officer cannot process cases, but can answer legal questions with regard to your rights and more. Inquiries sent to the Data Protection Officer will be handled confidentially by them. You can contact the Data Protection Officer via e-mail dpo@metroservice.dk or via letter to the address above marked “DPO”.

Please note, if you send an e-mail this should not contain confidential or sensitive information, as it cannot be guaranteed that the connection is encrypted.

Responsibility and Security

At Metro Service A/S we value the protection of your personal information, so you can feel safe with our processing. It is important to us that your personal information is stored safely and confidentially.
We have procedures for gathering, storing, deleting, updating and transferring personal information, in order to comply with current legislation.

Metro Service A/S processes your personal information for the following purposes

Your personal information can be processed by Metro Service A/S in different contexts. In the following the primary purposes are explained.

TV-surveillance

There are surveillance cameras in both the metro trains and on the stations to ensure a safe journey for our passengers and a secure working environment for our employees, as well as in consideration of railway security and for crime prevention purposes. The footage from these is only used or viewed if we receive inquiries from the police, or if it is necessary to support our internal work with railway security, to render a verdict in insurance cases or when a review of this is warranted according to our internal policies.

Purpose:
To ensure a safe journey for our passengers and a secure working environment for our employees, as well as in consideration of railway security and for crime prevention purposes.

Basis for processing:
We are subject to a number of legal requirements about implementation of security measures in the metro and on the stations. This information is processed in accordance with the Personal Data Regulation’s article 6.1.c, as the processing of personal information is necessary to fulfil our security obligations.

Receivers:
We can share your personal information with:
- The police
- Insurance companies
- Other authorities, for example the Accident Investigation Board

Storing:
Footage from TV-surveillance is stored between 14 and 30 days, after which it is automatically deleted. In special instances and in connection with a specific case, this information can be stored for a longer period.

Special regarding insight:
After the Data Protection Regulation’s chapter III, the registered’s rights can be limited following the Data Protection Regulation’s article 12.5 and article 23.1, litra c. and d. As a starting point, you do not have the right to gain access into tv-footage, which is due to the consideration of public security, as well as prevention, investigation, exposure or prosecution of punishable offences or enforcement of criminal sanctions, including the protection against and prevention of threats against public security.

Guided tours or permits for commercial activities

If you wish to go on a guided tour of the metro’s area, including the workshop, or if you wish to apply for a permit for commercial purposes on the metro’s area, you will first need to apply for this.

Purpose:
To ensure that such activities take place without disturbing operations and the maintenance of the trains, control who participates in guided tours, and keep track of commercial permits.

Basis for processing:
Our legal basis for processing is:
- The Data Protection Regulation’s article 6.1.b
- The Data Protection Regulation’s article 6.1.f

Receivers:
As a starting point, the personal information is not passed on.

Storing:
Information about participants in the guided tours and agreements about commercial activities are saved for up to 3 years.

Accidents, assault or insurance cases

Passengers in the metro can be unfortunate and experience accidents or be subjected to assault or violence. This can lead to insurance cases or cases, which are reported to the police or to the Accident Investigation Board.

Purpose:
To help authorities and insurance companies solve and document incidents in the metro and on the metro’s area.

Basis for processing:
Our legal basis for processing is:
- The Data Protection Regulation’s article 6.1.a
- The Data Protection Regulation’s article 6.1.c
- The Data Protection Regulation’s article 6.1.f

Receivers:
We can share your personal information with:
- The police
- Insurance companies
- Other authorities, for example the Accident Investigation Board

Storing:
Personal information in these cases will usually be deleted 6 months after the authority’s or insurance company’s inquiry, unless we receive orders to store it for a longer period.

Applications

If you apply for a job at Metro Service A/S we will process your personal information in relation to the recruitment process.

Purpose:
To review and select suitable applicants for a job at Metro Service A/S.

Basis for processing:
Our legal basis for processing is:
- The Data Protection Regulation’s article 6.1.b
- The Data Protection Regulation’s article 6.1.f

Receivers:
We can share your personal information with:
- As a starting point your information will not be shared outside of Metro Service A/S

Storing:
All personal information sent and collected in relation to the recruitment process is stored for 6 months after the specific position has been filled. Unsolicited applications are stored for 6 months after they are received.

The rights of the registered

In accordance with the Data Protection Regulation each person has a number of rights in relation to the processing of their personal information. These rights are specified below.

If you wish to assert one of your rights, for example by applying for insight into which personal data is processed, you can inquire here:
https://dinoffentligetransport.dk/en/customer-service/contact/contact-us-regarding-metro/general-inquiries/

Please note that in certain cases we might need to ask for further information to be able to verify the identity of the person contacting us. This is due to the fact that we need to ensure that we do not give personal information to anyone but the person in question or someone who has a power of attorney from that person.

If you inquire as a job applicant, you assert your rights by contacting Metro Service at HR@metroservice.dk.

The right to insight:
You have the right to ask for insight into the personal information we process. If we process personal information, we provide information about these, as well as the purpose and legal authority.

The right to object:
You have the right to object, if you disagree with our processing of personal information. Whether an objection is complied with is assessed specifically for the individual case.

The right to ask for limitation:
You have the right to ask that we limit the processing. If we process personal information, you can in certain cases ask to have the processing limited, if you do not wish for all the registered data to be included in the processing.

The right to ask for deletion:
You have the right to ask to be deleted. This right is not final, as certain data cannot be deleted due to other legislation, or if agreement and purpose gives us the right to store the personal data.

The right to ask for correction:
If the personal information we are processing is incorrect, you have the right to have these updated with the correct information.

The right to data portability:
In certain cases you have the right to have your personal information handed out in a machine readable format. Please note that this is solely for the personal information, you have given to us yourself.

The right to withdraw consent:
If the processing of personal information is based on consent, then this can be withdrawn at any time, after which the processing will cease. Your withdrawal of the consent does not affect the legality of the processing we have done, until the time of your withdrawal.

The right to complain:
If you are not satisfied with our processing of your personal information, you are encouraged to contact us. See our contact information above.

You also have the right to make a complaint to the Danish Data Protection Agency, which supervises compliance with personal data legislation. See how you contact the Danish Data Protection Agency at www.datatilsynet.dk.

Updating this personal data policy

This personal data policy is version 1.1. and is valid from 30. August 2021.