Privacy Policy
Last updated: 29 April 2026
This policy explains what personal data Proxus processes when you visit proxus.dk or contact us, why we process it, who we share it with, and the rights you have under the EU General Data Protection Regulation (GDPR).
1. Data controller
Proxus ApS
CVR: 38854852
Denmark
Email: contact@proxus.dk
Phone: +45 42 59 48 48
We are the data controller for the personal data described below. Send any privacy-related request — access, correction, deletion, or complaint — to the email above, and we will respond within one month as required by Article 12(3) GDPR.
2. What we collect and why
2.1 Contact form submissions
When you submit the contact form, we process the name, email address, phone number (optional) and message you provide.
- Purpose: reply to your enquiry and, where relevant, set up a business relationship.
- Legal basis: Article 6(1)(b) GDPR — steps prior to entering a contract — and where the enquiry is unrelated to a contract, Article 6(1)(f) — our legitimate interest in responding to people who contact us.
- Retention: up to 24 months from last contact, then deleted unless a customer relationship has been established (in which case bookkeeping rules apply — see §5).
2.2 Anti-spam (Google reCAPTCHA)
The contact form is protected by Google reCAPTCHA. When you interact with the form, Google receives information about your device and behaviour to score whether you are a bot. This is governed by Google's Privacy Policy and Terms.
- Legal basis: Article 6(1)(f) GDPR — legitimate interest in preventing automated abuse of our forms. reCAPTCHA only loads when you interact with a form field.
2.3 Analytics (Google Analytics 4)
If you accept the analytics cookie, we use Google Analytics 4 to understand how visitors use the site (which pages are visited, traffic sources, broad geography, device type). IP addresses are anonymised before storage, we do not enable Google Signals, and we do not use the data for advertising.
- Legal basis: Article 6(1)(a) GDPR — your consent, given via the cookie banner. You can withdraw consent at any time (see §7).
- Default state: until you accept, all Google analytics, advertising, and personalisation signals are set to
deniedvia Google Consent Mode v2 — no analytics cookies are written.
2.4 Server logs
Our hosting provider (Microsoft Azure Static Web Apps) records standard server logs — timestamp, request URL, status code, user-agent, and truncated IP — for security and operational purposes. These logs are retained for short periods by Microsoft under their service terms.
- Legal basis: Article 6(1)(f) GDPR — legitimate interest in operating and securing the website.
3. Cookies and similar technologies
| Cookie / storage key | Set by | Purpose | Lifetime |
|---|---|---|---|
proxus_consent |
Proxus (localStorage) | Remembers your cookie banner choice. Strictly necessary — no consent required. | Until cleared |
_ga |
Google Analytics | Distinguishes unique users (only set after you accept). | 2 years |
_ga_EZMFCG65K7 |
Google Analytics | Persists session state for our GA4 property (only set after you accept). | 2 years |
reCAPTCHA cookies (e.g. _GRECAPTCHA) |
Bot detection on contact form. Loaded only when you interact with a form field. | Up to 6 months |
4. Recipients and international transfers
We share personal data only with the processors listed below, each engaged under written data-processing agreements as required by Article 28 GDPR:
- Microsoft (Azure Static Web Apps) — website hosting. Data stays in the EU where contractually feasible.
- Postmark (Wildbit, LLC) — transactional email delivery for contact form notifications.
- Google Ireland Ltd — Google Analytics 4 and reCAPTCHA.
Some of these providers may transfer data to the United States. Such transfers rely on the EU-US Data Privacy Framework (where the recipient is certified) and, additionally, on the European Commission's Standard Contractual Clauses (Article 46(2)(c) GDPR). On request, we will provide a copy of the relevant safeguards.
5. Retention
- Contact form data: up to 24 months from last contact.
- Customer-relationship records covered by Danish bookkeeping law (Bogføringsloven): retained for 5 years from the end of the financial year.
- Analytics data: up to 14 months in Google Analytics, then automatically deleted.
- Server logs: per Microsoft Azure's standard retention.
6. Your rights
Under the GDPR you have the right to:
- request access to the personal data we hold about you (Art. 15);
- have inaccurate data corrected (Art. 16);
- have your data erased where one of the conditions in Art. 17 applies;
- have processing restricted in the cases described in Art. 18;
- receive your data in a portable format and have it transmitted to another controller (Art. 20);
- object to processing based on legitimate interest (Art. 21);
- withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal (Art. 7(3)).
To exercise any of these rights, email contact@proxus.dk. We may need to verify your identity before responding.
7. Changing or withdrawing your cookie choice
You can change your decision at any time by clicking the button below. This will clear your stored choice and reload the page so the cookie banner reappears.
You can also delete cookies and local storage for this site from your browser settings, or install browser-level controls such as the Google Analytics opt-out add-on.
8. Complaints
If you believe we are processing your data unlawfully, we would prefer that you contact us first. You also have the right to lodge a complaint with the Danish Data Protection Agency:
Datatilsynet
Carl Jacobsens Vej 35, 2500 Valby
Phone: +45 33 19 32 00
Web: www.datatilsynet.dk
9. Changes to this policy
We may update this policy as our processing changes or to reflect updated guidance from supervisory authorities. The "Last updated" date at the top of the page reflects the most recent revision.