Vora.dk – Privacy Policy

Version 1.0 – Copenhagen, dated 01-03-2025

1. Introduction

This Privacy Policy explains how Vora.dk (“we,” “us,” or “our”) collects, uses, stores, and safeguards personal data in compliance with the EU General Data Protection Regulation (GDPR) and relevant Danish data protection legislation. Please read this policy carefully to understand your rights and our obligations regarding your personal data.

2. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person (the “data subject”), as defined in Article 4(1) of the GDPR.

  • Processing: Any operation or set of operations which is performed on personal data, whether or not by automated means (Article 4(2) GDPR).

  • Data Controller: The natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data (Article 4(7) GDPR).

  • Data Processor: A natural or legal person which processes personal data on behalf of the data controller (Article 4(8) GDPR).

  • Data Subject: The identifiable natural person to whom personal data relates.

3. Data Controller and Contact Information

Vora.dk is the “data controller” responsible for processing your personal data. If you have any questions or concerns about this Privacy Policy or our data processing activities, please contact us:

Vora.dk
Vesterbrogade 26
1620, København V
Denmark
CVR No.: 45430499
Email: contact@vora.dk

4. Personal Data We Process

4.1 Website Contact Form

  1. Types of Data:

    • Name

    • Email address

    • Telephone number (if voluntarily provided)

    • Company name

    • Brief inquiry description

  2. Purpose of Processing:

    • To respond to your inquiry and provide relevant services.

  3. Legal Basis:

    • Consent under Article 6(1)(a) GDPR. By submitting our contact form, you explicitly consent to the processing of your personal data for the stated purpose.

  4. Source of Data:

    • Data you provide directly when filling out our contact form.

  5. Recipients:

    • We do not share this personal data with any external parties. Data is used internally at Vora.dk to fulfill your request.

  6. International Data Transfers:

    • We do not transfer personal data to recipients outside the European Union (EU) or European Economic Area (EEA).

  7. Storage and Retention:

    • We retain your personal data only as long as necessary to respond to your inquiry or provide you with the requested services. If your request concludes and there is no ongoing need to retain your data, we will delete it unless we are legally required to keep it longer.

4.2 Collaboration Agreements (B2B or B2C)

  1. Types of Data:

    • Name

    • Contact details (address, email)

    • Position and company name

    • Payment/billing information (if relevant)

    • Any additional data you provide in the course of our collaboration

  2. Purpose of Processing:

    • To manage and fulfill contractual obligations, including communication, invoicing, and service delivery.

  3. Legal Basis:

    • Article 6(1)(b) GDPR (performance of a contract).

    • Article 6(1)(c) GDPR (compliance with legal obligations, e.g., bookkeeping).

    • Article 6(1)(f) GDPR (legitimate interests, such as maintaining business relationships).

  4. Source of Data:

    • Data you provide when entering into a collaboration with us, or publicly available information (e.g., from business registries).

  5. Recipients:

    • Auditors: For financial audits.

    • Public Authorities: If required by law.

    • Subcontractors: Where necessary for service delivery, subject to data processing agreements ensuring GDPR compliance.

  6. International Data Transfers:

    • We do not transfer personal data outside the EU/EEA unless strictly required, and only under appropriate safeguards as per Articles 44–46 GDPR.

  7. Storage and Retention:

    • We retain your data for the duration of our collaboration and for a subsequent period (typically 5 years) as required under the Danish Bookkeeping Act and other relevant regulations.

5. Data Security

We have implemented appropriate technical and organizational security measures in accordance with Article 32 GDPR to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. Although we strive to employ industry-standard security measures, no transmission method or storage mechanism is completely secure.

6. Your Rights as a Data Subject

In accordance with Articles 12–22 of the GDPR, you have several rights regarding our processing of your personal data:

  1. Right of Access (Article 15):
    You have the right to request confirmation on whether we process your personal data and to obtain a copy of that data.

  2. Right to Rectification (Article 16):
    You have the right to request the correction of any inaccurate or incomplete personal data.

  3. Right to Erasure (Article 17):
    You may request the deletion of your personal data, subject to legal limitations (e.g., if retention is required for legal obligations).

  4. Right to Restrict Processing (Article 18):
    You can request the restriction of our processing of your personal data in certain circumstances.

  5. Right to Data Portability (Article 20):
    You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where the processing is based on consent or contract.

  6. Right to Object (Article 21):
    You have the right to object to the processing of your personal data based on our legitimate interests or for direct marketing.

  7. Right to Withdraw Consent (Article 7(3)):
    Where we rely on your consent for processing, you may withdraw that consent at any time without affecting the lawfulness of processing that occurred prior to withdrawal.

To exercise any of these rights, please contact us using the details provided in Section 3. We will respond to your request as soon as possible and no later than one month from receipt, in accordance with the GDPR.

7. Complaints

If you are dissatisfied with our handling of your personal data, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet). Contact details and guidance can be found at www.datatilsynet.dk.

8. Updates to This Policy

We may periodically update this Privacy Policy to reflect changes in our data processing practices or to comply with new legal requirements. Any changes will be posted on our website with an updated “Version” and “Effective Date.”

9. Contact Us

If you have any questions regarding this Privacy Policy or wish to exercise any of your rights, please contact:

Vora.dk
Vesterbrogade 26
1620, København V
Denmark
CVR No.: 45430499
Email: contact@vora.dk

Management at Vora.dk holds full responsibility for the processing of personal data in accordance with this Privacy Policy and the GDPR.