Skip to main content

Privacy Policy

ConPDS ApS — Effective date: 15 April 2026

picture_as_pdf Download stamped PDF

1. Introduction

This Privacy Policy explains how ConPDS ApS ("ConPDS", "we", "us", or "our") collects, uses, stores, and protects personal data when you visit and interact with our website at conpds.com (the "Website").

This policy covers the Website only. If you use the ConPDS Checker mobile application, please refer to our separate App Privacy Policy. Capitalised terms not defined here have the meanings given in our Terms & Conditions.

2. Data Controller

The data controller responsible for the processing of your personal data is:

3. Data We Collect

When you use the Website, we may collect the following categories of data:

3.1 Cookies

The Website uses a single first-party cookie:

  • conpds_cc — stores your cookie consent preferences (necessary and optional analytics categories). Expires after 182 days. SameSite=Lax. This cookie is strictly necessary for the cookie consent mechanism to function.

No third-party cookies are set by the Website.

3.2 Analytics

If you consent to analytics cookies, the Website loads Plausible Analytics, a privacy-friendly analytics tool. Plausible does not use cookies, does not collect personally identifiable information, and does not track users across websites. All analytics data is aggregated and cannot be used to identify individual visitors. See Plausible's data policy for details.

Some interactive tools, such as ROI calculators, may send privacy-safe usage events to Plausible after analytics consent. These events use broad buckets only (for example scenario selected, volume range, exposure range, and ROI range). Raw calculator inputs are not transmitted, and ConPDS does not use analytics events to enrich IP addresses, identify companies, or profile individual visitors.

3.3 Contact Form

When you submit the contact form, we collect:

  • Your name, email address, company name (optional), and phone number (optional);
  • Your message text and selected inquiry type (general inquiry, trial request, demo booking, or integration checklist);
  • Your preferred language;
  • Your IP address (for rate limiting and abuse prevention).

3.4 Share-via-Email

Certain pages offer a "share via email" feature. When you use this feature, we collect:

  • The page URL and title being shared;
  • The recipient email address and optional note you provide;
  • Your IP address and a timestamp.

This data is logged server-side for audit purposes.

3.5 PDF Downloads

When you download a stamped PDF of any legal page, the generated document is watermarked with:

  • Your IP address;
  • The download timestamp;
  • A unique download identifier.

This information is embedded in the PDF for audit traceability. It is not stored separately on our servers.

3.6 Server Logs

Our web server automatically records standard HTTP access logs, including your IP address, browser user-agent string, requested URL, HTTP status code, and timestamp. These logs are used for security monitoring, error diagnostics, and capacity planning.

4. How We Use Your Data

We process personal data for the following purposes:

  • Cookie consent: Remembering your cookie preferences so we do not ask repeatedly.
  • Analytics: Understanding aggregate website usage patterns and broad calculator usage buckets to improve our content, tools, and user experience (only with your consent).
  • Contact form: Delivering your inquiry to our team and responding to you.
  • Share-via-email: Sending the shared page to the recipient you specify and maintaining an audit trail.
  • PDF generation: Producing a traceable legal document upon your request.
  • Security and operations: Detecting and preventing abuse, diagnosing errors, and maintaining server availability.

5. Legal Basis for Processing (GDPR)

We process personal data on the following legal bases under the General Data Protection Regulation (GDPR):

  • Consent (Art. 6(1)(a)): Analytics cookies are loaded only after you give explicit consent via the cookie banner. You may withdraw consent at any time by clicking "Manage preferences" in the cookie banner or the "Cookie settings" button in the website footer.
  • Performance of a contract or pre-contractual steps (Art. 6(1)(b)): Processing contact form submissions to respond to your inquiry, trial request, or demo booking.
  • Legitimate interest (Art. 6(1)(f)): Server access logs for security monitoring and abuse prevention; the strictly necessary consent cookie for remembering your preferences. Our legitimate interest does not override your rights, as the data processed is minimal and necessary for Website operation.

6. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties. Data is shared only in the following limited circumstances:

  • Plausible Analytics: If you consent to analytics, aggregated (non-personal) usage data is processed by Plausible. No personally identifiable information is shared.
  • Email delivery: Contact form submissions and share-via-email requests are delivered using our own SMTP infrastructure. No third-party email marketing services are used.
  • Cloud infrastructure: The Website is hosted on EU-based servers. Our hosting provider acts as a sub-processor under an appropriate data processing agreement.
  • Cookie consent UI library: The cookie banner is rendered by an open-source library (vanilla-cookieconsent, MIT licence). Library files are self-hosted from the ConPDS servers; no third-party CDN is used and no data is transmitted to the library author. The library has no first-party telemetry.

The Website does not contain advertising SDKs, social media tracking pixels, or third-party marketing scripts. All page assets (CSS, JavaScript, fonts, images, cookie-consent UI) are served exclusively from conpds.com.

7. Data Retention

  • Cookie consent preference (conpds_cc): 182 days from the date of consent, then automatically expires.
  • Analytics data: Plausible retains aggregated analytics data according to its own data policy. No personal data is retained.
  • Contact form submissions: Retained for the duration necessary to respond to your inquiry and for any follow-up, then archived in accordance with our Terms & Conditions.
  • Share-via-email audit logs: Retained for up to twelve (12) months for audit and abuse prevention, then permanently deleted.
  • Server access logs: Retained for up to ninety (90) days for security and diagnostic purposes, then automatically rotated and deleted.

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

  • Right of access (Art. 15): You may request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16): You may request that we correct inaccurate or incomplete personal data.
  • Right to erasure (Art. 17): You may request that we delete your personal data, subject to legal retention obligations.
  • Right to restriction (Art. 18): You may request that we restrict the processing of your personal data under certain circumstances.
  • Right to data portability (Art. 20): You may request a machine-readable copy of the personal data you provided to us.
  • Right to object (Art. 21): You may object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds.
  • Right to withdraw consent: Where processing is based on consent (e.g. analytics cookies), you may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, contact us at info@conpds.com. We will respond within thirty (30) days.

You also have the right to lodge a complaint with a supervisory authority. The relevant authority in Denmark is the Danish Data Protection Agency (Datatilsynet), Carl Jacobsens Vej 35, 2500 Valby, Denmark — www.datatilsynet.dk.

9. International Data Transfers

All personal data collected through the Website is stored and processed exclusively within the European Union. ConPDS does not transfer personal data outside the EU/EEA.

10. Children's Privacy

The Website is not directed at children. We do not knowingly collect personal data from anyone under the age of 16. If we discover that a child under 16 has provided us with personal data, we will take steps to delete it promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@conpds.com.

11. Security

We employ commercially reasonable security measures to protect your personal data, including:

  • SSL/TLS encryption for all data in transit;
  • Access controls and authentication for server-side systems;
  • EU-only data centre hosting with physical and logical security controls;
  • Rate limiting and abuse prevention on form submissions.

No method of electronic storage or transmission is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

12. Links to Other Sites

The Website may contain links to third-party websites or services. These external sites are not operated by us. We strongly advise you to review the privacy policies of any third-party sites you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised effective date. Continued use of the Website after such changes constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us: