Privacy Policy

We work with modern digital solutions, where trust, confidentiality and responsible data handling form a core part of the value we deliver.

Data Controller and scope

This Privacy Policy describes how DDS Digital ApS (“DDS Digital”, “we”, “us”, or “our”) processes personal data in connection with our own business and our digital presence, including our website, contact forms, meeting booking, chat functions, customer enquiries and other communications.

DDS Digital ApS is the data controller for the processing of personal data covered by this Privacy Policy.

DDS Digital ApS
CVR no.: 45458865
Birk Centerpark 40
7400 Herning
Denmark
Email: [email protected]

If you have any questions about this Privacy Policy or our processing of personal data, you can contact us at [email protected].

This Privacy Policy applies to the processing of personal data where DDS Digital ApS acts as data controller, including when we process information about visitors to our website, persons who contact us, book meetings, use our chat functions, request a demo or proposal, or otherwise engage in dialogue with us about our services.

This Privacy Policy does not apply to processing activities carried out by DDS Digital ApS as a data processor on behalf of its customers. Such processing activities are regulated separately by the relevant customer agreement and any data processing agreements.

Who and what this Privacy Policy covers

This Privacy Policy covers DDS Digital ApS’ processing of personal data relating to the following categories of persons:

visitors to our website
persons who contact us via contact form, email, telephone, chat or otherwise
persons who book meetings or demos with us
prospective customers, customers and customer contacts
persons who engage in dialogue with us about our services, potential cooperation or proposals

This Privacy Policy also covers the processing of personal data that takes place in connection with the use of our digital tools for meeting booking, chat, sales dialogue, customer follow-up and documentation of enquiries.

If, as part of our sales or delivery processes, we use solutions for call handling, transcription, meeting logging, AI-assisted summarisation or similar technologies, the processing of personal data in that connection will also be covered by this Privacy Policy to the extent that DDS Digital ApS is the data controller for such processing.

This Privacy Policy does not cover the processing of personal data for which our customers themselves are the data controllers and which DDS Digital ApS processes solely on the customer’s behalf as a data processor.

What personal data we process

Depending on how you use our website, chat functions, meeting booking, communicate with us or engage in dialogue with us about our services, we may process the following categories of personal data:

General identity and contact information, including name, email address, telephone number, company name, job title and other contact details that you provide yourself.

Information about your enquiry or your customer relationship, including the content of messages, information about your needs, interests, preferences, requests, meeting topics, project descriptions, proposal matters, contractual history and other communications with us.

Booking and meeting information, including information you provide when booking a meeting, the time of meetings, participation information, meeting notes and practical information related to the planning and conduct of meetings or demos.

Technical and digital usage information, including IP address, browser information, device information, timestamps, log information and information about the use of our website, booking solutions, chat functions and other digital touchpoints, to the extent such information is collected.

Communication and interaction data, including information about whether emails are delivered, opened or answered, as well as information about interaction with messages, forms, booking flows or similar digital processes, to the extent such functions are used.

Information from calls, audio, transcription and similar documentation, including call metadata, audio recordings, transcriptions, meeting notes and related log information, to the extent such functions are used in connection with conversations, meetings or other communications with us.

We request that no sensitive personal data or other information that is not necessary for the specific enquiry or customer relationship be shared with us, unless this is strictly necessary and lawful.

If you provide us with information about other persons, it is your responsibility to ensure that you are entitled to disclose such information to us and that the persons concerned have been informed accordingly to the extent required by law.

Purposes of processing and legal basis

DDS Digital ApS processes personal data for the following purposes and on the following legal bases:

Answering enquiries and dialogue about our services

We process personal data in order to answer enquiries, follow up on requests, conduct initial discussions, assess needs and communicate with prospective customers, customers and other contact persons.

The processing is generally based on our legitimate interest in handling and responding to relevant enquiries, pursuant to Article 6(1)(f) GDPR, and in some cases because the processing is necessary in order to take steps prior to entering into a possible agreement, pursuant to Article 6(1)(b) GDPR.

Meeting booking, demos and the conduct of meetings

We process personal data in order to manage meeting bookings, send confirmations, plan and conduct meetings or demos, and follow up on them.

The processing is based on our legitimate interest in administering such enquiries and meetings, pursuant to Article 6(1)(f) GDPR, and, where relevant, because the processing is necessary in order to take steps prior to an agreement or to perform an agreement, pursuant to Article 6(1)(b) GDPR.

Preparation of proposals, conclusion and administration of customer relationships

We process personal data in order to prepare proposals, enter into agreements, deliver our services, manage customer relationships, handle support, conduct project communication and document contractual matters.

The processing is necessary in order to perform an agreement with you or the company you represent, or to take steps prior to entering into an agreement, pursuant to Article 6(1)(b) GDPR.

Internal administration, documentation and protection of business interests

We may process personal data for internal administration, record-keeping, documentation of communications, prevention of misuse, IT security, troubleshooting, quality assurance and protection of our rights and legitimate business interests.

The processing is based on our legitimate interest in operating and protecting our business in a responsible manner, pursuant to Article 6(1)(f) GDPR.

Call handling, transcription, meeting logging and similar documentation

If we use tools for call handling, audio recording, transcription, meeting logging or similar documentation, we may process personal data for the purpose of documenting dialogues, preparing for meetings, internal follow-up and administering customer relationships.

The processing is generally based on our legitimate interest in handling enquiries and customer relationships in an efficient and responsible manner, pursuant to Article 6(1)(f) GDPR. If applicable law in a specific situation requires consent, the processing will instead take place on the basis of such consent, pursuant to Article 6(1)(a) GDPR.

Compliance with legal obligations

We process personal data to the extent necessary to comply with applicable law, including, for example, bookkeeping, accounting and documentation requirements.

The processing is based on our legal obligations, pursuant to Article 6(1)(c) GDPR.

Marketing and sending relevant materials

If you have given your consent, we may process your personal data in order to send you marketing, updates, news, case studies, invitations or other relevant content about our services.

The processing is based on your consent, pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time.

Use of testimonials, customer statements, case studies, name and logo

If we wish to use customer statements, testimonials, names, company names, logos or similar reference information for marketing purposes, this will only take place on the basis of prior consent, pursuant to Article 6(1)(a) GDPR, unless otherwise follows from a separate agreement or applicable law.

Where the personal data comes from

As a general rule, we collect personal data directly from you or from the company you represent when you contact us, use our website, chat functions or booking solutions, request a proposal, or otherwise engage in dialogue with us.

We may also collect information automatically in connection with the use of our website and digital solutions, including via technical logs, booking systems, chat functions, and cookies and similar technologies, to the extent such are used.

In certain cases, we may receive personal data from sources other than you, including from:

the company with which you are associated
suppliers and technical platforms that support our communication, booking, CRM, payment or customer management
publicly available sources, including company websites, public registers, social media and professional networks, where this is relevant in connection with B2B dialogue, sales activities or the establishment of a customer relationship

If we collect personal data about you from sources other than you, we process such information in accordance with applicable data protection law and inform you accordingly to the extent required by law.

Recipients, suppliers and processors

We may entrust or disclose personal data to external recipients, suppliers and processors where this is necessary in order to operate our business, deliver our services, administer our website and communications, or comply with our legal obligations.

Depending on the specific situation, personal data may be processed by the following categories of recipients or suppliers:

suppliers of CRM, communication and automation platforms
suppliers of email, calendar, meeting booking and collaboration tools
suppliers of payment solutions, invoicing, bookkeeping and accounting
suppliers of hosting, operations, security, technical support and related infrastructure
suppliers of chat functions, call handling, transcription, AI-assisted functions and similar technological tools
advisers, auditors, financial partners and other professional third parties where this is necessary for our business operations
public authorities, courts, supervisory authorities or other third parties where this follows from legislation, a legal claim or a legitimate request

When external suppliers process personal data on our behalf, this takes place on the basis of relevant data processing agreements or other relevant legal mechanisms to the extent required by applicable law.

We do not disclose personal data to third parties for their own independent marketing purposes unless we have a valid legal basis for doing so in advance, including consent where required.

Transfer of personal data to countries outside the EU/EEA

As part of our use of external suppliers, platforms and technical tools, personal data may be transferred to or accessed from countries outside the EU/EEA, including in particular the United States.

If we transfer personal data to recipients in countries outside the EU/EEA, we ensure that such transfer takes place in accordance with applicable data protection law and on the basis of a valid transfer mechanism.

Depending on the specific supplier and processing situation, the transfer mechanism may, for example, be:

the European Commission’s adequacy decision
a relevant certification scheme, including, where relevant, the EU-US Data Privacy Framework
the European Commission’s standard contractual clauses
other transfer mechanisms or supplementary measures that may be necessary under applicable law

You can contact us at [email protected] if you would like further information about the transfer mechanism applied in a specific situation.

Storage and deletion of personal data

We retain personal data for as long as necessary for the purposes for which the data was collected and processed, unless longer retention is necessary in order to comply with legal obligations, establish, exercise or defend legal claims, or document an existing or former customer relationship.

