Privacy Policy

1. Introduction

Pavise ApS ('we', 'us', or 'our') is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you interact with our website or services.

We are a Danish company subject to the EU General Data Protection Regulation (GDPR) and Danish data protection laws. We take our responsibility as a data controller seriously and are committed to transparent, lawful, and fair processing of personal data.

2. Information We Collect

2.1 Contact Information

When you contact us through our website, we collect:

• Name
• Email address
• Company name (if provided)
• Message content

2.2 Technical Information

When you visit our website, we may automatically collect:

• IP address (anonymized)
• Browser type and version
• Operating system
• Pages visited and time spent on pages
• Referral source

3. How We Use Your Information

We use your personal information solely for the following purposes:

• Responding to your inquiries and contact requests
• Providing consulting services you have requested
• Communicating about projects and service delivery
• Improving our website and services
• Complying with legal obligations

4. Legal Basis for Processing

Under GDPR, we process your personal data based on:

• Consent: When you voluntarily provide information through our contact form or email
• Legitimate Interest: To respond to inquiries and provide requested information about our services
• Contract Performance: To deliver consulting services you have engaged us for
• Legal Obligation: To comply with applicable laws and regulations

5. Data Storage and Security

5.1 Where We Store Your Data

Your personal data is stored securely on servers located within the European Union. We ensure all data processing complies with GDPR requirements and EU data protection standards.

5.2 How We Protect Your Data

We implement industry-standard security measures including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of data at rest
• Access controls and authentication
• Regular security audits and updates
• Minimal data collection principle

5.3 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law:

• Contact form submissions: Deleted after 30 days if no engagement occurs
• Active project communications: Retained for project duration plus 12 months
• Completed project data: Retained for 5 years for legal and accounting purposes

6. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ('right to be forgotten')
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: File a complaint with a supervisory authority (e.g., Datatilsynet in Denmark)

To exercise any of these rights, please contact us at the email address provided below. We will respond to your request within 30 days.

7. Third-Party Sharing and Processors

We do NOT sell, trade, or rent your personal information to third parties.

We may share your data only with trusted service providers who assist us in operating our website and delivering services, subject to strict confidentiality obligations:

• Email service providers (for contact form submissions)
• Web hosting providers (EU-based, GDPR-compliant)

All third-party processors are:

• Bound by data processing agreements (DPAs)
• GDPR compliant
• Located within the EU or provide adequate safeguards
• Prohibited from using your data for their own purposes

8. Cookies and Tracking

Our website uses minimal cookies necessary for essential functionality only:

• Language preference cookie (to remember your selected language)
• Session cookies (for form submission and security)

9. International Data Transfers

Your personal data is stored and processed within the European Union. We do not transfer personal data outside the EU/EEA unless:

• You explicitly request communication with recipients outside the EU
• Adequate safeguards are in place (e.g., Standard Contractual Clauses)
• The transfer is necessary for contract performance

10. Children's Privacy

Our services are directed at businesses and organizations, not individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete such information immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on this page with a new 'Last Updated' date
• Sending an email notification if you are an active client

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us: