The Carlsberg group understands that the security of your personal data is extremely important and it is committed to respecting your privacy and safeguarding your personal data.
This privacy policy sets out how Carlsberg Breweries A/S (Carlsberg, we, us, our) uses your personal data and the measures it has put in place to protect your information and keep it secure.
This privacy policy applies to you if you purchase goods from us, receive services from us, participate in our events or promotions or otherwise interact with us, including by using any of our websites or by interacting with us via social media.
Please take a moment to review this policy in detail (together with our cookies policy and terms of use, and any other documents referred to in them, if you are using one of our websites). If you are an existing customer of ours, further details about how we use your personal data may be set out in your contract with us. Further notices highlighting certain uses we wish to make of your personal data together with the ability to opt in or out of selected uses may also be provided when we collect personal data from you. This privacy policy explains our privacy practices and covers the following areas:
We will collect and process some or all of the following personal data about you:
Information about you your name, address, email address, phone number, social media handle, gender, date of birth or photograph, or details of your employer and your position.
We collect much of the personal data that we hold about you directly from you or your interactions with us, our websites or social media sites. We may also receive your personal data from other sources, including business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, anti-fraud databases and other third party databases, including sanctions lists, and business information and research tools.
Under data protection law, certain categories of personal data are considered particularly sensitive and, therefore, as needing additional protection. These categories include information about health, racial or ethnic origin, political opinions, religious beliefs, trade union membership or your sexual orientation, and genetic and biometric data. Information concerning criminal convictions and offences is also viewed as sensitive under European data protection law.
In limited circumstances, we will collect and handle such sensitive personal data, for example, when we handle requests for special medical or access assistance or your specific dietary requirements in connection with your attendance at an event, which may indicate your religious beliefs, e.g. halal or kosher meal selections, or where we undertake certain background checks on you, which may disclose information about previous criminal convictions. We handle this sensitive personal data in compliance with applicable data protection laws, including as described further in the “What we do with your personal data” section below.
Under European data protection laws (European Data Protection Laws) we must establish and inform you of a legal basis or “ground” for our use of your personal data. For each use mentioned below we note the purpose for which we use and disclose it, and the ground we rely on as the basis for our use. An explanation of each of the grounds can be found further in this document.
Depending on how you interact with Carlsberg, we will use your personal data for the following purposes:
If you have any questions about the legal bases we rely on, please contact us using the details set out in the “Contact” section below.
In addition to the third parties mentioned above, we may also disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, who may use it in connection with any of the purposes set out above. We will also share your personal data with third party service providers (such as providers of marketing, IT or administrative services) who may process it on our behalf for any of the purposes set out above.
We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in a particular location). We may make use of the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience.
Our websites use cookies to distinguish you from other users. They help us to provide you with a good experience when you browse our websites and ensure that the content is relevant to you. To find out more about how we use cookies, please visit our Cookies Policy.
We offer chat rooms, message or bulletin boards, or interactive areas where visitors may post comments or information for our visitors' enjoyment. If you participate in a chat room, bulletin or message board, or other interactive area where personal data may be posted on our websites, in addition to reading this privacy policy be sure to check our chat room rules before entering, as you will be bound by them. As you know, anything you post online is available for the world to see. We make no representations and undertake no obligations as to information you voluntarily post.
The data that we collect from you may be transferred to, and stored at, a destination in Europe. It may also be processed by staff operating inside Europe who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services.
The personal data that we hold about you will not be kept for longer than is permitted by law and will only be kept for as long as necessary to provide you with any requested products, services or information, or for any other purpose set out under the heading “What do we do with the information” above. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data.
Where we transfer personal data from inside the European Economic Area (the EEA) to outside the EEA, we may be required to take specific additional measures to safeguard the relevant personal data. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and, therefore, no additional safeguards are required to export personal data to these jurisdictions. In countries that have not had these approvals, we will use appropriate safeguards to protect any personal data from being transferred, such as EU Commission-approved model contractual clauses or binding corporate rules permitted by applicable legal requirements. Please contact us using the details set out in the “Contact” section below if you would like to see a copy of the specific safeguards applied to the export of your personal data.
We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this privacy policy.
All information you provide to us is stored on our secure servers.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our websites - any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Our websites and social media fan pages may, from time to time, contain links to and from the websites of our partner networks, affiliates and other third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you or collect your consent (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data or clicking unsubscribe at the bottom of the emails we send to you for marketing purposes. You can also exercise the right at any time by submitting the form found on this page [https://carlsberggroup.com/privacy-policy/data-subject-requests/].
We will use reasonable endeavours to ensure that your personal data is accurate. In order to assist us with this, you should notify us of any changes to the personal data that you have provided to us by contacting us using the details set out in the “Contact” section below.
If you are based in the EEA during your interactions with us, under certain conditions, you may have the right to require us to:
In addition, under certain conditions, you have the right to:
These rights are subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege), and may not all be available in the country in which you are based.
If you have the right to do so, you can exercise these rights by submitting the form found on this page [https://carlsberggroup.com/privacy-policy/data-subject-requests/].
If you are not satisfied with our use of your personal information or our response to any exercise of these rights you have the right to complain to [email protected].
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to [email protected].
Any changes we may make to this privacy policy will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to this privacy policy.
This privacy policy was last updated in May 2018.
[Legal bases [accessible through link]]
These are the principal legal grounds that justify our use of your personal data:
Consent: where you have consented to our use of your information (you will have been presented with a consent form in relation to any such use [and may withdraw your consent by the means stated in this privacy policy OR [insert means to withdraw consent]]).
Contract performance: where your information is necessary to enter into or perform our contract with you.
Legal obligation: where we need to use your information to comply with our legal obligations.
Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
These are the principal legal bases that we typically use to justify our use of Special Categories of your Personal Data and Criminal Convictions Data:
Legal claims: where your information is necessary for us to establish, defend, prosecute or make a claim against you, us or a third party.
In the substantial public interest: processing is necessary for reasons of substantial public interest, on the basis of EU or local law.
Explicit consent: you have given your explicit consent to the processing of the personal data for one or more specified purposes. You are free to withdraw your consent by contacting us as set out in the “Contact” section of the above notice. If you do so, we may be unable to provide our products or services that require the use of such data.