Privacy Policy

About Ceptiv ApS

Ceptiv ApS operates as part of Acenta Group ApS with CVR number 37576476 and is located at Maglebjergvej 6, 2800 Kongens Lyngby, Denmark. The company processes personal information in strict accordance with the EU General Data Protection Regulation (GDPR), Danish data protection law, and the ePrivacy Directive as implemented in Denmark. Ceptiv ApS acts as the data controller for all personal information collected and processed.

Contact information: Email: dv@ceptiv.net, Phone: +45 81 98 32 71, Address: Maglebjergvej 6, 2800 Kongens Lyngby, Denmark.

Your Rights

If you wish, you have the right to lodge a complaint directly with the Danish Data Protection Agency at dt@datatilsynet.dk or through their website at www.datatilsynet.dk.

You have comprehensive rights under GDPR and Danish legislation, including the right to access your data, request correction of inaccuracies, demand deletion when data is no longer necessary, restrict processing under special circumstances, object to processing based on legitimate interests or for marketing purposes, and receive your data in a portable format. You can withdraw consent at any time without affecting the lawfulness of previous processing. All requests are handled free of charge unless manifestly unfounded, and the company responds within one month.

What Personal Information We Collect

Data You Provide Directly

When you request a quote, start a project, or communicate with our team, we collect your name, email address, phone number, company name, job title, billing address, business and project-related data such as descriptions of your needs and required integrations, and payment information for invoicing.

Automatically Collected Data

Through tools like Google Analytics, we collect usage data including your anonymized IP address, browser type, device information, pages visited, and interaction patterns on the website.

Client Panel Data

When you access the Client Panel, we process login information and project status updates.

We do not collect sensitive personal information unless strictly necessary for a specific project and you give explicit consent.

How We Collect Your Data

Personal information is collected directly from you through website forms, emails, phone calls, or project consultations.

It is also collected automatically through cookies and analytics tools on the website.

In some cases, data comes from third parties such as payment processors when you authorize such sharing.

How We Use Your Data

We process your personal information for several clearly defined purposes with appropriate legal bases in accordance with GDPR.

Service Delivery

The primary purpose is to deliver and manage services, including delivery of custom software solutions, handling integrations, performing maintenance, and overseeing projects and subscriptions through the Client Panel. This is based on performance of a contract or legitimate interests.

Quotes and Proposals

Processing of quotes and proposals within 24 hours is based on legitimate interests.

Analytics and Improvements

Website analytics and service improvements, including use of Google Analytics with IP anonymization and Consent Mode, are based on your consent or legitimate interests.

Legal Compliance

Compliance with legal obligations such as five-year accounting requirements and security measures is based on legal obligations or legitimate interests.

Marketing communications only occur with your consent.

Data Sharing and International Transfers

We share personal information only when necessary and with appropriate security measures.

Trusted Processors

Data is shared with trusted processors such as Vercel for hosting, Stripe for payments, and Google for analytics.

Legal Requirements

It may also be shared within Acenta Group ApS for internal operations or with authorities if required by Danish or EU law.

International Data Transfers

For Google Analytics, transfers to the USA are protected by Google's certification under the EU-US Data Privacy Framework, supplemented by Standard Contractual Clauses, IP anonymization, limited data retention of up to 14 months, and additional pseudonymization measures.

We never sell personal information to third parties.

Cookies and Tracking

Our website uses cookies for essential functionality and non-essential analytics through Google Analytics.

Cookie Compliance

Non-essential cookies are only placed after you have given prior, granular, informed, and active consent via a clear cookie banner that allows easy rejection or withdrawal at any time. This is in full compliance with Danish guidelines from the Data Protection Agency and the Danish Agency for Digitisation.

Essential cookies for session management do not require consent.

Data Retention

Personal information is retained only as long as necessary.

Project and contract-related data is retained for up to five years after termination to fulfill Danish accounting obligations.

Analytics data is retained for up to 14 months in accordance with Google settings.

Marketing data is retained until you withdraw consent.

All data is securely deleted or anonymized when the retention period expires.

Data Security

We implement robust technical and organizational security measures in accordance with GDPR Article 32, including encryption of data in transit and at rest, strict access controls and authentication, regular security backups, and pseudonymization where relevant.

In the event of a personal data breach, we notify the Danish Data Protection Agency within 72 hours if the breach poses a high risk and inform affected individuals when required by law.

Policy Updates

This Privacy Policy may be updated from time to time. Changes will be published on the website along with the new effective date. Significant updates will be communicated via email or prominent notice on the site.