Privacy Policy (in accordance with Danish law)

Aimia ApS – aimia.io
Last updated: 5/12-2025

1. Data Controller

Aimia ApS
Ernie Wilkins Vej 19 1 3
2450 Copenhagen SV
Denmark
CVR: 44225115
Phone: +45 29 27 10 10
Email: contact@aimia.io

Aimia ApS (“we”, “us”, “our”) is the data controller for all personal data processed via aimia.io.
We process personal data in accordance with the General Data Protection Regulation (GDPR) and the Danish Data Protection Act (Databeskyttelsesloven).

2. Personal Data We Process

a) Data you provide directly

When you use our contact form, we collect:

Name
Email address
Phone number (if provided)
Your message
Any other information you voluntarily provide

b) Data collected automatically

When visiting our website, we may collect:

IP address (anonymized when used for analytics)
Browser type and device information
Pages visited, time and date of visit
Cookies and similar tracking technologies (see Cookie Policy)
Technical server logs for security and functionality purposes

c) No special categories of data

We do not intentionally collect sensitive information under GDPR Article 9.

3. Purpose of Processing

We process personal data for the following purposes:

To respond to inquiries submitted through our contact form
To operate and maintain our website, including troubleshooting, security and performance
To produce anonymized statistics and analytics, if you give consent
To comply with legal obligations under Danish law

We do not use your data for automated decision-making or profiling.

4. Legal Basis (GDPR & Danish Data Protection Act)

We process personal data based on the following legal grounds:

GDPR Article 6(1)(a) – Consent
For analytics cookies and any non-essential features.
GDPR Article 6(1)(b) – Contract / steps prior to entering a contract
When responding to inquiries or assisting you upon request.
GDPR Article 6(1)(f) – Legitimate interest
For maintaining website security, preventing misuse, and improving stability.
Our legitimate interests do not override your fundamental rights.
GDPR Article 6(1)(c) – Legal obligation
If Danish law requires us to retain or share certain information (e.g., bookkeeping rules).

5. Data Retention

We keep personal data only for as long as necessary for the purposes described above or as required by Danish law.

Typical retention periods:

Contact form submissions: up to 12 months
Server and security logs: typically 30–90 days
Analytics data: as defined by the analytics provider (only if consent is given)
Legal documentation: stored as required under Danish bookkeeping rules (usually 5 years)

6. Data Sharing

We may share personal data with:

Our hosting provider
IT and email service providers
Analytics providers (only if consent is given for cookies)

All processing is carried out under data processing agreements compliant with GDPR and the Danish Data Protection Act.

We never sell personal data.

Transfers outside the EU/EEA

If data is transferred outside the EU/EEA, we ensure legal protection using:

EU Commission’s Standard Contractual Clauses (SCCs)
Additional safeguards if required

7. Your Rights (according to GDPR and Danish law)

As a data subject, you have the following rights:

Right of access (GDPR Art. 15)
Right to rectification (Art. 16)
Right to erasure (Art. 17)
Right to restriction (Art. 18)
Right to object (Art. 21)
Right to withdraw consent at any time
Right to data portability (Art. 20) where applicable

To exercise your rights, contact us at contact@aimia.io.

Complaint to the Danish Data Protection Authority

You have the right to lodge a complaint with Datatilsynet:

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby
www.datatilsynet.dk

8. Security

We use technical and organizational measures to protect personal information from unauthorized access, alteration or deletion. However, no transmission over the Internet is completely secure.

9. Changes to This Privacy Policy

We may update this policy if our services or legal obligations change. The latest version will always be available on this page.