What is data protection?

Everyone has the right to the protection of his or her personal data, and anyone who processes personal data of others in a non-private context is obliged to observe these rights and to protect the personal data. These rights and obligations are collectively referred to as "data protection".

Any processing of personal data of others, which does not take place in a purely private context, shall be carried out in accordance with the data protection rules.

Personal data is all information relating to an identified or identifiable natural person. You can read more about the definition and categorization of personal data under the heading “What is personal data?”.

The person whose personal data is processed is usually referred to as ‘the data subject’, whereas the person who processes personal data about others is the ‘data controller’ or ‘processor’, depending on the role he/she has in the processing. You can read more about when you process personal data and when you are a data controller or processor under the heading “When do you process personal data?”.

The data subject has a number of rights against the controller. The rights aim to make it transparent to the data subject, when data about him or her is processed and what data is being processed. In addition, the rights give the data subject control over his or her own personal data. You can read more about the data subject’s rights under the heading “What are your rights?”.

The controller must ensure that the processing of personal data complies with a number of basic principles and that there must be a legal basis for processing the data. You can read more about this under the heading “When can you process personal data?”. You can read more about the other obligations of the controller under the heading “What are your obligations?”.

The data protection rules also require the controller to make a number of more general assessments and considerations in relation to the protection of the data processed. Under the heading "How do you protect personal data?" you will find a description of some of the considerations that the controller can or should make in relation hereto.  

When you, as a data subject, question the processing of information about you, or you invoke your rights against the controller, the controller must respond to the request. If the controller does not do so – or if you are not satisfied with the controller’s response, you can contact the Danish Data Protection Agency who can provide you with further guidance on your rights, including your opportunities to complain.

You can read more about this under the heading "File a complaint".