Aalborg Institute for Development — Privacy Policy
Effective date: 28.08.2025
1. Data controller
Aalborg Institute for Development (CVR: 43695738)
Website: https://aalborgid.com
Registered address: Niels Ebbesens Gade 26, Aalborg 9000, Denmark
Data protection contact / privacy officer: info@aalborgid.com
2. Scope
This Privacy Policy describes how we collect, use, disclose and retain personal data when you visit https://aalborgid.com, contact us by email, or otherwise interact with us. It applies to individuals located in the EU/EEA and other visitors.
3. Types of personal data we process
– Contact details you provide when contacting us: name, email address, phone number (if provided), and any other information included in your message.
– Technical/automatic data: server logs (IP address, timestamps, user agent) and other minimal system data only if necessary for site operation. If we use no analytics or cookies, this will be stated clearly on the site.
4. Legal bases for processing
– Contact inquiries: processing is based on your consent and/or our legitimate interest in responding to your request and providing services (Art. 6(1)(a) and 6(1)(f) GDPR).
– Compliance with legal obligations: where processing is required by law (Art. 6(1)(c)).
– If we introduce marketing or newsletters, that processing will be based on your explicit consent (Art. 6(1)(a)).
5. Purposes of processing
– To respond to and handle enquiries, requests and communications.
– To provide, maintain and secure the website.
– To comply with legal obligations and protect our legal interests.
– Only with explicit consent: to send marketing or newsletters.
6. Recipients and processors
We may share personal data with third-party processors that perform services on our behalf, including:
– Hosting and infrastructure providers (website hosting, CDN).
– Email service providers used to receive/send messages.
– IT and security service providers, backup providers.
We will only engage processors that provide sufficient guarantees of GDPR compliance and, where transfers outside the EEA occur, we will use appropriate safeguards (EU Standard Contractual Clauses, adequacy decisions, or other lawful mechanisms). A current list of our processors and their privacy notices is available on request (info@aalborgid.com).
7. International transfers
If any personal data is transferred outside the EU/EEA, we will ensure appropriate safeguards such as Standard Contractual Clauses or rely on an adequacy decision. Details are available on request.
8. Retention periods
We retain personal data only as long as necessary for the purpose collected or as required by law. As a guideline:
– Enquiries and related correspondence: retained for 12 months after last contact unless further retention is required for legal claims or ongoing matters.
– Contact details for marketing: retained until consent is withdrawn.
We will securely delete or anonymise data when no longer required.
9. Your rights
Under the GDPR you have the right to:
– Access the personal data we hold about you.
– Rectify inaccurate or incomplete data.
– Erase your personal data (“right to be forgotten”) where applicable.
– Restrict processing of your data.
– Object to processing, including for direct marketing or profiling based on legitimate interests.
– Data portability where processing is based on consent or contract and carried out by automated means.
– Withdraw consent at any time (without affecting prior processing).
To exercise rights, contact info@aalborgid.com. We will respond within statutory timeframes. You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet): Datatilsynet, Borgergade 28, 5., 1300 København K, +45 33 19 32 00, www.datatilsynet.dk.
10. Right to withdraw consent
Where processing is based on consent, you can withdraw consent at any time by contacting info@aalborgid.com or by following the unsubscribe mechanism in any marketing communication. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
11. Automated decision-making and profiling
We do not engage in automated decision-making or profiling that produces legal effects concerning you. If this changes, we will notify you and provide appropriate safeguards.
12. Security measures
We implement appropriate technical and organizational measures to protect personal data, including TLS encryption for data in transit, access controls, regular security reviews, and encrypted backups where appropriate. In the event of a personal data breach that is likely to result in a risk to individuals’ rights and freedoms, we will notify the Danish Data Protection Agency within 72 hours and, where required, affected individuals without undue delay.
13.No cookies, analytics, tracking technologies or third‑party embeds (such as social widgets, external fonts or maps) are used on this website. We do not place or read cookies in your browser, and we do not collect information about your behaviour on the site through third‑party services.
Technical server logs: to operate the site we may record minimal, non‑persistent server logs necessary for security and troubleshooting (for example timestamps, requested resource and anonymised IPs). These logs are retained only as long as required for diagnostics and are not used for profiling or marketing. If you would like details about our server logging practices, contact info@aalborgid.com.
14. Children
We do not knowingly collect personal data from children under 16. If you believe we have received information from a child under the applicable age, contact info@aalborgid.com and we will delete it.
15. Changes to this policy
We may update this Privacy Policy. The effective date at the top will be updated after changes. Material changes will be communicated as appropriate.
16. Contact
For questions, access requests, concerns or to obtain the list of processors and safeguards for international transfers: info@aalborgid.com or +45 91 98 6150