As a general rule, we have established the following retention periods:

Enquiries, contact requests, meeting bookings and prospective leads

Personal data collected in connection with ordinary enquiries, contact forms, chat dialogues, meeting bookings, demo requests and other sales-related requests is generally retained for up to 12 months from the most recent relevant activity, unless the dialogue develops into a customer relationship or there is another legitimate reason for longer retention.

Customer relationships, project materials and ongoing customer dialogue

Personal data processed as part of an existing or completed customer relationship, including contact details, contractual documentation, project communications, support history and other materials related to delivered services, is generally retained for up to 5 years after the end of the customer relationship, unless longer retention is necessary in the specific case.

Bookkeeping and accounting materials

Personal data included in invoices, payment information, bookkeeping materials or other accounting documentation is retained in accordance with applicable bookkeeping rules, which generally means retention for 5 years from the end of the financial year to which the material relates.

Information from calls, transcriptions, meeting logging and AI-assisted documentation

If we use solutions for call handling, transcription, meeting logging or AI-assisted summarisation, such information is retained only for as long as necessary for documentation, internal follow-up, meeting preparation, quality assurance or administration of the customer relationship, and is then deleted or anonymised once it is no longer necessary.

Technical log data and data collected via cookies or similar technologies

Such data is retained in accordance with the specific technical solution, the purpose of the processing and any consent choices, and to the extent permitted by applicable law. Further information about cookies and similar technologies will be set out in our cookie information and consent solution once these have been implemented.

When personal data is no longer necessary for the purposes for which it was collected, we delete or anonymise it in a responsible manner, unless we are legally required to retain it for a longer period.

Your rights

When we process personal data about you, you have a number of rights under applicable data protection law.

You have, among other things, the right to:

request access to the personal data we process about you, as well as receive further information about the processing
have inaccurate information corrected and, where relevant, have incomplete information completed
request deletion of your personal data where the conditions for this are met
request restriction of the processing of your personal data in the cases where the law gives you this right
object to our processing of your personal data, including where the processing is based on our legitimate interests
receive the personal data you have provided to us in a structured, commonly used and machine-readable format, and in certain cases have such data transferred to another data controller
withdraw your consent if the processing is based on your consent. A withdrawal does not affect the lawfulness of any processing carried out before the consent was withdrawn

If you wish to exercise one or more of your rights, you can contact us at [email protected]. We will handle your request in accordance with applicable data protection law and assess the extent to which the conditions for the relevant right are met.

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe that our processing of your personal data is not carried out in accordance with applicable law. Contact details and further guidance are available at www.datatilsynet.dk.

Cookies and similar technologies

Our website and related third-party solutions may use cookies and similar technologies for technical operation, functionality, security, booking, chat and, where such functions are activated, analytics and marketing.

Cookies and similar technologies are small text files or similar technical mechanisms that are stored on or access information from your device when you visit a website or use digital services.

To the extent required by applicable law, we only use non-essential cookies and similar technologies on the basis of valid consent. Essential cookies and similar technologies may be used without consent to the extent permitted by applicable law.

Further information about the specific cookies and similar technologies used, their purposes, any third parties involved and your choices will appear in the cookie information and consent solution applicable on the website from time to time.

You may change or withdraw your cookie choices at any time via the consent solution made available on the website once this has been implemented.

Security

We implement appropriate technical and organisational measures in order to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, misuse or access, as well as against other processing in breach of applicable data protection law.

Such measures may include, among other things, access restrictions, management of user access, use of relevant authentication mechanisms and responsible use of external systems and suppliers.

The security measures are determined with regard to the nature, scope and purpose of the processing and the risks associated with the specific processing.

Although we seek to protect personal data at an appropriate level, we cannot guarantee complete security in connection with data transmission via the internet or the use of third-party platforms. We therefore encourage you not to send us unnecessarily sensitive information unless this is necessary or agreed.

Changes to this Privacy Policy

We reserve the right to update and amend this Privacy Policy on an ongoing basis if necessary as a result of changes in legislation, regulatory practice, our technical solutions, our business model or the way in which we process personal data.

The version of the Privacy Policy applicable at any given time will be available on our website. Material changes will be published in a clear manner and, where relevant, we will also inform you through the communication channels we normally use in relation to the relevant processing.

This Privacy Policy applies from the date stated in the most recently updated version.

In the event of any discrepancy between the Danish and English versions of this Privacy Policy, the Danish version shall prevail.

Contact and complaints

If you have questions about this Privacy Policy, our processing of personal data, or if you wish to exercise your rights, you can contact us at [email protected]. We always strive to resolve any issue in a timely manner.

If you believe that our processing of your personal data is not carried out in accordance with applicable data protection law, you have the right to lodge a complaint with: