Poison Notification

We process your personal data for the following purposes:

  •         Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

In this context, your personal information is subject to the necessary case processing, e.g. journaling in accordance with the Public Access to Information Act, just as your information is stored in accordance with the Danish Archive legislation.

Legal basis for processing personal data:

The procession is necessary to comply with § 25 (1) (2-3) in law 244 of 17/02-2022 on chemicals. Furthermore, the processing is necessary to comply with § 26 (2) (2-3) in statutory order 1075 of 24/11-2011 on classification, packaging, labelling, sale and storage of substances and mixtures.

Personal data is processed on the basis of the General Data Protection Regulation Article 6(1) (e) - exercise of public authority.

We process the following categories of personal data:

  • Name
  • Adress
  • Business Number (CVR-number)
  • Phonenumber
  • E-mail

o   We can disclose personal information to The Danish Working Environment Authority

o   The Danish Environmental Protection Agency also leaves your personal information in the care of our data processors, e.g. the Agency for Governmental IT Services.

We disclose personal information to other authorities only as part of our regulatory tasks – e.g. to grant access to documents according to the Public Access to Information Act and the Environmental Information Act.

We do not transfer your personal data to recipients outside of the EU/EEA.

The source of the personal data is you, (the registrant), once you make a poison notification.

We cannot currently specify how long we will keep your personal information. However, we can inform you that you information is often covered by the Danish Archives Act, which obliges us to store it until it must be archived or discarded in accordance with the Act. In addition, we only process your information for as long as it is necessary for the purpose of which it was collected. When we no longer have a legal or administrative purpose, the information is deleted in accordance with the Danish Environmental Protection Agency’s policy for deletion of personal information.

Under the Data Protection Regulation, you have rights in relation to our processing of your personal data.

If you want to exercise your rights, you can contact us via Public Digital Post (e-Boks).

If you do not have access to e-Boks, you can contact us via e-mail. If you contact us via e-mail (Obfuscated Email) make sure not to send sensitive personal information, confidential information or information regarding criminal offenses.

In the subject field, please indicate which right you wish to exercise. 

Right of access

You are entitled to be informed which data we process about you as well as access to said information. 

Right to rectification

You are entitled to have your personal data rectificated. 

Right to erasure

In certain cases, you are entitled to have information about you erased before the designated retention period has ended. 

Right to restriction

In certain cases, you are entitled to have the processing of your personal data restricted. If you exercise your right to have processing restricted, we may in the future only process information – apart from storage – with your consent, for the purpose of establishing, enforcing or defending legal claims, to protect a person or public interests.

Right to objection

If our processing of your personal data is based on article 6(1)(e) - public interest or exercise of public authority, you are entitled to object to our processing of your personal data of reasons that may relate to your particular situation.

Find more information about your rights as a data subject on the Danish Data Protection Agency’s website.

The Danish Environmental Protection Agency has adopted internal policies and guidelines on information security and data protection, which contain instructions and measures in order to protect your personal data against loss or altering as well as unauthorized publication or access.

The Danish Environmental Protection Agency is obliged to comply with the information security standard ISO 27001 and to implement several technical measures. Organizational and technical measures are continuously adapted based on risk assessments.

To the extent that the Danish Environmental Protection Agency uses external contractors to process personal data, these are subject to written instructions and continuous control.

In the event of a security breach which results in a high risk you for, such as a risk of identity theft, we will notify you of the security breach as soon as possible in order for you to take necessary precautions.

Updated the 22th of March 2022.

We are the data controller – how do you contact us?

The Danish Environmental Protection Agency is responsible for the processing of your personal data. You will find our contact information below.

The Danish Environmental Protection Agency
Tolderlundsvej 5
DK-5000 Odense C
CVR No.: 25798376
Phone: +45 72 54 44 66
E-mail: Obfuscated Email

Contact the Danish Environmental Protection Agency's Data Protection Officer

If you have any questions about our processing of your personal data, you are always welcome to contact our Data Protection Officer:

  • E-mail: Obfuscated Email
  • Phone: +45 93 59 70 11 (every Wednesday at 10-12 AM (CET))
  • Letter: Tolderlundsvej 5, DK-5000 Odense C, att. Data Protection Officer

Complaint to the Danish Data Protection Agency

Complaints of the Environmental Protection Agency's processing of personal data are to be lodged with The Danish Data Protection Agency. You will find the Danish Data Protection Agency's contact information on datatilsynet.dk.