Last updated, April 2026
At Companyons, we handle your personal data with care and respect. This privacy policy describes what information we collect about you, how we use it, and what rights you have as a data subject.
This policy applies to everyone who visits our website, contacts us, rents office space from us, or receives communications from us.
1. Data Controller
The data controller responsible for the processing of your personal data is:
| Company | Companyons ApS |
| CVR no. | 44929651 |
| Address | Mariane Thomsens Gade 4b, 3rd 8000 Aarhus Denmark |
| info@companyons.dk | |
| Website | www.companyons.dk |
If you have any questions about our processing of personal data, please do not hesitate to contact us at the email address above.
2. What Data Do We Collect?
We collect and process the following categories of personal data depending on how you interact with us:
2.1 Website visits and cookies
- Technical data: IP address, browser type, operating system, screen resolution
- User behaviour: pages visited, time spent on the site, clicks and navigation patterns
- Cookies and similar technologies: see section 7 on cookies
2.2 Contact forms and enquiries
- Full name
- Email address
- Phone number (if provided)
- Company name (if provided)
- The content of your message
2.3 Newsletter and marketing
- Email address
- Name (if provided)
- Preferences and interests (based on interaction with our communications)
2.4 Customer onboarding and CRM
- Contact person name, title, and contact details
- Company name, CVR number, and address
- Contract information, tenancy details, and billing information
- Communication history and meeting notes
3. Purposes and Legal Basis for Processing
We process your personal data for the following purposes and on the following legal bases under Article 6 of the General Data Protection Regulation (GDPR):
| Purpose | Data involved | Legal basis |
| Responding to enquiries and requests | Name, email, phone, message content | Art. 6(1)(b) – performance of a contract / Art. 6(1)(f) – legitimate interests |
| Providing tenancy agreements and office hotel services | Customer data, contract details, billing data | Art. 6(1)(b) – performance of a contract |
| Sending newsletters and marketing communications | Email address, name | Art. 6(1)(a) – consent |
| Analysing website usage and optimisation | Cookies, IP address, user behaviour | Art. 6(1)(a) – consent (non-essential cookies) / Art. 6(1)(f) – legitimate interests (technical cookies) |
| Managing customer relationships and CRM | Contact and company data, communication | Art. 6(1)(b) – performance of a contract / Art. 6(1)(f) – legitimate interests |
| Fulfilling accounting and bookkeeping obligations | Billing data, CVR number | Art. 6(1)(c) – legal obligation |
4. Retention and Deletion
We only retain your personal data for as long as is necessary to fulfil the purpose for which it was collected, or as long as required by law.
| Category | Retention period |
| Contact enquiries (no subsequent customer relationship) | 2 years from receipt |
| Customer data during active tenancy | For the duration of the agreement |
| Customer data after tenancy has ended | 5 years after termination (Danish Bookkeeping Act) |
| Newsletter subscribers | Until consent is withdrawn |
| Website analytics (cookies) | Up to 13 months (depending on cookie type) |
5. Disclosure of Your Data
We do not sell your personal data to third parties. However, we may disclose data to the following categories of recipients:
5.1 Data processors
We use external service providers (data processors) who process data on our behalf. These may include:
- Email and CRM platforms (for customer communications and newsletters)
- Web hosting and website platforms
- Analytics tools for website optimisation
- Accounting and invoicing systems
All data processors are bound by data processing agreements in accordance with the GDPR and process data only on our documented instructions.
5.2 Public authorities
We may disclose data to public authorities where we are legally obliged to do so, for example in connection with accounting, tax audits, or law enforcement investigations.
5.3 Business transfers
In the event of a merger, acquisition, or sale of part of our business, personal data may be transferred as part of the transaction. You will be informed if this occurs.
