Privacy Policy

Last updated: February 2026

 

Introduction

This Privacy Policy explains how personal data is processed in connection with my business and the services offered.

It applies to all enquiries, contractual relationships and communication processes with private individuals, companies, organizations and other business partners.

Controller within the meaning of Article 4(7) of the General Data Protection Regulation (GDPR):

ida – from idea to design to administration
Claudia Stein
Laen Kærvej 2
8585 Glesborg
Denmark
Telephone: +45 50105935
Email: ida@claudiastein.dk
CVR number: 46145941
VAT identification number (EU VAT ID): DK46145941

The protection of your personal data is important to me. Personal data is processed confidentially and in accordance with applicable data protection laws and this Privacy Policy.

Personal data means any information relating to an identified or identifiable natural person (e.g. name, email address, phone number).

 

Categories of Personal Data Processed

Only personal data actively provided by you or your organization is processed, in particular:

  • Name
  • Email address
  • Phone number
  • Content of communication
  • Contract and billing data

Special categories of personal data within the meaning of Article 9 GDPR are not actively collected.
If such data is voluntarily shared, it is processed solely within the scope of the respective communication or contractual relationship.

 

Website Access and Server Log Files

When accessing this website, technical data is automatically recorded by the hosting provider in server log files. This may include:

  • IP address (possibly shortened)
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL

This data is processed exclusively to ensure technical security and stability of the website. This data is not combined with other data sources.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in secure and stable website operation).

 

Contact and Contractual Relationship

If you contact me by email or phone, your information will be stored for the purpose of handling your enquiry.

Legal basis may include:

  • Article 6(1)(b) GDPR (pre-contractual measures / contract performance)
  • Article 6(1)(c) GDPR (legal obligations, e.g. accounting requirements)
  • Article 6(1)(f) GDPR (legitimate interest in communication and business operations)
  • Where applicable, Article 6(1)(a) GDPR (consent)

Services are usually provided online (e.g. via video call or email communication).

 

Hosting and Service Providers

This website is hosted by Netgiganten ApS (Denmark).

The following services are used for communication and online meetings:

  • Google Workspace (email and document management)
  • Google Meet (video calls)

Data processing agreements have been concluded in accordance with Article 28 GDPR where required.

 

Sales Processing via Digistore24

For certain products and services, the ordering and payment process is handled via the external platform Digistore24.

When you access the checkout page, personal data required for order processing (such as name, billing information and payment data) is processed directly by Digistore24.

Digistore24 acts as an independent controller within the meaning of Article 4(7) GDPR for the checkout and payment process.

For further information on how Digistore24 processes personal data, please refer to Digistore24’s own Privacy Policy.

 

Transfers to Third Countries

In the context of using Google Workspace and Google Meet, personal data may be processed outside the EU/EEA.

Any such transfer is based on the European Commission’s Standard Contractual Clauses and appropriate safeguards in accordance with Articles 44 et seq. GDPR.

 

Retention Period

Personal data is stored only as long as necessary for the respective purposes.

  • Enquiries without a contractual relationship are generally deleted within 12 months.
  • Contract and billing data is retained in accordance with Danish accounting law for 5 years.

After expiry of the respective retention periods, the data is deleted or anonymized.

 

Your Rights

Under the GDPR, you have the following rights:

  • Access (Article 15 GDPR)
  • Rectification (Article 16 GDPR)
  • Erasure (Article 17 GDPR)
  • Restriction of processing (Article 18 GDPR)
  • Data portability (Article 20 GDPR)
  • Objection (Article 21 GDPR)
  • Withdrawal of consent at any time (Article 7(3) GDPR)

To exercise your rights, simply contact me using the contact details provided above.

 

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority.

The competent authority for my business is:

Datatilsynet
www.datatilsynet.dk

 

Data Security

Appropriate technical and organizational measures are implemented to protect personal data against loss, misuse or unauthorized access. These include in particular:

  • SSL/TLS encryption
  • Password protection
  • Two-factor authentication
  • Restricted access to authorized persons only

 

Cookies and Tracking

This website does not use cookies and does not employ tracking, analytics or third-party tools that collect information about visitors.

 

Changes to this Privacy Policy

I reserve the right to update this Privacy Policy in order to reflect changes in legal or technical requirements.