Privacy Policy

RareWine Group consists of several companies, all considered data controllers for the personal data collected about applicants, employees, customers, and business partners. Below, you will find relevant contact details regarding all companies in RareWine Group: 

RWH ApS
Østre Havnepromenade 26, 5th floor,
9000 Aalborg, Denmark 
CVR: 38419455

RareWine ApS
Østre Havnepromenade 26, 5.
9000 Aalborg, Denmark
CVR: 41016221

RareWine Trading ApS
Østre Havnepromenade 26, 5.
9000 Aalborg, Denmark
CVR: 41165979

RareWine Invest ApS
Østre Havnepromenade 26, 5.
9000 Aalborg, Danmark
CVR: 37658987

Nordic Freeport ApS
Industrivej 20
9310 Vester Hassing, Denmark
CVR: 37999717

RareWine Invest Sweden Filial
MALMSKILLNADSGATAN 32
111 51 Stockholm, Sweden
Reg. no: 516412-6293

RareWine Netherlands B.V.
Weteringschans 165A
1017XD Amsterdam, Holland
Reg no: 86288539

RareWine Switzerland SA
Avenue Louis-Casaï 18
1209 Genève, Switzerland
Reg. no: CH-660.4.407.021-4

RareWine Italy S.r.l.
VIA VITTOR PISANI, 15
20124 Milano, Italy
Reg. no: 12111420969

RareWine UK Ltd
The Scalpel
18th Floor, 52 Lime Street
London, England
Reg. no: 14611750

E-mail: kbr@rarewine.dk

This website uses Google Analytics, a service for web analysis provided by Google, Inc. ('Google'). Google Analytics uses 'cookies', which are text files placed on your computer to help the website analyze how users use the website. Google may also transfer this information to a third party if required to do so by law or when such third parties process the information on Google's behalf. Google will not associate your IP address with any other data. You may reject the use of cookies by selecting the appropriate settings in your browser. However, please note that if you do this you may not be able to use the full features of this website. By using this website, you consent to processing data about you by Google in the manner and for the purposes stipulated above.

In the unlikely event that personal data provided by you is disclosed, it will be pseudonymized by means of a technical solution, reverse proxy, before disclosure via Google Analytics and will, therefore, no longer be personally identifiable.

If you use a contact form or otherwise interact with rarewine.com and rarewineinvest.com (including the domains .DK, .IT, .SE, .NL, .ES) and nordicfreeport.com, your information will be stored in our marketing automation platform and/or our CRM system. You can read more about the privacy policy of these third-party providers here:

• Hubspot

Like many other websites, we use log files. The information contained in the log files includes Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referral / exit pages, and the number of clicks to analyse trends, manage the site, track user movements around the website and gather demographic information. IP addresses and other such information are not linked to any personally identifiable information.

When attending events/visiting RareWine, images/video may be taken which may be used for marketing purposes in print and digital media as well as on RareWine's websites. We ensure that the persons depicted cannot reasonably feel violated, exposed or exploited e.g. in connection with marketing or other commercial purposes. You can object to this at any time and thus not give your consent or withdraw your previously given consent, except in ongoing promotional material or already printed material^*. Please contact tr@rarewine.dk.

RareWine has surveillance cameras at our locations. Surveillance videos are deleted 30 days after recording in accordance with applicable legislation. In the context of a case, data may be kept for a longer period.

*Please note that some search engines index images from websites. This means that even if we remove images from our website, in some cases the image can still be retrieved via a search engine.

Personal data is the personal and user-related information we request when you use various services on the website. We never collect personal data unless you provide us with that data: for example, by registering, signing up for an event, purchasing a product, signing up for newsletters, entering competitions or participating in a survey, etc. The data is chiefly information such as name, address, postal code, email, gender and age, but can also be information about interests, knowledge of the Internet etc. For certain services, such as investment, we also collect social security number and identification document, including e.g. passport, driving licence etc. This is to comply with a legal obligation, including the applicable money laundering law. The data collected is not sold to third parties.

Personal data is primarily used to complete the registration or service for which the data has been collected for. The information is also used to gain greater knowledge of you and other users of the website. This use may include surveys and analyses aimed at improving our products, services and technologies and displaying content and adverts tailored to your interests and hobbies.

