Legal
Privacy Policy
At ScandicTech, we take the protection of your personal data seriously. This policy describes how we collect, use, and protect your data in accordance with the EU General Data Protection Regulation (GDPR).
Last updated: March 2026
1. Data Controller
The data controller for the processing of your personal data is:
If you have questions about our processing of your personal data, you are always welcome to contact us at the email above.
2. Personal Data We Collect
We may collect and process the following types of personal data:
Contact information
Name, email address, phone number, and company details — when you fill out our contact form or book a meeting.
Technical data
IP address (anonymized), browser type, device type, operating system, screen resolution, and language settings.
Usage data
Page views, click flows, visit times, referring URL, and visit duration — collected via cookies when you have given consent.
Communication
The content of emails, messages, or other inquiries you send to us.
We never collect sensitive personal data (e.g., health information, political beliefs, or ethnic origin).
3. Purpose and Legal Basis
We process your personal data for the following purposes, each with its legal basis under GDPR:
| Purpose | Legal Basis |
|---|---|
| Responding to inquiries and contact forms | Article 6(1)(b) — performance of contract / pre-contractual measures |
| Statistics and analysis of website traffic | Article 6(1)(a) — your consent |
| Marketing and ad optimization | Article 6(1)(a) — your consent |
| Delivery of our services and projects | Article 6(1)(b) — performance of contract |
| Compliance with legal requirements (accounting, etc.) | Article 6(1)(c) — legal obligation |
| Operation and security of the website | Article 6(1)(f) — legitimate interest |
5. Third Parties and Data Processors
We share your personal data with the following third parties acting as data processors on our behalf. Data processing agreements have been entered into with all parties.
| Service | Provider | Purpose | Location |
|---|---|---|---|
| Hosting | Vercel Inc. | Hosting and delivery of the website | USA (EU-US DPF) |
| Analytics | Google LLC | Traffic and usage analysis via Google Analytics 4 | USA (EU-US DPF) |
| Tag management | Google LLC | Management of scripts and tracking tags | USA (EU-US DPF) |
| Advertising | Google LLC (Google Ads) | Search advertising and conversion tracking | USA (EU-US DPF) |
| Advertising | Meta Platforms Inc. | Advertising and retargeting via Facebook/Instagram | USA (EU-US DPF) |
| Microsoft Corp. | Email correspondence and calendar booking | EU / USA (EU-US DPF) |
Transfer to the USA takes place on the basis of the EU-U.S. Data Privacy Framework (DPF), where the listed companies are certified. We do not transfer data to countries without an adequate level of protection unless appropriate safeguards are in place (e.g., EU Standard Contractual Clauses).
6. Retention
We store your personal data for as long as necessary to fulfill the purposes for which they were collected:
Contact form inquiries: Up to 2 years after last contact, unless an agreement is entered into.
Client data (projects/agreements): During the contract period plus 5 years per accounting legislation.
Analytics and cookie data: Up to 26 months (Google Analytics) or as indicated in the cookie overview.
Consent logging: Documentation is stored for 2 years after consent is withdrawn.
7. Your Rights
As a data subject, you have the following rights under GDPR. You can exercise your rights by contacting us at info@scandictech.dk:
Access (Art. 15)
You can request to see what information we hold about you.
Rectification (Art. 16)
You can ask us to correct inaccurate or incomplete data.
Erasure (Art. 17)
You can ask us to delete your data, unless we have a legal obligation to retain it.
Restriction (Art. 18)
You can ask us to restrict the processing of your data in certain situations.
Data portability (Art. 20)
You can request to receive your data in a structured, machine-readable format.
Objection (Art. 21)
You can object to processing based on our legitimate interest.
Withdrawal of consent
You can withdraw your consent at any time — without affecting the lawfulness of prior processing.
We respond to inquiries within 30 days. In complex cases, the deadline may be extended by an additional 60 days with notice to you.
8. Security
We take appropriate technical and organizational security measures to protect your personal data against unauthorized access, loss, or misuse. This includes the use of HTTPS/TLS encryption across the entire website, access controls for administrative systems, and regular updates of software and dependencies.
9. Changes to This Policy
We may update this privacy policy periodically to reflect changes in legislation, our services, or processing activities. In the event of significant changes, we will inform you via the website. We recommend that you review this page regularly.
10. Complaint
If you believe that our processing of your personal data does not comply with the regulations, we encourage you to contact us first so we can attempt to resolve the issue. You always have the right to file a complaint with:
Danish Data Protection Agency (Datatilsynet)
Carl Jacobsens Vej 35
2500 Valby, Denmark
Phone: +45 33 19 32 00
Email: dt@datatilsynet.dk
Website: datatilsynet.dk
11. Contact
If you have questions, wish to exercise your rights, or want to learn more about our processing of personal data, you are welcome to contact us:
Ready to take the next step?
We're always open for new partnerships. Tell us about your project and we'll get back to you within 24 hours.
Free initial consultation · No commitment