Data policy

This is the company’s general data policy, i.e. the general position towards data ethics and how the company specifically works with data ethics.

 

Management Report Data Ethics

At Zizzi, we actively work with our customers’ and employees’ data. There are several different purposes for the use of this data. Employee data is used in principle in order to be able to run the company, with the focus directed toward master data information.

Customer data is used in many different contexts. First and foremost, we work with customer data in order to operate and comply with the current legislation. In general, customer data is used to provide excellent customer service, i.e. we store basic, behavioural and commercial data about our customers so that we can provide the service expected. Additionally, we work with both human and machine-based data for analytical purposes, so as to be relevant to our customers.

Zizzi has therefore developed a group data policy, which describes each individual policy and elaborates on it, thereby clarifying how it will be used practically within the organization.

The policy is reviewed in connection to the preparation of the consolidated financial statements and/or if, during the year, additional policies or practices are needed.

 

Policy

●        Zizzi protects customers’ and employees’ private and personal data.

●        Zizzi complies with the legislation regarding data ethics.

●        Zizzi strives to develop a ‘positive mistake culture’ among employees, where openness surrounding mistakes and problems leads to improvements.

●        Zizzi prioritises openness and transparency about the ongoing challenges of handling personal data so that companies, organisations and authorities can learn from each other’s experiences.

●        Employees who access customers’ personal data are informed about confidentiality and privacy and have the necessary knowledge as to how personal data should be handled.

●        Zizzi does not sell on customer data, confidential data or sensitive personal data.

●        Zizzi only provides customer data to authorities if there is an obligation to do so in accordance with the law or court or regulatory decisions. National security and emergency situations are exceptions.

●        Machine learning, artificial intelligence and the use of algorithms will be used to serve Zizzi’s customers for the better, not the worse.

Detailed explanations of the individual policies follow below:

1) Zizzi protects customers’ and employees’ private and personal data.

●        In situations where privacy must be weighed against other reasonable and important considerations, privacy is to be given the highest priority.

●        All new business initiatives with significant implications for privacy and the handling of personal data must be approved by Zizzi’s management, who will evaluate these according to the company’s legal, financial and data ethical responsibilities.

●        Zizzi protects the security of personal data processing and ensures that these data are not kept for periods of time exceeding that which is necessary for the purposes for which the personal data in question are processed.

2) Zizzi complies with legislation regarding data ethics.

●        Zizzi complies with both the Danish and European regulations for data protection. These regulations constitute a minimum and a necessary basis for Zizzi’s work with data ethics.

 

3) Zizzi strives to develop a ‘positive mistake culture’ among employees, where openness surrounding mistakes and problems leads to improvements.

●        Challenges and dilemmas will necessarily arise in relation to the processing of personal data. We should be able to discuss and resolve these issues across staff groups and work towards a ‘positive mistake culture’, where mistakes and problems lead to improvements.

●        The prerequisite for such a culture is that employees are not hesitant to come forward and admit or point out mistakes.

 

4) Zizzi prioritises openness and transparency about the ongoing challenges of handling personal data so that companies, organisations and authorities can learn from each other’s experiences.

●        Zizzi strives for error-free handling of personal data, but even with the best standards and procedure, errors, breaches of data and leaks can sometimes occur, whether on behalf of ourselves or our subcontractors.

●        We must learn from these errors, and improvement can only occur when we are open about them, inform customers, management and authorities and communicate publicly about the challenges we face.

●        Zizzi prioritises employees being well-informed about data ethics, data security and the correct handling of personal data through, among other things, continuous information, training and education.

 

5) Employees who access customers’ personal data are informed about confidentiality and privacy and have the necessary knowledge as to how personal data should be handled.

●        As a retail company, it’s inevitable that Zizzi comes into contact with both ordinary, potentially confidential and sensitive personal data, and these data are subject to restrictive rules regarding storage and processing.

●        Through their employee contracts, policies or certificates, Zizzi employees are subject to confidentiality when it comes to customers’ personal data.

 

6) Zizzi does not sell on customer data, confidential data or sensitive personal data.

●        Personal information or customer data is not sold on. If this were to happen, it would require the approval of the company’s management as well as updating personal data policies and thereby information to the customers.

 

7) Zizzi only provides customer data to authorities if there is an obligation to do so in accordance with the law or court or regulatory decisions. National security and emergency situations are exceptions.

●        Zizzi requires a court order, government decision or injunction as a basis for the disclosure of customer data.

 

8) Machine learning, artificial intelligence and the use of algorithms will be used to serve Zizzi’s customers for the better, not the worse.

●        Zizzi will use these technologies to better serve customers, for example, through more targeted product selection, better service and tailored offers.

●        Authorities must be able to access and control the algorithms used upon request in order to verify that these are not programmed to produce discriminating or “biased” results.