General about Data registration:
For AG Sundhedsfremme (AGS) it is very important that our clients, ie the customer company employees who come to us for health checks, can safely leave their personal health data to us, and can rely on us to treat them in accordance with applicable law and the client’s interests in general.
AGS thus undertakes to comply with the requirements of EU Personal Data Regulation 2016/679, and as a Data Controller in relation to the individual client, it is our policy to store and protect the client’s personal health data as long as the client’s employer can be considered a customer of AGS or what in otherwise required by applicable laws.
What is the purpose?
The purpose of recording the client’s personal data and health data is to be able to retrieve and present the client for his / her historical data in a later examination, for the benefit of the health professional advisory, as well as to provide a good and clear documentation of the measured results and recommendations made.
Your health data may be included in a unified and anonymized (ie, decoupled from your personal data) statistical reporting to the company. In this reporting, AGS’ statistical analysis of the company’s data ensures that no individual clients can be identified in the compiled material.
This data will also be included in the AGS general annual average.
What data do we collect?
The recorded data will depend a lot on what examination you are having. In general, we register your name and birthday, and if the company includes on-line booking in the project, we also register your E-mail address and potentially your mobile number. Only for vaccinations and Lead blood test will we register your danish CPR number.
Depending on which examination you are having, we record and calculate common health data such as height, weight, fat%, cholesterol, blood pressure, blood percentage, blood sugar, blood lead content, conditional, lung function, hearing and any hearing damage, vaccinations, BodyAge, and a series of questionnaire responses on health-relevant behaviors (diet, smoking, alcohol, exercise, well-being, etc.). We also record the advices you receive from us, any recommendations on e.g. to visit your doctor or other health care assistance.
Upon arrival at a health check, you will be offered to give us written consent to record your data. The consent is voluntary, and if you consent, we will record your data accordingly.
If you do not give us consent, we can still carry out the investigation (except for Vaccination, vision test and lead blood test and if the study is subject to a statutory offer) – then you will just get a handwritten report with your data. You are then responsible for keeping your own data. Your employer does not have access to the information about your consent.
You can always choose to withdraw your consent, have your data corrected, disclosed and / or have data deleted – unless they are resulting from a statutory examination. You do this by writing ANTR@AGSundhed.dk. Then your request will be executed within 30 days.
Who do we share your data with?
Only the registration list with any contact information is shared with your company.
Your health data is not shared with the company or external organizations unless you have given us written permission – except on written request from Danish authorities (typically from the Danish Working Environment Authority), where we have to provide relevant data in connection with, for example, processing a work injury case that you have filed.
How and for how long do we keep your data?
By principle, AGS regards itself as data-responsible in relation to the client – through the written consent. On rare occasions, customer companies want a Data Processor agreement whereby they take over the data responsibility and AGS simply becomes a data processor. If such an agreement is signed with AGS, it will always contain a clause that individual health data cannot be disclosed to the company.
Your personal health data is stored according to the following principles:
- Client data is kept for 3 years from the most recent examination with the employer concerned, unless otherwise agreed with the company on behalf of their employees (our clients), except for examinations covered by the Danish Working Environment Authority’s Executive Order No. 1165 of 16 December 1992 on Occupational Medical examinations, where the storage requirement is 40 years,
- Personal or health data are not stored in third countries, ie countries outside the EU.
- Data is stored in a Database in a password protected and encrypted Cloud based service with daily backup.
How can I get more information?
For further information, you are always welcome to contact AGS’ Personal Data Protection officer at PT@AGSundhed.dk.
For simple administrative inquiries, we do not charge any fees.
If you wish to complain about our processing of your data, this is done to The Danish Data Protection Agency.