Clear privacy. No noise.
This policy explains which data we process, why, on what legal basis, for how long and which rights you can exercise.
Controller
Controller: Big Plum Digital. CVR: 45246000. Address: Lodsholmvej, Klarup, Denmark.
Privacy contact: hola@bigplumdigital.com / hej@bigplumdigital.com.
We have not appointed a Data Protection Officer because, based on the current type and scale of activity, this is not mandatory. If this changes, we will update this policy.
Data we may process
Identification and contact data: name, company or project, email, country, phone if provided, and communication history.
Diagnostic form data: current website, selected concerns, free-text information and communication consent.
Technical and security data: IP, browser, device, visited pages, server logs and technical events required to protect the website.
Analytics or marketing data: only when you have given consent through the cookie panel.
Purposes and legal bases
Answering requests, preparing diagnostics, proposals or pre-contractual communications: pre-contractual measures or contract.
Providing services, client management, support, billing and project follow-up: contract and legal obligations.
Protecting the website, preventing abuse and keeping reasonable technical evidence: legitimate interest in security and service continuity.
Sending commercial communications or measuring non-essential analytics/marketing: consent, which you may withdraw at any time.
Recipients and providers
We may work with hosting, infrastructure, email, forms, analytics, advertising, automation, billing and professional advisory providers.
When we use Google products with your consent, Google may receive and use personal data for measurement, advertising and security. See how Google uses this data at: https://business.safety.google/privacy/.
If a provider processes data outside the EEA, we require appropriate safeguards, such as adequacy decisions, standard contractual clauses or other valid mechanisms.
Retention
Requests and forms: up to 24 months, unless they become a contractual relationship or we need to retain them for accountability.
Clients, billing and contractual documentation: during the relationship and applicable accounting or tax retention periods, normally up to 5 years where relevant.
Commercial communications: until you withdraw consent or unsubscribe.
Technical and security logs: for the time strictly necessary for security, technical diagnosis and abuse prevention.
Your rights
You can request access, rectification, erasure, restriction, portability, objection and withdrawal of consent by writing to hola@bigplumdigital.com.
You may also lodge a complaint with Datatilsynet, the Danish Data Protection Agency: https://www.datatilsynet.dk/english.