Privatlivspolitik

Nordlys Astronomi ApS

Privacy Policy

1. Introduction and Company Information

This Privacy Policy explains how Nordlys Astronomi ApS ("we", "us", or "our") collects, uses, stores, and protects personal data when you visit our website, contact us, purchase our products or services, or otherwise interact with us.

Data controller: Nordlys Astronomi ApS

Address: Østervold 5, 8900 Randers C, Denmark

Email: [email protected]

Phone: +45 87 42 96 31

Nordlys Astronomi ApS operates in the astronomy sector and may provide products, services, events, educational content, consultations, and related customer support.

2. Data Collection and Processing

We may collect and process the following categories of personal data, depending on your interaction with us:

  • Identification and contact information: name, address, email address, phone number, and similar details.
  • Transaction information: order details, payment status, invoices, delivery information, and purchase history.
  • Communication data: messages, inquiries, feedback, and correspondence with us.
  • Website and technical data: IP address, browser type, device information, log data, cookies, and usage behavior.
  • Customer relationship data: preferences, service history, and information relevant to support or account management.
  • Event and educational participation data: registration details, attendance information, and related communications.

We generally collect personal data directly from you, but we may also receive data from payment providers, delivery partners, IT service providers, public sources, or other third parties where permitted by law.

3. Purpose of Data Processing

We process personal data for the following purposes:

  • to provide and deliver our products and services;
  • to manage customer relationships and respond to inquiries;
  • to process orders, payments, invoices, and deliveries;
  • to organize events, workshops, and astronomy-related activities;
  • to improve our website, services, and customer experience;
  • to send service-related communications and, where permitted, marketing communications;
  • to comply with legal obligations, including accounting and record-keeping requirements;
  • to prevent fraud, misuse, and unauthorized access;
  • to establish, exercise, or defend legal claims.

4. Legal Basis for Processing

We process personal data only where we have a valid legal basis. Depending on the specific processing activity, the legal basis may include:

  • Performance of a contract: where processing is necessary to fulfill an agreement with you or to take steps at your request before entering into a contract.
  • Legal obligation: where processing is required to comply with applicable laws and regulations.
  • Legitimate interests: where processing is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms.
  • Consent: where you have given us clear consent for a specific purpose, such as certain marketing activities or cookies where required.

5. Data Sharing and Third Parties

We may share personal data with trusted third parties where necessary for the purposes described in this policy. These may include:

  • payment service providers;
  • delivery and logistics partners;
  • IT hosting, cloud, and software providers;
  • accounting, audit, and legal advisors;
  • marketing and analytics service providers;
  • public authorities where required by law.

We only share personal data to the extent necessary and require appropriate confidentiality and data protection safeguards where applicable.

6. Data Transfer to Third Countries

In some cases, personal data may be transferred to or accessed from countries outside the European Economic Area (EEA). This may occur if we use service providers or tools located outside the EEA.

Where such transfers take place, we will ensure that appropriate safeguards are in place in accordance with applicable data protection law, such as standard contractual clauses, adequacy decisions, or other lawful transfer mechanisms.

7. Storage Duration

We retain personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law.

  • Customer and contract data: retained for the duration of the customer relationship and thereafter as required for legal, accounting, or dispute-resolution purposes.
  • Accounting and tax records: retained for the period required by applicable law.
  • Communication records: retained for as long as necessary to handle the inquiry and any follow-up.
  • Marketing data: retained until you withdraw consent or object, where applicable.
  • Technical data and cookies: retained according to the relevant cookie or system retention periods.

When personal data is no longer needed, we will delete, anonymize, or securely archive it in accordance with applicable law and internal policies.

8. User Rights

Subject to applicable law, you may have the following rights regarding your personal data:

  • Right of access: to obtain confirmation as to whether we process your personal data and to receive a copy of that data.
  • Right to rectification: to request correction of inaccurate or incomplete personal data.
  • Right to erasure: to request deletion of your personal data in certain circumstances.
  • Right to restriction: to request that we restrict processing in certain situations.
  • Right to data portability: to receive personal data you have provided to us in a structured, commonly used, machine-readable format and, where technically feasible, to have it transmitted to another controller.
  • Right to object: to object to processing based on legitimate interests and, in certain cases, to direct marketing.

To exercise your rights, please contact us using the details provided below. We may need to verify your identity before responding. We will respond within the timeframe required by applicable law.

9. Withdrawal of Consent

Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

If you withdraw consent, we may no longer be able to provide certain services or communications that depend on that consent.

10. Right to Complain

If you believe that our processing of your personal data does not comply with applicable data protection law, you have the right to lodge a complaint with the relevant supervisory authority.

In Denmark, this is the Danish Data Protection Agency (Datatilsynet).

We encourage you to contact us first so that we can address your concerns directly and promptly.

11. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption where appropriate, secure storage, staff training, and regular review of our security practices.

While we strive to protect your personal data, no system can be guaranteed to be completely secure. You are encouraged to use secure communication channels when sharing sensitive information.

12. Contact Information

If you have questions about this Privacy Policy or our processing of personal data, or if you wish to exercise your rights, please contact us:

Nordlys Astronomi ApS
Østervold 5, 8900 Randers C, Denmark
Email: [email protected]
Phone: +45 87 42 96 31

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The updated version will be published on our website with a revised effective date where appropriate.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

4/1/2026 Hjem