Privacy Policy
Last Updated: March 5, 2025Who we are
We are ESG Report ApS, the company responsible for processing your personal data in accordance with this policy.
Company Details:
ESG Report ApS
Address: Jagtvej 177 1 tv, 2100 København Ø, Denmark
Company Registration Number: 45038114
Contact: esgreport@esgreport.dk
To make the policy more user-friendly, we use terms like "we," "us," and "our" to describe ESG Report ApS. Similarly, when we refer to "you," we mean any user of our website, app, or services.
Links to Other Websites
Our website, emails, and social media may include links to other companies or websites ("other websites") that aren't ours. This policy doesn't cover how those other websites process your data. We encourage you to read their privacy notices when visiting them.
Introduction
We process certain personal data about you from time when you have created an account on our website. This makes us responsible for the personal data about you that we process. If you have any questions, please contact us on the contact details above.
Purpose of processing your personal data
The purpose of processing your personal data is to ensure that:
- We can deliver our services and products to you as requested by you.
- You can log into your account on our website.
- We can send notifications to you, process your payments, and enable account features
- Conduct demos, workshops, and other services as requested by you.
- Comply with applicable legislation, including the Danish Bookkeeping Act and the Danish VAT Act.
- We can send newsletters, conduct webinars, and offering promotions if requested by you.
- We can tailor communication to your interests.
Data Processed:
- Name, email, title, and phone number
- Company details (domain, address, country)
- Requests (e.g., sign-ups, demo requests, customer support inquiries)
- Payment details and login verification
- Purchase history and newsletter preferences
Legal Bases:
We will process the abovementioned personal data in accordance with the applicable law from time to time.
Retention Period:
We will process the data as long as you use of services and/or have an account with us and as long as applicable law requires so. Data is kept for the duration of your use of our services plus five years after your relationship with us ends, unless required otherwise by law.
Improving Our Services
We analyze usage data to optimize our website and services.
Data Processed:
- IP address, browser type, user agent, pages visited, and cookies
Legal Bases:
- Consent (GDPR Article 6.1.a)
- Legal obligations (GDPR Article 6.1.c)
- Legitimate interests (GDPR Article 6.1.f)
Retention Period:
Data is kept for up to two years.
Business and Product Development
We use data for audits, analytics, and product development.
Data Processed:
- Name, email, title, phone number
- Company details (domain, address, country)
- Product usage and purchase history
Legal Bases:
- Contractual necessity (GDPR Article 6.1.b)
- Legitimate interests (GDPR Article 6.1.f)
Retention Period:
Data is retained for up to three years after your last use of our services.
Compliance with Legal Obligations
We process data to meet legal requirements.
Data Processed:
- Name, email, title, phone number
- Company details (domain, address, country)
Legal Bases:
- Legal obligations (GDPR Article 6.1.c)
Retention Period:
Based on statutory requirements.
Data Sources
We collect personal data from:
- You directly
- Publicly available online sources (e.g., LinkedIn)
- Cookies (subject to your consent)
Keeping Your Data Safe
We use technical, organizational, and administrative measures to protect your data. However, no internet transmission is entirely secure, so we recommend avoiding sending sensitive information via email.
Information security is a core priority. We operate documented security policies, risk assessments, access controls, logging, backup, and incident response processes aligned with ISO/IEC 27001.
Sharing Your Data
We share data with:
- Service providers (e.g., hosting, payment processing, marketing systems)
- Public authorities, where required
Third-Party Processors:
We ensure legal agreements are in place and appropriate safeguards are implemented for data processing outside the EU/EEA.
Your Rights
You have the right to:
- Access, rectify, or erase your personal data
- Restrict or object to processing
- Data portability
- Withdraw consent for processing
- Lodge complaints with a data protection authority (e.g., the Danish Data Protection Agency)
Contact: esgreport@esgreport.dk
Policy Updates
This policy may be updated to reflect changes in our practices. We will notify users of significant changes via email or website announcements.