At ZRM, we take your personal data and privacy very seriously. This privacy policy explains how we collect, use, protect, and store personal data when you visit our website or use our services. We comply with the General Data Protection Regulation (GDPR) and Danish data protection legislation.

Identity and Contact Details of the Data Controller

ZRM ApS
CVR No.: 4369 4367
Brolæggerstræde 6
1211 Copenhagen C
Denmark
E-mail: info@zrm.dk

ZRM is the data controller responsible for processing your personal data in connection with our services.

Purpose and Legal Basis for Processing Personal Data

We collect and process your personal data for the following purposes:

• Provision of Services: Processing is necessary for the performance of a contract, such as the implementation and maintenance of CRM systems.
• Marketing: If you have provided consent, we process your data to send marketing materials (e.g., newsletters).
• Analysis and Improvement: We have a legitimate interest in analyzing user behavior to enhance our website and services.
• Legal Obligations: Compliance with statutory requirements, such as storing invoice information under the Danish Bookkeeping Act.

Types of Data Collected

We may collect the following data about you:

• First and last name
• Company details
• Address
• Telephone number
• Email address
• IP address
• Information about your browsing behavior on our website (cookies)

Consent

We obtain your explicit consent when required for the collection and processing of your data, particularly for marketing-related emails and the use of cookies. You may withdraw your consent at any time by contacting us at info@zrm.dk.

Data Retention and Deletion

Your personal data will only be retained as long as necessary to fulfill the purposes for which they were collected or as required by applicable law. Retention periods for specific data types include:

• Invoice information: Stored for five years in accordance with the Danish Bookkeeping Act.
• Marketing data: Retained until consent is withdrawn.
• Usage data: Stored until no longer relevant for analysis purposes.

Once the retention period expires, your data will be securely deleted.

Sharing of Personal Data

We only share your personal data with third parties when necessary for the provision of our services or when we are legally required to do so. This may include:

• IT service providers: Such as hosting providers that process data on our behalf.
• Analytics tools: Google Analytics, Zoho PageSense, and Zoho SalesIQ to analyze visitor behavior.

All third-party providers are bound by data processing agreements (DPAs) to ensure that your data is protected in compliance with GDPR.

Cookies

ZRM uses cookies to improve user experience and collect anonymized data on visitor behavior. A cookie is a small text file stored on your device. You can choose to decline cookies via your browser settings.

When you visit our website, we obtain your explicit consent for the use of cookies for marketing and analytics purposes, in accordance with GDPR’s requirements for active consent. You can modify your cookie preferences at any time through our website’s cookie settings.

ZRM uses Zoho SalesIQ to collect cookies. You can read more about their cookies here.

Your Rights

Under GDPR, you have the following rights:

• Right of access: You can request access to the personal data we hold about you.
• Right to rectification: You can request corrections to inaccurate personal data.
• Right to erasure (“Right to be forgotten”): You can request deletion of your data if it is no longer necessary.
• Right to object: You can object to the processing of your data.
• Right to data portability: You can request the transfer of your data to another provider.

To exercise your rights, please contact us at info@zrm.dk. We will respond to your request within a reasonable timeframe, no later than 30 days.

Security

ZRM has implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, or deletion. These measures include:

• Encryption of data during transmission and storage.
• Access controls and role-based access rights to systems.
• Regular security audits to ensure continued compliance with security standards.

Security breaches: In the event of a security breach affecting personal data, ZRM will promptly notify affected parties and take necessary measures to mitigate any consequences. ZRM is not liable for losses resulting from security breaches beyond its control.

Complaints

If you believe we have violated your rights under GDPR, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet):

Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
E-mail: dt@datatilsynet.dk
Phone: +45 33 19 32 00

Changes to the Privacy Policy

We reserve the right to update this Privacy Policy. Any changes will be published on our website. In the case of significant changes, we will notify you via email.

This Privacy Policy is effective as of November 1, 2024.