Logo

Privacy Policy

Last updated: June 2025

This privacy policy outlines how Aarhus Symposium handles personal data in compliance with the General Data Protection Regulation (GDPR) and Danish law.

Data Responsibility

Aarhus Symposium processes personal data in accordance with GDPR and Danish legislation. We only process relevant data for legitimate purposes and delete it when no longer necessary.

Contact Information

Aarhus Symposium
Att: IT Group
Fuglesangs Allé 4, 8210 Aarhus V
CVR: 33735782
mail@aarhus-symposium.org

Data Request Procedure

Data is only accessible to the relevant organizational units. Data received in error is forwarded to the correct group and deleted from the original mailbox. External sharing only happens with explicit consent and identity confirmation.

Data Breach Procedure

In case of a data breach, Aarhus Symposium will notify:

  • The Danish Data Protection Agency within 72 hours
  • Affected individuals

The report will include:

  • Description of the breach and affected data
  • Possible consequences
  • Actions taken to mitigate the breach

Danish DPA contact:
dt@datatilsynet.dk
Phone: 33 19 32 00

Types of Personal Data

  • Participant information: name, address, email, phone, field of study
  • User surveys: event evaluations (voluntary)
  • Member info: student number, AU-id
  • Applications: CVs, unsolicited applications
  • Cookies: analytics and tracking for site optimization

How We Collect Data

  • Directly via sign-up forms or email
  • Automatically via cookies, logs, and analytics tools

Purposes for Processing

  • Managing participation in events
  • Planning and executing events
  • Event follow-up and improvements
  • Targeted marketing based on interest
  • Operational communication with members
  • Recruitment (e.g., CV storage)

Processing is always based on:

  • Legitimate interests
  • Necessity for handling your participation
  • Your explicit and informed consent

Use of Legitimate Interests

We assess interests case-by-case to ensure fair processing. Examples include:

  • Event planning and execution
  • Photos from events depicting specific activities
  • Data storage for future improvements or marketing
  • Survey data for internal analysis
  • Retaining volunteer CVs for recruiting
  • Cookies for targeted ads and frequency control

Consent

Consent is usually obtained when creating a user profile. It may cover e.g. use of images on our website, social media, and promotional materials.

You can decline to give consent, or withdraw it at any time by contacting us.

Forwarding of Personal Data

We will never forward personal data to third parties without your explicit consent.

Data Storage and Deletion

  • Participant data stored for up to 3 years post-event
  • Used only internally for improving future events
  • Not shared or sold without consent
  • CVs stored until the end of the following year’s recruitment
  • All data handled according to GDPR requirements

Your Rights Under GDPR

  • Right to information
  • Right of access
  • Right to rectification
  • Right to withdraw consent
  • Right to object
  • Right to avoid automated decision-making
  • Right to erasure (the "right to be forgotten")
  • Right to data portability

You can exercise your rights by contacting us. If needed, you can file a complaint with the Danish Data Protection Agency.

Revisions to This Policy

Aarhus Symposium may update this policy periodically. The latest version will always be available on our website. Significant changes will be communicated clearly.

More about Privacy Policy and Cookies
Privacy PolicyCookie PolicyTerms of Service