Peak PrivacyPEAK PRIVACY

Privacy Policy

Hi there!

We're Peak Privacy ApS, a company that helps bring clarity and transparency within ePrivacy and GDPR-compliance. It would be pretty strange if we didn't have a clear, understandable privacy policy ourselves, right?

So here it is - written in plain language, because privacy policies should never require a law degree to understand.

Who's behind this site and company?

Peak Privacy ApS is run from Copenhagen, Denmark.

You can find us at:

NJALSGADE 76, 4. 2300 - COPENHAGEN S DENMARK Company registration (CVR): DK-45354059

Need to reach us? Email vibeke [at] peakprivacy . eu

What information do we collect?

Let's be specific:

When you book an appointment/demo with us:

  • Your name
  • Your email address
  • Your company (optional)
  • Any additional information you provide in the booking form (optional)

When you sign-up for a webinar:

  • Your name
  • Your email address
  • Your company (optional)
  • Any additional information you provide in the booking form (optional)

If you sign up for our newsletter (coming soon):

  • Just your email address That's it. Really.

What about tracking and cookies?

We don't use any. No tracking pixels, no marketing cookies, no analytics tools. The only cookies we use are the technically necessary ones that make the website work. That's why you do not see a consent banner on our site.

Why we process your data (Legal grounds)

We want to be clear about why we're legally allowed to process your data:

For Demo Appointments and Product Webinars

When you book a demo or sign up for a webinar about our services, we process your data because you're exploring whether Peak Privacy might be a good fit for you. In legal terms, this falls under "pre-contractual measures" (Art. 6(1)(b) GDPR)—you asked us for information, and we need your details to provide it.

For Educational Webinars 

When you sign up for our educational webinars (general privacy and compliance topics), we process your data based on legitimate interest (Art. 6(1)(f) GDPR). We have an interest in sharing knowledge and connecting with privacy professionals, and you have an interest in learning. We've checked our interests against yours (using a tool called a Legitimate Interests Assessment) and confirmed that, with the small amount of data we use and our strong protections, your rights come first.

Marketing consent If you check the consent box for marketing from us (and in some collaborative events, from a specified partner), we'll also process your data based on that consent.

For Future Newsletter Subscriptions

If you sign up for our newsletter, we'll process your email address based on your consent, which you can withdraw at any time.

For Customers (When you use our services)

When you become a customer, we'll process your data based on:

  • Contract: To fulfil our agreement with you and provide our services
  • Legal obligation: To comply with business accounting laws and other legal requirements
  • Legitimate interests: For security and fraud prevention

We never process your data for any purpose other than what it was collected for, and you can always contact us at vibeke [at] peakprivacy . eu to exercise your privacy rights.

Who processes your data?

International data transfers All our service providers are based in the EU or Switzerland. Your personal data remains within the EU/EEA or in countries with an adequate level of data protection as recognised by the European Commission (Switzerland). No transfers to third countries occur.

Here's a breakdown of our data processing arrangements:

Data Processors (Companies processing data on our behalf)

Hetzner: Acts as our data processor for hosting our website and platform. They're an EU- based company with data centers in the EU, ensuring your data stays within European borders. As our data processor, they process data according to their standard terms which include data processing terms compliant with GDPR requirements. You can review our Data Processing Agreement with them You can review this agreement here.

Meetergo: Helps us manage appointment scheduling. They're a German company (GmbH) with servers hosted in Germany, ensuring your data stays within EU borders. When you book an appointment with us through meetergo, they'll store the information you provide (like your name and email) plus briefly record your IP address and access time for technical purposes. Meetergo is configured to automatically delete appointment data after 3 months to minimize data retention.We've signed their standard Data Processing Agreement to ensure your data is handled properly according to GDPR requirements. You can review this agreement here.

Acumbamail: Will act as our data processor for newsletter services (when we start sending them). They're a Spanish company with servers in Spain, guaranteeing that no international data transfers occur. We rely on their standard data processing agreement, which you can review here. Please scroll down to Annex A to read it.

Infomaniak: Processes our company emails as our data processor. Being a Swiss company known for privacy-first services, they provide strong data protection guarantees. You can review the Data Processing Agreement we have with them here.

Technical Service Providers (No personal data processing)

Mailgun: Used solely for internal system notifications, with no processing of customer personal data.

Since these technical service providers don't process any personal data on our behalf, no data processing agreements are required. However, we carefully select our service providers based on their privacy and security standards, with a preference for EU-based providers where possible.

How long do we keep your information?

Demo booking: Stored in our CRM-system for 3 months after your appointment, after which it's automatically deleted.

Webinar registrations: Stored for 6 months after the webinar has taken place, after which it is deleted.

Newsletter subscriptions (when we start those): Until you unsubscribe

Customer data: For the duration of our business relationship, plus 5 years after termination to comply with Danish accounting law (bogføringsloven).

Your rights (yes, you have quite a few!)

The GDPR gives you several rights, and we're here to help you use them.

You can:

  • See what information we have about you
  • Fix any mistakes in your information
  • Ask us to delete your information
  • Get your information in a format you can use elsewhere
  • Tell us to stop using your information
  • Change your mind about any consent you've given us

Want to exercise any of these rights? Just email us at vibeke [at] peakprivacy . eu. We'll help you out as soon as possible (and always before 30 days.)

Not happy with how we handle your data?

First, please tell us about it at dpo [at] peakprivacy.eu—we want to make things right. If you're still not satisfied, you can complain to the Danish Data Protection Authority (Datatilsynet):

Carl Jacobsens Vej 35 2500 Valby Denmark www.datatilsynet.dk

Automated decision-making We don't let computers make decisions about you. No algorithms deciding whether you get access to something, no automated profiling. A human is always in the loop.

Changes to this policy

If we make any significant changes to how we handle data, we'll update this policy and let you know about it.

Last updated: 2026-02-18

Privacy Policy - Peak Privacy