If you have consented to receiving direct marketing with news and offers, etc. we may also use the data collected to target the marketing you receive via telephone, letter or electronic media.

Remember that any data you provide - including personally identifiable information - in public forums such as an online debate is not covered by this Privacy Policy and may be viewed by third parties who have nothing to do with us. We therefore recommend that you carefully consider what data you provide when using such forums.

According to the Danish Act on Processing of Personal Data, your personal data must be kept secure and confidential. We store the personal data you provide on computers with restricted access and located in controlled facilities, and our security measures are monitored on an ongoing basis to determine whether our user data is being properly handled and with continued respect for your rights as a user.

However, we cannot guarantee 100% security of data transfers via the Internet. This means there is a risk that others will unduly force entry to the data when data is sent and stored electronically. Please note that you provide your personal data at your own risk.

To the extent that personal data is processed about you, then the Danish Act on Processing of Personal Data provides you with the right to be informed about which personal data can be attributed to you. If the information or data processed about you proves to be inaccurate or misleading, you have the right to demand its correction, deletion or blockage. You may object at any time to the processing of data relating to you. You can also revoke your consent at any time. You have the option of complaining about the processing of information and data about you. Complaints are lodged with the Danish Data Protection Agency. Cf. Section 58 (1) of the Danish Act on Processing of Personal Data.

The rapid development of the Internet means that changes in our processing of personal data may be necessary. We therefore reserve the right to update and amend these guidelines for the processing of personal data. If we do, we will of course amend the date to 'last updated' on the site. In the event of significant changes, we will notify you in the form of a visible notice on our websites.

At RareWine ApS and RareWine Invest ApS, we are committed to protecting and respecting customers' personal data when they shop with RareWine. Cf. the requirements of Regulation (EU) 2016/279 of the European Parliament and Council of 27 April 2016 (referred to as the Data Protection Regulation/Personal Data Regulation. In the context of ordering a service, RareWine collects and processes the personal data in order to deliver the requested service. RareWine records information about the customer's name, address, telephone number and contact details for the recipient. We do not record sensitive personal data. We do not record sensitive personal data.

We also process your personal data to comply with a legal obligation, including to comply with the Money Laundering Act, the Personal Data Regulation, the Data Protection Act and the Accounting Act.

Relevant RareWine employees have access to data for service, delivery and billing purposes. Personal data is stored at RareWine on protected computers in locked and secured rooms. In addition, we have developed and implemented internal information security policies that provide instructions and measures to protect your personal information from destruction, loss, alteration, unauthorized disclosure, and unauthorized access or disclosure.

We have also entered into a data processing agreement with our partners.

The customer's personal data will be stored at RareWine for 5 years from the end of the financial year to which the material relates. If, for example, the agreement entered into expires in November 2017 and the fiscal year follows the calendar year, we are required by law to keep the data until no later than the end of 2022. When personal data is no longer relevant, and we are not obligated to retain it, all personal data about our customers is deleted. Because our products/services are considered a consideration purchase and thus require a long-term and ongoing dialogue, this will take place 2-5 years after the last trade/dialogue (unless the Money Laundering and Accounting Act comes into force).

Customers have the right to be informed of what personal data the company processes about them. A request for access must be addressed to the company and it need not be justified. We will respond to a request for access within 4 weeks of receiving the request.

If you can prove that the personal data we possess about you is incorrect, you can request that this data be updated or otherwise corrected. If there is a self-service system, we encourage you to update your own data through it.

If we no longer need to store or process your data for any other reason, you may request that we stop or limit the processing or (in whole or in part) delete your personal data.

A customer has the right at any time to object to the company's processing of his/her personal data. If the company receives an objection from the customer, the company will assess whether it should limit the processing of the personal data until the company has verified whether its legitimate interests prevail over the customer's interests.

A customer can always revoke his or her consent to the storage and processing of personal data from the company. RareWine will then stop the processing of the personal data for which the consent has been given and will delete it if there is no other legal basis for processing the personal data.

Whenever we deem it relevant, we will update our Personal Data Policy and we will also update it whenever we make any major change to our working procedure.

If you wish to exercise any of your rights, please email RareWine at kbr@rarewine.dk. However, the customer always has the additional right to complain to the Danish Data Protection Agency about the company's processing and storage of personal data. For the contact details of the Danish Data Protection Agency, visit www.datatilsynet.dk.

