Version 2.0. of August 25, 2023

1. Introduction

This privacy notice provides information on how Horten Advokatpartnerselskab ("Horten" and "we") processes personal data about debtors ("you") in the debt collection process.

We are required to provide this information under Articles 13, 14 and 21 of the General Data Protection Regulation (EU Regulation no. 2016/679 of 27 April 2016) (the “GDPR”). In this privacy notice, we also refer to the Danish Data Protection Act (Act no. 502 of 23 May 2018) (The DPA).

In the following, we will inform you about the purposes and legal bases for our processing of personal data, the sources of the data, the recipients of the data, the retention periods and your rights under the GDPR.

You are welcome to contact Horten’s HR department at or by phone +45 33 34 40 00 (the reception) if you have any questions or wish to exercise your rights.

2. Data controller

Horten is the data controller for the processing of personal data that we collect and receive about you in the recruitment process.

2.1 Our legal information is as follows:

Horten Advokatpartnerselskab
CVR no. 33775229
Philip Heymans Allé 7
DK-2900 Hellerup

We also have offices at Frederiks Plads 36, DK-8000 Aarhus C, and at Godsbanevej 1B, DK-7400 Herning, under the same CVR/TIN number.

3. Closed-circuit television (cctv)

If you visit Horten’s offices, you are hereby informed that we monitor entrances and parking basements through CCTV as part of our security measures and for prevention and detection of crime. We do this processing based on our legitimate interest in securing our buildings and information (Article 6(1)(f) of the GDPR). CCTV surveillance is carried out in accordance with the Danish Television Surveillance Act.

We will pass on CCTV images to the police, if there is an incident that requires this.

4. Processing of personal data related to recruitment

4.1 On whom does Horten process personal data?

When you apply for a position at Horten, we process data about you as a job applicant. We also process data about the persons you mention in your application regarding e.g. references and contact persons.

4.2 What are the purposes of the processing?

We process your personal data for the following purposes:

  • Review of your job application and other documents
  • Assessment of your professional and personal qualifications regarding the position you apply for
  • Personality profile and test
  • Planning and execution of job interviews
  • Collection of references from previous employers
  • Criminal record check when relevant for the position you apply for
  • Protection against possible legal claims

4.3 What kind of personal data does Horten process and where does Horten collect the data?

We process personal data about your name, address, email address, telephone number, date of birth, job application, education, CV, photo on resume, contact information on and statements from references, diplomas and grades as well as other information included in your application and other submitted documents (e.g. civil status and recreational interests).

If a personality test or a skills assessment is included in the process, it will be sent to you, and we will process the result. If you are invited for a job interview, we keep notes from the interview. Depending on the specific position, you may be asked to provide a copy of your criminal record.

We mainly collect personal data directly from you as an applicant and from tests and the profile which you complete.

We also collect relevant available information from the internet, including from social media, on e.g. skills, activities and overall presentation as well as information from previous employers etc.

We collect only information that is necessary to determine your qualifications and suitability for the position.

We kindly ask that you do not include sensitive personal data in your application such as personal data revealing racial or ethnic origin, religion, trade union membership, sexual orientation or health information.

We also kindly ask you to cross out your social security number on e.g. diplomas, as we do not need to process your social security number in the application process.

4.4 What are the legal bases for Horten's processing?

When we collect personal data directly from you, you provide us with the personal data voluntarily. The consequence of not providing us with the personal data described below is that we cannot assess you for the position you are applying for at Horten. We process this data on the basis of Article 6(1)(f) of the GDPR, cf. section 6(1) of the DBL.

The legal basis for processing personal data about you as a candidate is to prepare for the conclusion of a possible employment contract on your request, cf. Article 6(1)(b) of the GDPR.

As part of the recruitment process and when relevant to the specific position, we collect references from your previous employers. We do this on the basis of article 6(1)(f) of the GDPR, cf. DBL section 6(1). Horten has a legitimate interest in assessing and verifying the information you have provided in the recruitment process and in examining whether your profile is the right match for the position and team in question. The collection of references happens in cooperation with you, and you will thus be notified.

