Privacy Policy

This Privacy Policy describes how vingardiumpath AS ("we," "our," or "us") collects, uses, and protects your personal information when you use our spa performance tracking services and visit our website.

Last Updated: January 2026

Data Controller Information

vingardiumpath AS is the data controller responsible for your personal information. Our contact details are:

Data Collection

The data we collect includes personal information that you provide to us directly and information that we collect automatically when you use our services. We collect the following types of personal data:

  • Contact Information: Name, email address, phone number, and company details when you contact us or use our services
  • Account Information: Username, password, and profile information for service access
  • Usage Data: Information about how you use our performance tracking tools and website
  • Technical Data: IP address, browser type, device information, and operating system
  • Communication Data: Records of correspondence and support interactions
  • Service Data: Information related to spa performance metrics and analytics as provided by your business

How We Use Your Information

We use your personal data for the following purposes based on legitimate business interests, contractual obligations, and your consent:

  • Service Provision: To provide and maintain our spa performance tracking services
  • Customer Support: To respond to your enquiries and provide technical support
  • Service Improvement: To analyse usage patterns and improve our platform functionality
  • Communication: To send service updates, notifications, and relevant business communications
  • Legal Compliance: To comply with applicable laws and regulations
  • Security: To protect our services and users from fraud and security threats

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to perform our services agreement with you
  • Legitimate Interests: For business operations, security, and service improvement
  • Consent: Where you have given explicit consent for specific processing activities
  • Legal Obligation: To comply with legal requirements and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist in delivering our services
  • Legal Requirements: When required by law or to protect our rights and interests
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • Consent: With your explicit consent for specific purposes

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy. Generally, we retain data for the following periods:

  • Account Data: Until account deletion or service termination
  • Communication Records: Up to 3 years for customer service purposes
  • Technical Data: Up to 2 years for security and service improvement
  • Legal Compliance: As required by applicable laws and regulations

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Access: Request copies of your personal data
  • Rectification: Request correction of inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Request transfer of your data to another service
  • Restriction: Request limitation of processing activities
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for consent-based processing

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication systems
  • Staff training on data protection practices
  • Incident response and breach notification procedures

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard contractual clauses
  • Binding corporate rules
  • Certification schemes and codes of conduct

Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Supervisory Authority

You have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe we have not handled your personal data in accordance with applicable law:

  • Website: www.datatilsynet.dk
  • Email: dt@datatilsynet.dk
  • Phone: +45 33 19 32 00