​​​

1. Data controller

This privacy policy applies when OceanSoul, CVR no. 41594837 (hereinafter "OceanSoul"), as the data controller, processes personal data about you.

​​

2. Purpose

The protection of your personal data is important to us. This privacy policy has been developed to comply with the high standards for protecting your privacy as required by the Data Protection Act and GDPR.

The overall purpose of OceanSoul in collecting, storing, and processing personal data about you is to provide the services and products that OceanSoul has agreed to deliver to you.

In addition to the main purpose, OceanSoul processes your personal data for the following purposes:

• To deliver the agreed services and products

• To manage the contractual relationship

• To provide service and respond to your inquiries

• To notify you of any changes to our services or terms

• To contact you regarding external factors that affect the delivery of our services and products

​

3.Legal Basis

The processing of your personal data is carried out on one or more of the following legal bases:

• GDPR Article 6, paragraph 1, letter b – to fulfill a contract where you are a party

• GDPR Article 6, paragraph 1, letter a – with your explicit consent

• GDPR Article 6, paragraph 1, letter c – to comply with a legal obligation imposed on OceanSoul, and/or

• GDPR Article 6, paragraph 1, letter f – to pursue a legitimate interest that outweighs your interest in not processing the information.

​

4. What Information Does OceanSoul and AFAA Collect and Process About You?

OceanSoul collects and processes the following information about you in connection with your agreement with OceanSoul:

• Name

• Address

• Phone number

• Email address

• Payment details

• Personal data you have provided to us, e.g., during contract formation and customer service

• Emails sent by you and any internal notes/agreements made by phone or in person

The following personal data is collected and processed when you use OceanSoul’s digital services/products:

• Logins and statistical data activity

The following personal data is collected and processed in connection with the use of your OceanSoul login:

• Username (we do not have access to your password)

• Customer number, if we assign customer numbers

• Your email address

• Your phone number

• Your permanent address

• Type of subscription, if applicable to subscription services

• Payment information

• Customer service inquiries

• Invoices and follow-ups regarding billing

• Whether a statutory right of withdrawal has been exercised and further details, e.g., data, etc.

• Documentation of the contractual relationship
   

The following personal data is collected and processed when visiting the OceanSoul website:
To continuously improve our website, we track which areas of the website are visited and how long users stay on specific areas. This is done by recording IP addresses from user computers and using cookies.
Recording your IP address is part of our system administration, and the IP address does not allow us to identify you personally.
A cookie is a small file that the server places on your computer, after which the cookie measures traffic to our website. Each time you visit our website, the cookie is updated and returned to your hard drive. A cookie cannot identify you personally – it only recognizes the cookie it has placed on your computer. It is possible to set your internet browser to block cookies. You can also do this for cookies from us, and we do not condition your use of our website on accepting cookies. However, certain parts or features of the website may not be usable if you disable the cookie function.

​​

5.Basis for Storing Your Information

OceanSoul and AFAA store your personal data as long as necessary to fulfill the purposes outlined above. OceanSoul and AFAA also store your personal data:

• If necessary to comply with the bookkeeping law and other legal obligations OceanSoul may have

• To ensure necessary technical and organizational security measures, including ensuring operational stability and our ability to defend our services against potential hostile attacks, e.g., hacking

• To safeguard OceanSoul’s legal interests, e.g., when investigating misuse of OceanSoul’s digital products, including violations of usage rights and laws regarding, for example, personal data and intellectual property rights

• To investigate suspicions or knowledge of security breaches and report to individuals and authorities

• To handle potential disputes with data subjects and third parties

• To conduct statistical investigations and surveys

​

6.Retention Period

We retain personal data about you as long as we need it to serve the purposes outlined above or as required by applicable law.

Personal data will also be deleted in accordance with OceanSoul’s deletion policy, and no later than 5 years after the contractual relationship between you and OceanSoul has ended.

​

7. Your Rights

To the extent that the processing of personal data is based on your consent, you always have the right to withdraw your consent. However, such withdrawal does not affect the processing or disclosure of personal data that occurred before the withdrawal of consent.

You also have the following rights, which you can read more about in the Danish Data Protection Authority’s guidelines at www.datatilsynet.dk:

• The right to access the personal data we have stored about you. However, access to information must not infringe on others' rights, including freedoms

• The right to correct inaccurate personal data (rectification)

• The right to delete personal data in certain cases

• The right to restrict your personal data in specific cases

• The right to data portability for personal data we have collected about you

• The right to opt out of direct marketing

• If personal data is processed for direct marketing purposes, you always have the right to object to the processing of your data, after which the personal data must no longer be processed for that purpose

• The right to object to the processing of personal data, including automated, individual marketing communications

• You have the right – for reasons related to your specific situation – to object to the processing of personal data where the legal basis is Article 6, paragraph 1, letter f. OceanSoul must then stop processing the personal data unless OceanSoul demonstrates compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for establishing, exercising, or defending legal claims

• The right to file a complaint by contacting a competent supervisory authority, including the Danish Data Protection Agency, Borgergade 28, 1300 Copenhagen K, phone 33 193 200

If you have any questions about our processing of your data or wish to exercise your rights, you can contact us through the contact information provided on our website.

​

8.Disclosure of Your Data to Third Parties

OceanSoul only shares your data with subcontractors or partners to the extent necessary to fulfill the purposes outlined in this policy. OceanSoul ensures that such subcontractors or partners are subject to contractual obligations ensuring compliance with the law, your privacy, and sufficient technical and organizational security measures.
If personal data is shared with subcontractors or partners outside the EU/EEA, a legal basis for such transfers is also ensured.
Personal data may be disclosed to others where OceanSoul is required to do so by law or based on a legitimate request from public authorities.

​

9. Contact

If you have any questions regarding the processing of your personal data or wish to exercise your rights, please feel free to contact OceanSoul customer service via email at emelyfreja1@hotmail.com.

This privacy policy has been drafted in Danish, and in the event of any discrepancies between versions in other languages, the Danish version will prevail. If you have any questions or would like to discuss the policy, please contact us using the provided contact details.