Data Ethics Policy

 

1. Introduction

1.1 This policy describes how data ethics is considered and included in the use of data and design and implementation of technologies used for processing of data at the KOMPAN Group. The policy applies in all aspects of processing of data whether the data enables identification of a natural person (“personal data”) or not.

2. Principles for data ethics

2.1 When the KOMPAN Group processes data or designs, purchases or implements technologies, especially new technologies, for processing of data, the principles for data ethics described below must be assessed and included in the considerations during the design process and/or prior to the purchase or implementation of the processing activity or the technology used for the processing of data.

Legality

The processing of data shall, at all times, comply with applicable legislation. For example, the processing of personal data requires a specific legal basis according to the General Data Protection Regulation (“GDPR”). 

Ethical design

Technologies for the processing of data, especially new technologies, shall be designed to re-spect principles of data ethics, including the principles laid down in this policy and the general processing principles as laid down in the GDPR. For example, technologies shall be designed to ensure correct and timely deletion of personal data in accordance with the KOMPAN Group’s retention periods. 

Expectations

Data shall be processed in ways that are consistent with the intentions, expectations and under-standing of the disclosing party. For example, personal data may not be processed for new purposes which are incompatible with the purposes for which the personal data was originally col-lected.

Security

A sufficient level of security shall be implemented in and around technologies used for pro-cessing of data. The security measures shall include technical as well as organisational measures, and the sufficient level of security shall be assessed based on a risk assessment of the specific processing activity and the technology used for the processing of data.

Respect for human rights

Processing of data and the design of technologies used for processing of data shall ensure that human rights are respected. For example, processing of data or use of technologies for the processing of data may not be biased with a risk of discrimination, marginalisation or stigmatisation against individuals.

Proportionality

Data shall be used only for purposes which are proportional taking into account the rights of the individuals, including the right of privacy. 

3. Use of data

3.1 The KOMPAN Group is developing, producing and selling playground and fitness equipment, outdoor furniture as well as other equipment for children. The group is primarily focused on business to business relationships which entails that the group is primarily in possession of business to business information, including contact information regarding contact persons with business partners. 

3.2 The KOMPAN Group is also in possession of incident reports which may contain health information regarding adults as well as children. Such information is processed with utmost consideration to the special confidential nature of such information as well as the general vulnerability of children. This entails, among other things, that such information is not disclosed to third parties unless absolutely necessary. 

3.3 The KOMPAN Group bases the development of playground and outdoor fitness equipment on research carried out by the KOMPAN Play Institute and the KOMPAN Fitness Institute. The KOMPAN Play Institute investigates what motivates children to play as well as their play activity, their development and their view on playground designs. The KOMPAN Fitness institute investigates sport and fitness activities impact on people’s health and wellbeing. When carrying out research, the KOMPAN Group ensures compliance with all principles set out in section 2 above, especially the principle relating to the data subject’s expectations, i.e. purpose limitation. Data used for research purposes is collected from participants who have submitted themselves to the research study as well as for” “in situ” and laboratory observation studies, from surveys and from existing research. The KOMPAN Group ensures that data collected for research purposes is only disclosed to third parties in anonymized form. 

3.4 The KOMPAN Group works with consideration to protection and respectful use of data in all aspects of the group’s activities. As such, the individual whose data is used or whose behaviour the KOMPAN Group aims to impact by the use of data must always be at focus when the KOM-PAN Group uses data or plans new activities involving use of data.

3.5 Employees and children enjoy extra protection when it comes to use of data. Because of this, the KOMPAN Group shows extra consideration in relation to use of such data

4. Use of new technology and profiling

4.1.1 Where the KOMPAN Group wishes to implement changes to the use of new technologies or profiling the principles set out in section 2 of this policy must be respected. 

5. Training of employees

5.1 The KOMPAN Group ensures that employees who, as a part of their job with the KOMPAN Group, use data or are engaged in designing, purchasing or implementing technologies for the use of data, receive training in the principles for data ethics described in section 2 above, and in complying with this policy, on a regular basis.

5.2 If the KOMPAN Group finds that certain employees need additional training or more frequent training than described above in section 5.1, the KOMPAN Group ensures that such employees receive the training deemed necessary to ensure compliance with this policy.

5.3 The KOMPAN Group ensures that this policy is available to employees with the purpose of ensuring the employees’ access to the applicable principles for data ethics for the KOMPAN Group.

6. Responsibility

6.1 KOMPAN Group’s CFO is responsible for and oversees The KOMPAN Group’s compliance, including compliance with data ethics and this policy. 

7. Questions

7.1 Any questions regarding this policy or data ethics may be addressed to the Group Compliance Officer.