Privacy Policy

1. Data Controller

IT Aware Aps is the data controller for the processing of your personal data in accordance with the GDPR (European Union General Data Protection Regulation).

As a data controller, we are obliged to protect your personal data and respect your rights regarding this data.

2. Collection and purpose of data

We collect personal data such as name, email address, phone numbers and company information for the following purposes:

  • Account management and user verification
  • Delivery and administration of our services
  • Communications regarding your account and services
  • Invoicing and payment processing
  • Compliance with legal and regulatory requirements
  • Improving our services through analysis

3. Legal basis for processing

We process your personal data based on the following legal basis:

  • Fulfillment of a contract with you
  • Compliance with legal obligations
  • Protection of legitimate interests of IT Aware or third parties
  • Your express consent

4. Sharing of data

We only share your personal data with third parties when necessary to provide our services or when you have given your consent. This may include:

  • Payment processors and banking partners
  • Hosting and cloud service providers
  • Legal and financial advisors
  • Regulatory and public authorities when required by law

We ensure that all third parties process your data in accordance with this privacy policy and applicable law.

5. Data retention

We will only retain your personal data for as long as is necessary to fulfil the purposes for which it was collected or where we are required to do so by law. In general, we will retain:

  • Account data: As long as your account is active plus 30 days after closure
  • Transaction data: At least 5 years for accounting purposes
  • Marketing data: Until you withdraw consent

6. Your rights

You have the following rights regarding your personal data:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Have incorrect data corrected.
  • Right to erasure: Request deletion of your data under certain circumstances
  • Right to restriction: Restrict the processing of your data
  • Right to data portability: Receive your data in a structured format
  • Right to object: Object to the processing of your data
  • Right not to be subject to automated decision-making

To exercise these rights, please contact us at the contact information below.

7. Data security

We implement comprehensive technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure or destruction:

  • Encryption of data during transmission (SSL/TLS)
  • Encryption of sensitive data at rest
  • Access control and authentication
  • Regular security audits and penetration tests
  • Employee training in data security

8. International data transfer

Your personal data is primarily processed in Denmark and the EU. If we transfer data outside the EU/EEA, we ensure adequate protection through standard contractual clauses or other legal mechanism.

9. Contact and complaint process

If you have any questions about this privacy policy or wish to exercise your rights, please contact us:

IT Aware Aps

Bøgevang 20

2770 Kastrup

Denmark

Email: privacy(a)itaware.dk

You also have the right to file a complaint with the Danish Data Protection Authority if you believe that the processing of your data violates the GDPR.