6. Transfers to Third Countries
Our primary processing takes place within the EU/EEA. Where we use service providers that process data outside the EU/EEA (e.g. certain cloud-based services), we ensure that an appropriate transfer mechanism is in place, such as:
- Standard Contractual Clauses (SCCs) adopted by the European Commission
- An adequacy decision from the European Commission
- Other appropriate safeguards pursuant to Chapter V of the GDPR
Please contact us if you would like further information about our transfer mechanisms.
7. Cookies
Our website uses cookies and similar technologies. Cookies are small text files stored on your device that allow us to recognise you on return visits and improve your experience.
7.1 Types of cookies we use
| Type | Purpose | Consent required? |
| Strictly necessary | Enables core website functionality (e.g. sessions, security) | No – required for operation |
| Analytics / statistics | e.g. Google Analytics – measures site traffic and usage | Yes – requires consent |
| Marketing | Targeted advertising and remarketing | Yes – requires consent |
| Preferences | Remembers your settings (e.g. language, region) | No – functional cookies |
7.2 Managing your consent
When you first visit our website, we will ask for your consent to non-essential cookies via our cookie banner. You can change or withdraw your consent at any time by clicking on “Cookie settings” in the footer of our website.
Please note that withdrawing consent does not affect the lawfulness of any processing carried out prior to the withdrawal.
8. Your Rights
You have a number of rights under the GDPR. You can exercise these at any time by contacting us at ulf@companyons.dk.
8.1 Right of access (Article 15)
You have the right to obtain confirmation of whether we process personal data about you and, if so, to receive a copy of that data along with supplementary information about the processing.
8.2 Right to rectification (Article 16)
You have the right to have inaccurate personal data corrected and incomplete data completed.
8.3 Right to erasure (Article 17)
In certain circumstances you have the right to have your data erased — for example, if the data is no longer necessary for the purpose for which it was collected, or if you withdraw your consent.
8.4 Right to restriction of processing (Article 18)
In certain situations you have the right to request that processing of your data be restricted, for example while an objection is being handled.
8.5 Right to data portability (Article 20)
You have the right to receive the data you have provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
8.6 Right to object (Article 21)
You have the right to object to the processing of your personal data, including for direct marketing purposes. If you object to direct marketing, we will immediately cease processing your data for that purpose.
8.7 Right to withdraw consent
Where processing is based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing carried out before the withdrawal.
We aim to respond to all requests within 30 days. In complex cases, the deadline may be extended by a further two months, and you will be notified accordingly.
9. Right to Lodge a Complaint
If you believe that we are processing your personal data in breach of applicable data protection law, you have the right to lodge a complaint with the Danish Data Protection Authority:
| Authority | Datatilsynet (Danish Data Protection Authority) |
| Address | Carl Jacobsens Vej 35, DK-2500 Valby |
| Phone | +45 33 19 32 00 |
| dt@datatilsynet.dk | |
| Website | www.datatilsynet.dk |
We would always appreciate the opportunity to address any concerns directly before you contact the supervisory authority.
10. Data Security
We have implemented appropriate technical and organisational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures are reviewed on an ongoing basis and updated in line with technological developments.
In the event of a security breach that poses a risk to your rights and freedoms, we will notify the supervisory authority within 72 hours and, where required, notify you directly.
11. Changes to This Privacy Policy
We reserve the right to update this privacy policy, for example in response to changes in our processing activities or new legislation. The date of the most recent update is shown at the top of this document.
Material changes will always be communicated to you by email or prominently highlighted on our website.
12. Contact
If you have questions, comments, or wish to exercise your rights, please contact us:
| Company | Companyons ApS
VAT / Registration no, 44929651 |
| info@companyons.dk | |
| Website | www.companyons.dk |
| Locations | – Perron Workspace, Ny Banegårdsgade 55, 8000 Aarhus, Denmark- Fellow Workspace, Mariane Thomsens Gade 4b, 8000 Aarhus- The Union Workspace Nordhavn, Lautrupsgade 13, 2100 København Ø – The Union Workspace Vesterport, – The Union Workspace TRÆ, |
