Our Data Privacy Commitment

We set high standards for privacy and IT-security. Our focus is responsible handling of personal data - both to comply with mandatory legislation but also because we respect and support individuals right to protection of personal data. We process personal data in a responsible manner in accordance with privacy law and stakeholder expectations.

High Level of Internal Awareness

Our operations are supported by a cross-functional Data Privacy Team. The team consists of competences within business process management, IT and information security and legal. Also, Dustin has established a Data Privacy Ambassadors Network with representatives from all business areas and group functions. This leads to a high level of internal awareness.

Dustin’s Data Privacy Program

The purpose of the program is not only to meet regulatory requirements and reduce risk of data breaches, but also to meet customer expectations and increase value and quality of data. Our Data Privacy Program comprises, including but not limited to:

• Data Privacy Supplier Assessment routine (incl. initial vendor due diligence)
• Data Privacy Impact Assessment routine (i.e. risk assessment of the processing activity)
• Data retention and data deletion routines
• Data Processing Record
• Data Privacy training for employees
• Data Privacy by Design and Default implementation guidelines
• Data Breach routine
• Routines for complying with data subject rights e.g. right to erasure or access
• Quarterly reports from the DPO

For more information on how we process personal data, please see our Integrity Policy:

Sweden: https://www.dustin.se/service/integritetspolicy/
Denmark: https://www.dustin.dk/service/integritetspolitik/
Norway: https://www.dustin.no/service/retningslinjer-for-personvern/
Finland: https://www.dustin.fi/service/tietosuojaseloste/
The Netherlands: https://www.dustin.com/winkelen-bij-dustin/privacybeleid