Privacy Policy

Privacy Policy for Bio-Nordic A/S

Effective Date: 10-03-2022
Last Updated: 30-05-2025

Bio-Nordic A/S (“we,” “us,” “our”) is committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR), the Danish Data Protection Act (Databeskyttelsesloven) and related Danish implementing rules.


1. Data Controller

Bio-Nordic A/S
Automatikvej 1
Regus Office Space
DK-2860 Søborg
Denmark
CVR/VAT No.: DK-40831622

Contact:
– Email: info@bio-nordic.com
– Web: https://bio-nordic.com


2. What Data We Collect

We collect and process personal data concerning:

  • Identity & contact details (name, address, e-mail, telephone)
  • Account & service data (usernames, order history, service agreements)
  • Communications (correspondence, inquiries, support tickets)
  • Website usage (IP address, pages visited, clicks, device/browser data)

3. Purposes of Processing

We process your data to:

  • Create, manage and authenticate your user/client account
  • Provide requested information, products and services
  • Respond to inquiries, RFQs and support requests
  • Send service updates and transactional notifications
  • Compile aggregated statistics to improve our offerings
  • Conduct direct marketing campaigns (only with your prior consent)

Except for direct marketing (consent-based), all other processing is necessary for performance of contract or our legitimate interests.


4. Legal Basis for Processing

  • Performance of a contract (Art. 6 (1)(b) GDPR)
  • Compliance with legal obligations (Art. 6 (1)(c) GDPR)
  • Legitimate interests (Art. 6 (1)(f) GDPR), e.g. website analytics and fraud prevention
  • Consent (Art. 6 (1)(a) GDPR) for marketing communications and non-essential cookies

5. Recipients & Data Sharing

We do not sell or rent your personal data. Access may be granted to:

  • Internal staff (sales, support, IT) on a need-to-know basis
  • Sub-processors under contract (e.g., hosting providers, payment processors, CRM/ERP vendors)
  • Authorities or courts if required by law or judicial order

All third-party processors have GDPR-compliant agreements in place.


6. Data Retention

CategoryRetention Period
Clients & customersDuration of business relationship + 5 years after last transaction
Prospects & enquiries3 years after last recorded interaction
Website analytics & logsUp to 2 years

7. Your Rights

Under GDPR you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase (“right to be forgotten”) in certain circumstances
  • Restrict or object to processing
  • Data portability (receive your data in a structured, machine-readable format)
  • Withdraw consent at any time (for marketing or cookies)
  • Lodge a complaint with the Danish Data Protection Authority:
    Datatilsynet, Carl Jacobsens Vej 35, DK-2500 Valby, Denmark
    Web: https://www.datatilsynet.dk

To exercise your rights, please contact us at info@bio-nordic.com. We will respond within one month of receipt.


8. Cookies & Tracking

We use cookies and similar technologies to:

  • Essential cookies for site functionality
  • Analytical cookies (with your consent) to improve performance
  • Marketing cookies (with your consent) for tailored content

You can manage or withdraw your cookie consent at any time via the “Cookie Settings” link in the footer. For guidance, see the Danish Data Protection Authority’s cookie guidance: https://www.datatilsynet.dk


9. Security Measures

We implement appropriate technical and organizational safeguards, including:

  • Encryption in transit (TLS/SSL)
  • Access controls and logging
  • Regular vulnerability assessments
  • Staff data-protection training

10. Intellectual Property

All content on bio-nordic.com (text, images, logos, code) is protected by Danish and international copyright law. Reproduction or redistribution is prohibited without our prior written consent.


11. External Links & Liability

Our site may link to third-party websites. We are not responsible for their content or data practices. Service availability may be interrupted for maintenance or technical reasons; we disclaim liability for such unplanned interruptions.


12. Applicable Law & Jurisdiction

This Privacy Policy is governed by Danish law. Any disputes relating to your personal data or this policy shall be subject to the exclusive jurisdiction of the Danish courts.