# Privacy Policy Venjue ApS only collects and processes personal data when it is necessary to provide our services or to comply with a legal obligation. We do not use marketing or tracking cookies. The only cookies used are: - An anonymous session token, which keeps you logged in to the platform. - Technical third-party cookies from Stripe, which are necessary for the execution of payments. --- ## What Data is Collected We collect information when you interact with Venjue, either as a Vendor, an End User or a general visitor of our website(s), app(s) or other products that collect data. The information we may collect includes: - Name - Email address - Postal address - Telephone number - External IP address (logged automatically) - Usage data and other anonymized points of reference All information is provided by you in connection with the use of the platform or is registered by our systems for technical purposes. ## Purpose and Legal Basis The purposes of collecting and processing are: - To deliver the services you have ordered. - To send order confirmations and to communicate with you regarding your customer relationship. - To identify your region and to prevent misuse or security breaches. Processing takes place on the basis of Article 6(1)(b) of the GDPR (performance of a contract) and Article 6(1)(c) of the GDPR (compliance with a legal obligation). ## Retention Period - **End Users**: Personal data is deleted 5 years after delivery of the service, unless longer retention is required by law (e.g. the Danish Bookkeeping Act). - **Vendors** and their users: Personal data is stored for as long as the account exists. Upon deletion of the account, the data is erased immediately. ## Data Processors ### Data Controller The Data Controller is Venjue ApS, registered in Denmark with registration number DK-42410047. ### Recipients of Personal Data #### Definitions - **Data Processor**: A third party processing personal data on behalf of Venjue ApS pursuant to Article 28 of the GDPR. - **Sub-Processor**: A subcontractor engaged by a Data Processor to perform parts of the processing of personal data. Venjue ApS has ensured that written agreements are in place regulating the relationship with both Data Processors and Sub-Processors, and that all comply with the requirements of the GDPR. We never disclose personal data to unauthorised parties and we do not sell data. In order to deliver our service, Venjue ApS uses the following data processors and sub-processors. All parties are subject to data processing agreements ensuring compliance with the GDPR and applicable data protection law. | Company | Role | Function/Purpose | Registration No. | Country | |------------------------------|----------------|----------------------------------------------------------|------------------|-------------| | Stripe Payments Europe, Ltd. | Data Processor | Payment partner for billing and handling of transactions | IE3206488LH | Ireland | | Hetzner Online GmbH | Sub-Processor | Hosting and operation of servers in The European Union | DE812871812 | Germany | | DigitalOcean EU B.V. | Sub-Processor | Hosting and operation of servers in The European Union | NL854116552B01 | Netherlands | ## Your Rights As a data subject, you have the following rights under the GDPR: 1. To request access to the information we process about you. 2. To have inaccurate or incomplete data rectified or updated. 3. To request the erasure of your data. 4. To object to the processing of your data. 5. To lodge a complaint with a supervisory authority. If you wish to exercise your rights, you may contact us at .