Regulation regarding personal data and public information
The Danish Business Authority collects, processes and stores personal data concerning the notifier, account holder, account representatives and account holder's management and beneficial owners (if the account holder is a legal person) in accordance with the Act on the procedure of notification etc. of certain information to the Danish Business Authority, Consolidated Act no. 1204 of 14 October 2013, Section 4 of the Data Protection Act, Act no. 502 of 23 May 2018, Articles 77–80 of Commission Regulation No. 2019/1122/EU, or Articles 107–108 of Commission Regulation No 389/2013/EU, and Executive Order No.1637 of 18 November 2020 on the Union Registry and the Danish Kyoto Registry.
The Danish Business Authority stores general personal information for ten years after an account is closed or an account representative is deleted from an account. This might involve the following categories of personal data:
- Ordinary personal data, including data such as name, date and place of birth, Danish civil registration number (CPR number), passport number/identification card number, including expiry date and issuing country, email address, place of residence and telephone number.
- Criminal record will be deleted after the case processing is completed and will not be stored.
The European Commission has prepared a privacy statement for users of the Union Registry, where you can read more about the EU's processing of personal data.
Personal data categories
The Danish Business Authority collects, processes and stores personal data concerning the notifier, account holder, account representatives and account holder's management and real owners (if the account holder is a legal person). This might involve the following personal data categories:
- Ordinary personal data, including data on name, date and place of birth, national identity number, passport number/ID card number, expiry date and issuing country, email address, place of ordinary residence and telephone number
- Criminal record
For the purposes of security surveillance, a log is also retained of the user ID, IP addresses, time of login and logout, applications used and infrastructure resources accessed (server logs). In addition, bank details will for some account holders be collected, processed and stored.
The personal data we collect, register and process are those that we obtain from the account holder, from you, and from other authorities.
We can obtain data from the Danish Central Business Register (CVR) and Danish Civil Registration System (CPR), the National Police of Denmark, SKAT (the Danish Tax Authority), the EU's financial sanctions list, and we can cross-check data with Transparency International and Financial Action Task Force.
Data controller responsibility
The Danish Business Authority and the EU Commission have joint data-controller responsibility for the processing of the personal data we have received concerning you.
If you have experienced a security breach regarding data from the Danish Emission Trading Registry, you must always contact the Danish Emission Trading Registry in the Danish Business Authority so that we can stop the security breach:
Contact details for the Danish Emission Trading Registry
The Danish Emission Trading Registry
The Danish Business Authority
Langelinie Allé 17
DK-2100 Copenhagen Ø
Central Business Register no.: 10150817
Telephone: +45 7220 0038Ring op: +45 7220 0038 (an emergency phone (+45 3529 1862Ring op: +45 3529 1862) can be contacted on Monday to Friday after normal business hours and until 9pm and on Saturday and Sunday and on holidays from 10am to 6pm)
Where to find publicly available information
Account Holder's Name, CVR Number, and Address. For operators and aircraft operators, the name of the production unit, type of activity, license number and compliance status, as well as address, will be published. Information about the number of allocated allowances and verified emissions. Publicly available information about accounts and transactions is contained in Annex XIV of the Regulation Regulation.
Please, for more information also reference the annex to decision 13/CMP.1 available at: http://unfccc.int/resource/docs/2005/cmp1/eng/08a02.pdf#page=32
Public information can be found via EU’s transaction log and the European Environmental Agency.
Note that publication of contact information requires consent from account holders in accordance with EU regulation. Therefore, all information is not publicly available. Regarding publicly available information about transactions, inventories and total volumes via the EUTL, this information is not publicly available until three years after a transaction has taken place.
Article 110 of the Registry provides that information, including information on the inventory of all accounts, all transactions carried out, the unique unit identification code of the allowances and the unique numerical value of the unit serial number of Kyoto units, which are included in the holdings or are affected by a transaction which included in the EUTL, the EU Register and any other KP registry shall be considered confidential, except where otherwise provided for in EU legislation or in national legislation pursuing a legal objective compatible with this Regulation, and are reasonable in relation to the purpose.
Retirement accounts in the Danish Kyoto Registry
- DK-300-4-0-72 (CP0 – 2005-7)
- DK-300-4-0-72 (CP1 – 2008-12)
- DK-300-5017465-1-68 (CP1 – 2008-12)
- DK-300-501-1-9 (CP1 - 2008-12)
Cancellation accounts in the Danish Kyoto Registry
Net source cancellation (type 1):
- DK-210-3973-1-46 (CP1 – 2008-12)
- DK-210-5017460-1-30 (CP1 – 2008-12)
Non-compliance cancellation (type 2):
- DK-220-5017461-1-32 (CP1 – 2008-12)
Voluntary cancellation (type 3):
- DK-230-502-1-52 (CP0 – 2005-7)
- DK-230-502-1-52 (CP1 – 2008-12)
- DK-230-5017462-1-34 (CP1 – 2008-12)
- DK-230-1-0-38 (CP0 - 2005-7)
- DK-230-5022501-2-56 (CP2)
Surplus cancellation (type 4):
- DK-240-5017463-1-36 (CP1 – 2008-12)
Obligatory cancellation (type 5):
- DK-250-5017464-1-38 (CP1 – 2008-12)