Personal Data Policy

When you apply RareWine, we process a certain amount of personal data about you. That makes us the data controller of the personal data we receive from you. Below, you can read more about our privacy policy, and if you wish to learn more, please reach out to the person responsible for data processing. 

Processing of personal data when recruiting

When you apply for a position at RareWine, the data you have provided in the context of your application is processed by our internal HR department in our Talent Manager solution.

In the recruitment process, the personal data that appears in your application, CV and other attached documents will be recorded.

Usually, this will include the following information: Name, address, date of birth, gender, phone number, email address, marital status, education, career history, driver's license information, recommendations/references, criminal record.

We apply Article 6 (1) (b) of the General Data Protection Regulation as a legal basis since this is personal data that you yourself have provided to us for the purpose of seeking employment.

In the context of job interviews, we may receive additional data about you which we store for use in the further recruitment process. We apply Article 6 (1) (b) of the General Data Protection Regulation as a legal basis since this is personal data that you yourself have given to us for the purpose of seeking employment.

The time period for storing and deleting your personal data

If you are turned down, then within 3 months we delete the data we have recorded about you. In some situations, we may wish to save your application even if you have been turned down for later recruitment purposes. If we wish to save your application, we will ask for your consent to keep your application for 6 months, after which it will be deleted.

The purpose of processing your personal data

RareWine is obliged to comply with the relevant legislation on the protection of personal data. The purpose of the collecting personal data is to assess and contact interested and qualified candidates for vacancies at RareWine.

Under the General Data Protection Regulation and the Danish Data Protection Act, you have a number of rights.

If you want to exercise your rights, please contact us.

You have the right to gain access to the data we process about you and a range of additional data (Right to See Information (Right of Access), Article 15).

You have the right to have incorrect information about yourself corrected (Right to Rectification, Article 16).

In special cases, you have the right to have data about you deleted before the time at which our normal general deletion occurs (Right to Deletion, Article 17).

Right to Restrict Processing, Article 18.

In certain cases you have the right to have the processing of your personal data restricted. If you have the right to restricted processing, going forward we may only process the information - except for retention - with your consent, or for the purpose of establishing, asserting or defending legal claims or to protect a person or important public interest (Right to Restrict Processing, Article 18).

In some cases, you have the right to object to our otherwise lawful processing of your personal data (Right to Object, Article 21).

In some cases you are entitled to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transferred from one data controller to another without hindrance (Right to Transmit Data (Data Portability), Article 20).

You can read more about your rights in the Danish Data Protection Agency's guidelines on the rights of data subjects. Visit www.datatilsynet.dk.

If you wish to exercise any of the above rights or learn more about our privacy policy, please contact RareWine's HR department at kbr@rarewine.dk.

You have the option of complaining to the Danish Data Protection Agency about our processing of your personal data. You can find the Danish Data Protection Agency's contact information on the Danish Data Protection Agency website: www.datatilsynet.dk.

When you use our newsletter on www.rarewine.com and rarewineinvest.com (including the domains .DK, .IT, .SE. .NL, .ES) and nordicfreeport.com, you consent to provide us with your contact information in the form of a name, email and telephone number. We use this data solely to contact you or carry out the requested service in relation to your inquiry. If you send us a message via email, the information you provide in the email will also be used solely to contact you in relation to your inquiry.

Please note that we store all correspondence in our IT system. We do this in order to document the correspondence that has taken place between you and RareWine. The personal data with which you have provided us in connection with the inquiry is automatically deleted after 6 months unless we have a valid reason for storing it for an extended period of time: e.g. if this results in the purchase of a service or if you still wish to receive the newsletter. If you wish to unsubscribe from newsletters or a service, this can also be done online or by sending an email to tr@rarewine.dk.

RareWine has introduced this Policy to establish and maintain a high standard of protection of the personal data we either receive from our customers and partners or in the context of staff employment.

Many people are happy to make their personal data available, but at the same time, they want to make sure that their sensitive information is taken care of. Therefore, confidentiality and data security are two fundamental considerations that we at RareWine take into account when we receive data about our customers, partners or employees, when we go about our daily tasks, when we compile statistics or when we in any other way process personal data.

