Privacy policy

Privacy Policy & GDPR Statement for Sensade ApS

1. Introduction

This Privacy Policy and GDPR statement describes how Sensade ApS (“we”, “us”, “our”) processes personal data.

The purpose of this policy is to ensure full compliance with the General Data Protection Regulation (GDPR) and the Danish Data Protection Act, and to provide you—as a user, customer, partner, or applicant—with a clear and transparent overview of how we process information.

As a general rule, we do not collect sensitive personal data, and our solutions are designed to primarily operate using anonymised, aggregated, or technical data wherever possible.

This policy also explains how we handle personal data in the rare cases where we may receive or process more sensitive information.

2. Data Controller

Sensade ApS
Ølgodvej 3
9220 Aalborg Øst
Denmark
CVR no.: 38847937
Email: Contact@sensade.com

We are the data controller for the personal data we process about users, customers, partners, and applicants.

3. Categories of Personal Data We Process

We primarily process ordinary personal data, including:

Name
Email address
Phone number
Address (e.g., for invoicing)
Information related to the service we provide

We do not process sensitive data (such as health information, biometric data, political opinions, etc.).

In our technical solutions, we also process:

Technical and operational data
Anonymised or aggregated parking, traffic, and capacity data
Sensor and IoT measurements
System and error logs

If we obtain technical access to data that could include personal information, our principles are:

not to use it
not to store it
not to analyse it
not to disclose it

unless necessary, lawful, and agreed upon.

4. Processing Activities

4.1 Website Visits

When you visit our website, we process technical information such as:

IP address
Browser and device information
Pages visited
Cookie preferences

We primarily use necessary cookies required for the website to function. All other cookie types (e.g., statistical cookies) will only be activated if you grant consent via our cookie banner.

4.2 Communication and Contact

When you contact us via email, phone, or contact form, we process the information you provide:

Name
Contact details
Content of your message

Purpose: To respond to your inquiry and maintain relevant communication.
Legal basis: Legitimate interest (GDPR Art. 6(1)(f)).
Data retention: Deleted when the inquiry is finished and no longer needed.

4.3 Customer Relationships

When we enter into an agreement, we process:

Contact information for contact persons
Billing and payment information
Contract details and delivery history

Legal basis:

Contractual necessity (GDPR Art. 6(1)(b))
Legitimate interest (Art. 6(1)(f))

Retention: As long as the customer relationship exists, and thereafter as required by law.

4.4 Newsletters

When you sign up for our newsletter, we process:

Name
Email address

Purpose:
To send news, product updates, case stories, and other relevant information about Sensade.

Legal basis: Consent (GDPR Art. 6(1)(a)).

Retention:

We keep your information as long as you remain subscribed.
You may unsubscribe at any time using the link in the newsletter or by contacting us.
Documentation of consent may be stored for up to 2 years, according to the guidelines of the Danish Consumer Ombudsman.

4.5 Accounting and Financial Records

We store accounting documents that may contain personal data (e.g., names on invoices).

Purpose: Compliance with the Danish Bookkeeping Act.
Legal basis: Legal obligation (GDPR Art. 6(1)(c)).
Retention: Minimum 5 years after the end of the financial year.

4.6 Job Applications

When you apply for a job, we process:

Name, contact information
CV, cover letter, and any attachments

Purpose: To evaluate candidates.
Legal basis:

Legitimate interest (Art. 6(1)(f))
Consent for retaining applications for future positions

Retention: Deleted when the recruitment process is completed, unless otherwise agreed.

4.7 Data from Technical Systems, Apps, APIs, and Sensors

We process technical data necessary for operating and optimising our solutions, such as:

Anonymised parking and traffic data
Flow, time, and load measurements
IoT and sensor data
System logs

All data used for analysis, statistics, or reporting is anonymised or aggregated and cannot be linked to individuals.

5. Third-Party Data and API Integrations

We may receive technical access to data from partners, APIs, or external systems.

Our principles:

We use only the data necessary for the intended purpose.
Personally identifiable data is not used even if technically accessible.
Any unintended personal data is filtered out, ignored, or deleted.

When acting as a data processor, processing occurs solely under instruction and in accordance with a data processing agreement.

6. Server Location and International Transfers

All our servers and data processors are located within the EU/EEA.
We do not transfer personal data outside the EU/EEA.

If an international transfer becomes necessary in the future, we will use:

EU Standard Contractual Clauses (SCC), and
Appropriate supplementary security measures

to ensure GDPR compliance.

7. Disclosure of Personal Data

We never sell personal data.

We may disclose information to:

Suppliers and data processors (e.g., IT, hosting, auditors, accountants)
Public authorities when legally obligated
Advisors such as lawyers or insurance providers in legal matters

Data processors only receive access when necessary and are subject to binding data processing agreements.

8. Profiling and Automated Decision-Making

We do not use profiling, nor do we make automated decisions that produce legal or significant effects on you.

9. Security Measures

We protect personal data using appropriate technical and organisational measures, including:

Access control and role-based permissions
Encryption where relevant
Logging and monitoring
Procedures for handling data breaches
Ongoing security and compliance reviews

Only employees with a legitimate need receive access.

In case of a personal data breach, we will assess the risk immediately and notify the Danish Data Protection Agency and affected individuals where required under GDPR Articles 33 and 34.

10. Data Retention

We store personal data only as long as necessary to:

fulfil the purposes for which it was collected
comply with legal obligations
document processing in accordance with GDPR

When data is no longer needed, it is deleted or anonymised.

11. Your Rights

Under GDPR, you have the right to:

Access your data
Correct inaccurate information
Erasure (“the right to be forgotten”)
Restriction of processing
Object to processing
Data portability
Withdraw consent at any time

Learn more about your rights on the Danish Data Protection Agency’s website:
https://www.datatilsynet.dk/borger/hvad-er-dine-rettigheder

To exercise your rights, contact us at:
Contact@sensade.com

12. Complaints

If you are dissatisfied with our processing of your personal data, we encourage you to contact us first so we can try to resolve the issue:

Contact@sensade.com

You also have the right to file a complaint with:

The Danish Data Protection Agency (Datatilsynet)
Borgergade 28, 5th floor
1300 Copenhagen K
www.datatilsynet.dk

13. Updates

This privacy policy is updated continuously when there are changes in legislation or in our processing activities.
The latest version will always be available on our website.

Cookie	Duration	Description
cookie law info checkbox performance		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
cookielawinfo-checkbox-analytics		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional		The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary		This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
viewed_cookie_policy		The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.