We base our processing and collection of personal data in connection with personality profiling and testing on our legitimate interest in evaluating your professional and personal qualifications and attributes in the recruitment process (Article 6(1)(f) of the GDPR, cf. DBL § 6(1)).

In some cases, during the recruitment process, we ask you to provide and forward a copy of your criminal record. This processing applies in relation to positions that potentially can be exploited for money laundering or terrorist financing, including complicity in such activities. In such cases, we process the personal data based on section 8 of the Danish Anti-Money Laundering Act. In other cases, it may be relevant for us if your potential criminal history for other reasons is deemed to have a bearing on your eligibility for a specific position. In such cases, we process your personal data on the basis of section 8(3)(2) of the DBL, cf. article 10 of the GDPR.

Based on your consent, we store your application in our candidate database for up to 12 months for the purpose of potential future employment (Article 6(1)(a) of the GDPR, cf. DBL § 6(1)). You may at any time withdraw your consent. Withdrawal of your consent does not affect the lawfulness of the processing based on the consent prior to the withdrawal.

4.5 Does Horten disclose the personal data to others?

Horten does generally not disclose personal data about you to others in the recruitment process, however, this may happen if a recruitment company assists us with the recruitment process.

Furthermore, we disclose personal data to our data processors, who process personal data on our behalf and based on our instructions, for example providers of tests, IT systems, backup and support.

4.6 For how long will Horten retain the personal data?

We retain your personal data for as long as the information is necessary for the purposes for which they are being processed. We delete copies of criminal records.

If we cannot offer you a position, we retain your application and other personal data collected in the recruitment process for a period of no longer than six months after the job listing has been made inactive, unless you consent to a longer retention period. The purpose of the retention is to document a correct recruitment process.

If you become employed with us, we retain your application and other personal data from the recruitment process digitally on your employee profile in accordance with Horten's privacy policy for employees, which we will share with you upon employment.

4.7 Does Horten transfer the personal data to third countries?

In some situations, we transfer personal data to countries outside the EU/EEA. In such cases, the transfer is based on the European Commission's standard contractual clauses on data transfers to third countries (SCC). You can contact us if you, as a data subject, wish to receive a copy thereof.

4.8 What are your rights as a data subject?

Below, we have listed the rights under the data protection rules, but please note that there are conditions attached to the use of some of them, and there are exemptions to them under the GDPR, DBL and other legislation, e.g. anti-money laundering legislation.

If our processing is based on your consent, you may at any time withdraw your consent. Withdrawal of your consent does not affect the lawfulness of the processing based on the consent before the withdrawal.

You have the right to access the data that we process about you, receive a copy of the data and supplementary information.

You have the right to have inaccurate personal data about you rectified or completed, if it is incomplete.

In special cases, you have the right to have personal data about you erased, before erasure for the processing generally takes place.

In certain situations, you have the right to obtain restriction of processing of your personal data. If the data processing is restricted, we may process your personal data in the future – except for storage – only with your consent or for the establishment, exercise or defence of legal claims or for the protection of another person (natural or legal) or important public interests.

In certain cases, you have the right to receive personal data about you in a structured, commonly used and machine-readable format and to have the data transmitted from one controller to another without hindrance.

Right to object: You have the right to object to the processing, when our processing is based on Article 6(1)(f) of the GDPR, unless the processing of the personal data is necessary for the establishment, exercise or defence of legal claims. You also have the right to object to processing for direct marketing purposes.

We retain evidence that we have granted or denied your request to exercise your rights under the GDPR for five years.

You can read more about your rights in the Danish Data Protection Agency’s guidelines about data subjects' rights, which can be found at

4.9. Complaints to the Data Protection Agency

You have the right to submit a complaint to the Data Protection Agency about our processing of your personal data. For more information, please visit the website of the Danish Data Protection Agency:

If you have any questions about the processing of your personal data or the exercise of your rights, you are welcome to contact us using the contact details in section 1.