This Policy has been drafted in accordance with the new EU General Data Protection Regulation with effect from 25 May 2018. The IT security Policy applies to all personal data processed at RareWine and to personal data about customers, current and former employees and job applicants.

The Policy broadly describes what categories of personal data RareWine processes for various purposes, how these are handled internally and what rights each person has in connection with the processing.

For the purposes of this Policy, 'personal data' refers to both ordinary and sensitive personal information (i.e. data for identifying a person either directly or indirectly - e.g. name, address and/or CPR no.), and health information with information about treatments.

'IT security' refers to all security measures designed to protect the physical and electronic personal data used by RareWine.

For RareWine, it is very important to protect all the personal data we receive from our customers, partners and employees/former employees. It is crucial to RareWine's reputation and credibility that we adequately protect this data.

For RareWine, it is important to ensure:

• Confidentiality - i.e. confidential processing, transmission and retention of personal data, in which only limited internal users have access, and in which users' access is limited to what is necessary.
  
  
• Integrity - a reliable and correct functionality of our IT systems that minimizes the risk of incorrect data.
  
  
• Security measures - i.e. that we use and maintain technical and organizational measures to protect the data and limit the risk of security breaches and unauthorized access.
  
  
• Legal processing - i.e. that the processing is in accordance with applicable law and in accordance with RareWine's IT Security Policy.

The purpose of this IT security policy is to:

• Establish the overall framework for IT security, taking into account RareWine's risk picture.
  
  
• Describe the delegation of responsibilities and appropriate management and control of IT security.
• Ensure that all personal data is processed in accordance with applicable law.

The structure of the IT security work

With this text, RareWine has outlined the overall framework for RareWine's IT and Information Security Policy. RareWine's employees have detailed instructions for their daily work via internal IT business procedures. RareWine has entered into data processor agreements that outline rules and checks for operations carried out by external partners.

Our IT security work is rooted in 'good IT practice' in the field of information security and is based on certain standards.

Risk management

In order to focus the efforts of the IT security work, we work on the basis of a structured approach to risk management. The result of the risk management, including the assessment of risks, must be reported periodically to RareWine's management.

Management is immediately informed of significant deviations in the current threat picture and the adjustment it results in, in relation to focus areas and checks. Ordinary deviations are collected and reported periodically by management.

Deviations

In general, the IT Security Policy and all business procedures must always be complied with. However, situations may arise in which special circumstances require a deviation from the applicable security rules. Such a deviation depends on a specific assessment and requires a specific exemption. The exemption must be approved by RareWine's chief executives and must be justified and supported by a risk assessment. The exemption is always limited in terms of a specific event and period of time.

Auditing and monitoring

It is the job of the IT security officer to ensure that at least once a year - based on the risk picture - a systematic review and assessment are conducted of whether the IT Security Policy should be updated. If necessary, the IT security officer must update the IT Security Policy and underlying business procedures and policies.

Publication

The IT Security Policy is accessible to everyone via the RareWine website and to staff via our shared drive. Similarly, business procedures are accessible to the members of staff who have a work-related need.

Risk management model and protection of data

RareWine prioritizes confidentiality and data security and aims to guarantee that those who make their personal data available can be sure that their sensitive data is well taken care of.

All the personally sensitive and confidential data that RareWine processes is processed in a legally and ethically correct manner, whether it is IT-processed or manually-processed. The data processed is assessed in a life cycle from registration, processing and storage to disposal.

RareWine works on the basis of a risk management model to provide protection from the negative consequences of IT threats. Accordingly, RareWine carries out a structured collection and assessment of potential risks and threats. These threats are periodically analyzed, and we make ongoing assessments of how to mitigate these risks and threats (mitigating actions and checks).

We have also established a contingency plan that contains precautions for how RareWine's systems can be recreated, precautions that also apply to breaches of confidentiality and breaches of integrity.

When attending events, I accept that RareWine ApS and RareWine Invest ApS may use photos and videos in which I appear, in print and digital media, including the company's website.

This includes permission to use photos/video in marketing contexts, in connection with follow-up of events or promotion of upcoming ones.

I can withdraw my consent at any time, though not in current promotional material or in material that has already been printed*. Please contact tr@rarewine.dk.

* Please note that some search engines index images from websites. This means that even if we remove images from our website, in some cases images can still be searched via a search engine.