Privacy Policy

1. Introduction

ZenithSpark AS ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website (zenithspark.top) and our business finance software analysis services.

As a company registered in Denmark and operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and Danish data protection laws. This policy applies to all personal data we process in connection with our services.

2. Data Controller Information

ZenithSpark AS is the data controller for the personal data we process. Our contact details are:

3. Data We Collect

We collect and process various types of personal data depending on how you interact with our services. The data collection includes information you provide directly to us and information we collect automatically through your use of our website and services.

3.1 Information You Provide

• Contact information (name, email address, phone number, company name)
• Business information (company size, industry, finance software requirements)
• Communication records (emails, phone calls, meeting notes)
• Service preferences and consultation requirements
• Feedback and survey responses

3.2 Automatically Collected Information

• IP address and location information
• Browser type and version
• Device information and operating system
• Website usage data (pages visited, time spent, referral sources)
• Cookies and similar tracking technologies (see our Cookie Policy)

4. How We Use Your Information

We process your personal data for specific purposes and only when we have a lawful basis to do so. Our use of your data includes providing our services, improving our offerings, and maintaining communication with our clients.

4.1 Service Provision

• Responding to enquiries and providing consultation services
• Conducting finance software analysis and comparisons
• Preparing reports and recommendations
• Managing client relationships and project delivery
• Processing payments and maintaining financial records

4.2 Business Operations

• Improving our website and services
• Conducting market research and analysis
• Complying with legal obligations and regulatory requirements
• Protecting against fraud and ensuring security
• Maintaining business records and archives

4.3 Marketing and Communications

With your consent, we may use your information to send you relevant marketing communications about our services, industry insights, and business updates. You can withdraw your consent at any time.

5. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

6. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract performance: Processing necessary to provide our services and fulfil our contractual obligations
• Legitimate interests: Processing necessary for our legitimate business interests, such as improving services and ensuring security
• Consent: Where you have given explicit consent for specific processing activities, such as marketing communications
• Legal obligation: Processing required to comply with applicable laws and regulations

7. Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share your information only in the following circumstances:

• With service providers who assist us in delivering our services (under strict confidentiality agreements)
• When required by law, legal process, or government authorities
• To protect our rights, property, or safety, or that of our clients or others
• In connection with a business transfer, merger, or acquisition (with appropriate safeguards)

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal obligations. Our data retention periods are based on the nature of the data and the purposes for which it is processed.

• Client contact information: Retained for the duration of our business relationship plus 3 years
• Project data and analysis reports: Retained for 7 years for business and legal purposes
• Website analytics data: Retained for 26 months
• Marketing communications: Until consent is withdrawn or contact becomes inactive

9. Your Rights

Under GDPR and Danish data protection law, you have several rights regarding your personal data:

• Right of access: You can request a copy of the personal data we hold about you
• Right to rectification: You can request correction of inaccurate or incomplete data
• Right to erasure: You can request deletion of your personal data in certain circumstances
• Right to restrict processing: You can request limitation of how we process your data
• Right to data portability: You can request transfer of your data to another service provider
• Right to object: You can object to processing based on legitimate interests or for marketing purposes
• Right to withdraw consent: You can withdraw consent for processing at any time

To exercise any of these rights, please contact us at privacy@zenithspark.top or +45 32359908.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Staff training on data protection and security
• Incident response and breach notification procedures

11. International Data Transfers

We primarily process data within the European Economic Area (EEA). If we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved transfer mechanisms under GDPR.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us using the following information:

14. Supervisory Authority

You have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe we have processed your personal data in violation of applicable data protection laws. Contact information for the Danish Data Protection Agency can be found at www.datatilsynet.dk.