GDPR
How we ensure data protection
Here you can learn about our approach to handling personal data at Brunata. Commonly known as GDPR, the General Data Protection Regulation is an EU mandate that establishes the guidelines for companies’ management of personal data.
GDPR pertains to the proper handling of personal data. At Brunata, we place significant emphasis on this, as our operations primarily involve processing personal data, including information about residents’ electricity, energy, and heating consumption. It is imperative for us that our customers feel confident and secure when we manage their residents’ personal data.
Maj 2021: Brunata overgår til at være fælles dataansvarlig sammen med sine kunder. Læs kundeorientering om rolleskiftet her
Our GDPR framework encompasses three main areas: Brunata’s GDPR-related role, our agreement on shared data responsibility, and our personal data policy. You can read more about each area below.
If you have any questions regarding GDPR at Brunata, please feel free to contact our Data Protection Officer, Michael da Silva Rasmussen, via email at mida@brunata.com.
Brunata's role under GDPR
At Brunata, we are committed to handling data securely and in strict compliance with applicable laws and regulations.
When Brunata implemented GDPR in 2018, we assessed that we were a data processor for our customers, who were solely data controllers.
Since the enactment of GDPR, the interpretation and clarification of the roles of data processors versus joint data controllers have evolved, guided by Danish and European authorities. Alongside the growing interest in the data we process, this has prompted us to reassess our role under GDPR. In collaboration with legal advisers, we have concluded that as of April 2021, Brunata must assume the role of a joint data controller in accordance with GDPR Article 26. Consequently, Brunata has transitioned from being a data processor to a joint data controller with our customers concerning the data subjects (residents).
Below, you will find the data processing agreement we used until April 2021.
Additionally, you will find our latest statement on GDPR compliance (as a data processor) from December 2020.
Brunata's Agreement on Shared Data Responsibility
As joint data controllers concerning the residents, Brunata’s customers and Brunata are required to enter into an agreement on shared data responsibility. This agreement delineates the respective responsibilities of the joint data controllers to ensure compliance with GDPR obligations in relation to the data subjects (the residents).
The agreement is a prerequisite for the provision of Brunata’s services, akin to Brunata’s sales and delivery terms.
Brunata's Data Protection Policy
At Brunata, we prioritise the protection of your data. Consequently, we are committed to maintaining transparency in all aspects of data handling.