Privacy Policy for Bio-Nordic A/S
Effective Date: 10-03-2022
Last Updated: 30-05-2025
Bio-Nordic A/S (“we,” “us,” “our”) is committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR), the Danish Data Protection Act (Databeskyttelsesloven) and related Danish implementing rules.
1. Data Controller
Bio-Nordic A/S
Automatikvej 1
Regus Office Space
DK-2860 Søborg
Denmark
CVR/VAT No.: DK-40831622
Contact:
– Email: info@bio-nordic.com
– Web: https://bio-nordic.com
2. What Data We Collect
We collect and process personal data concerning:
- Identity & contact details (name, address, e-mail, telephone)
- Account & service data (usernames, order history, service agreements)
- Communications (correspondence, inquiries, support tickets)
- Website usage (IP address, pages visited, clicks, device/browser data)
3. Purposes of Processing
We process your data to:
- Create, manage and authenticate your user/client account
- Provide requested information, products and services
- Respond to inquiries, RFQs and support requests
- Send service updates and transactional notifications
- Compile aggregated statistics to improve our offerings
- Conduct direct marketing campaigns (only with your prior consent)
Except for direct marketing (consent-based), all other processing is necessary for performance of contract or our legitimate interests.
4. Legal Basis for Processing
- Performance of a contract (Art. 6 (1)(b) GDPR)
- Compliance with legal obligations (Art. 6 (1)(c) GDPR)
- Legitimate interests (Art. 6 (1)(f) GDPR), e.g. website analytics and fraud prevention
- Consent (Art. 6 (1)(a) GDPR) for marketing communications and non-essential cookies
5. Recipients & Data Sharing
We do not sell or rent your personal data. Access may be granted to:
- Internal staff (sales, support, IT) on a need-to-know basis
- Sub-processors under contract (e.g., hosting providers, payment processors, CRM/ERP vendors)
- Authorities or courts if required by law or judicial order
All third-party processors have GDPR-compliant agreements in place.
6. Data Retention
| Category | Retention Period |
|---|---|
| Clients & customers | Duration of business relationship + 5 years after last transaction |
| Prospects & enquiries | 3 years after last recorded interaction |
| Website analytics & logs | Up to 2 years |
7. Your Rights
Under GDPR you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Erase (“right to be forgotten”) in certain circumstances
- Restrict or object to processing
- Data portability (receive your data in a structured, machine-readable format)
- Withdraw consent at any time (for marketing or cookies)
- Lodge a complaint with the Danish Data Protection Authority:
Datatilsynet, Carl Jacobsens Vej 35, DK-2500 Valby, Denmark
Web: https://www.datatilsynet.dk
To exercise your rights, please contact us at info@bio-nordic.com. We will respond within one month of receipt.
8. Cookies & Tracking
We use cookies and similar technologies to:
- Essential cookies for site functionality
- Analytical cookies (with your consent) to improve performance
- Marketing cookies (with your consent) for tailored content
You can manage or withdraw your cookie consent at any time via the “Cookie Settings” link in the footer. For guidance, see the Danish Data Protection Authority’s cookie guidance: https://www.datatilsynet.dk
9. Security Measures
We implement appropriate technical and organizational safeguards, including:
- Encryption in transit (TLS/SSL)
- Access controls and logging
- Regular vulnerability assessments
- Staff data-protection training
10. Intellectual Property
All content on bio-nordic.com (text, images, logos, code) is protected by Danish and international copyright law. Reproduction or redistribution is prohibited without our prior written consent.
11. External Links & Liability
Our site may link to third-party websites. We are not responsible for their content or data practices. Service availability may be interrupted for maintenance or technical reasons; we disclaim liability for such unplanned interruptions.
12. Applicable Law & Jurisdiction
This Privacy Policy is governed by Danish law. Any disputes relating to your personal data or this policy shall be subject to the exclusive jurisdiction of the Danish courts.
