Privacy Policy

About Ceptiv ApS

Ceptiv ApS operates as part of Acenta Group ApS with CVR number 37576476 and is located at Maglebjergvej 6, 2800 Kongens Lyngby, Denmark. The company processes personal data in strict accordance with the EU General Data Protection Regulation (GDPR), the Danish Data Protection Act, and the ePrivacy Directive as implemented in Denmark. Ceptiv ApS serves as the data controller for all personal data collected and processed.

Contact Information: Email: dv@ceptiv.net, Phone: +45 81 98 32 71, Address: Maglebjergvej 6, 2800 Kongens Lyngby, Denmark.

Your Rights

If you wish, you have the right to file a complaint directly with the Danish Data Protection Agency (Datatilsynet) at dt@datatilsynet.dk or through their website at www.datatilsynet.dk.

You have extensive rights under the GDPR and Danish law, including the right to access your data, request rectification of inaccuracies, demand erasure when data is no longer needed, restrict processing in specific circumstances, object to processing based on legitimate interests or for marketing purposes, and receive your data in a portable format. You can withdraw consent at any time without affecting the lawfulness of prior processing. All requests are handled free of charge unless they are manifestly excessive, and the company responds within one month.

What Personal Data We Collect

Data You Provide Directly

When you request a quote, initiate a project, or communicate with our team, we collect your name, email address, phone number, company name, job title, billing address, business and project-related data such as descriptions of your needs and required integrations, and payment details for invoicing.

Automatically Collected Data

Through tools like Google Analytics, we gather usage data including your anonymized IP address, browser type, device information, visited pages, and interaction patterns on the website.

Client Panel Data

When you access the Client panel, we process login credentials and project status updates.

We do not collect sensitive personal data unless it is strictly necessary for a specific project and you provide explicit consent.

How We Collect Your Data

Personal data is collected directly from you through website forms, emails, phone calls, or project consultations.

It is also gathered automatically via cookies and analytics tools on the website.

In some cases, data comes from third parties such as payment processors when you authorize such sharing.

How We Use Your Data

We process your personal data for several clearly defined purposes with appropriate legal bases under the GDPR.

Service Delivery

The primary purpose is to provide and manage the services, including delivering custom software solutions, handling integrations, performing maintenance, and overseeing projects and subscriptions through the Client panel. This is based on the performance of a contract or legitimate interests.

Quotes and Proposals

Processing offers and quotes within 24 hours is based on legitimate interests.

Analytics and Improvements

Website analytics and service improvements, including the use of Google Analytics with IP anonymization and Consent Mode, are based on your consent or legitimate interests.

Legal Compliance

Compliance with legal obligations such as five-year bookkeeping requirements and security measures are based on legal obligations or legitimate interests.

Marketing communications occur only with your consent.

Data Sharing & International Transfers

We share personal data only when necessary and with appropriate safeguards.

Trusted Processors

Data is shared with trusted processors such as Vercel for hosting, Stripe for payments, and Google for analytics.

Legal Requirements

It may also be shared within the Acenta Group ApS for internal operations or with authorities if required by Danish or EU law.

International Data Transfers

For Google Analytics, transfers to the United States are protected by Google's certification under the EU-US Data Privacy Framework, supplemented by Standard Contractual Clauses, IP anonymization, limited data retention of up to 14 months, and additional pseudonymization measures.

We never sell personal data to third parties.

Cookies & Tracking

Our website uses cookies for essential functionality and non-essential analytics through Google Analytics.

Cookie Compliance

Non-essential cookies are placed only after you provide prior, granular, informed, and active consent via a clear cookie banner that allows easy rejection or withdrawal at any time. This is in full compliance with Danish guidelines from Datatilsynet and Digitaliseringsstyrelsen.

Essential cookies for session management do not require consent.

Data Retention

Personal data is retained only as long as necessary.

Project and contract-related data is kept for up to five years after termination to meet Danish bookkeeping obligations.

Analytics data is retained for up to 14 months in line with Google settings.

Marketing data is kept until you withdraw consent.

All data is securely deleted or anonymized once the retention period ends.

Data Security

We implement robust technical and organizational security measures in accordance with GDPR Article 32, including encryption of data in transit and at rest, strict access controls and authentication, regular security backups, and pseudonymization where appropriate.

In the event of a personal data breach, we notify Datatilsynet within 72 hours if the breach poses a high risk and inform affected individuals when required by law.

Policy Updates

This Privacy Policy may be updated from time to time. Changes will be posted on the website along with the new effective date. Significant updates will be communicated via email or prominent notice on the site.