Skip to content
Go to raptorservices.com
  • There are no suggestions because the search field is empty.

Privacy Policy

1. Privacy Policy for Raptor Control Panel at Raptor Services A/S 
At Raptor Services A/S (“Raptor”, “we”, “us”, “our”), we are committed to protecting the personal data of our clients, suppliers, website visitors, applicants, and other individuals. This Privacy Policy outlines how we collect, use, store, and disclose personal data in accordance with the General Data Protection Regulation (GDPR) and the ePrivacy Directive. We process personal data lawfully, fairly, and transparently, with respect for individual privacy and in line with applicable data protection regulations. This Privacy Policy pertains only to the Raptor Control Panel and actions taken and events initiated in the Control Panel, ie. the online interface for the Raptor services for users of Raptor customers. It is to ensure compliance with the information obligations in GDPR and is directed to users of the Control Panel. For general information on how Raptor processes data, please see the Raptor. Privacy Policy available on Raptor’s general website.

2. Data Controller 
Raptor Services A/S is the data controller responsible for processing your personal data. We ensure that all processing is compliant with applicable data protection laws. 


Contact Information: 
Raptor Services A / S 
VAT-ID: 35 05 59 75 
Åboulevarden 37, 4th floor 
8000 Aarhus C 


Compliance Officer:
Kirsten Düsterdich 
E-mail: kmd@raptor.dk
Phone: +45 2040 8020 

 3. Purpose and Legal Bases of processing 
We process personal data for the following purposes: 

Purpose of Processing Legal Basis (GDPR Article 6)
To respond to legal inquiries or 
requests		 Art. 6(1)(f) – Compliance with a legal 
obligation
To improve our service and user 
experience		 Art. 6(1)(f) – Legitimate interest, balanced 
against your privacy rights
To secure IT systems and prevent 
misuse or fraud		 Art. 6(1)(f) – Legitimate interest, balanced 
against your privacy rights


4. Data Retention Periods and Types of Personal Data 
Personal data is retained: 

  • For up to 13 months after a given event or action taken in the Control Panel by customers use;
  • For a longer period in case there is a specific and justified reason for it, where the affected data subject will be notified individually on a case-by-case basis;
  • For as long as a data subject keeps their user in the Control Panel. 

Overview of which personal data is used for which purposes and how long: 

Types of Personal Data Purpose of Processing Legal Basis (GDPR) Retention Period 
Name, email, company 
name, phone number, 		 - Managing 
customer/supplier 
relationships 
- Sending newsletters 
and marketing materials 		 Art. 6(1)(f) – Legitimate 
Interest 		 As long as a person 
remains an active user in 
the Control Panel 
Username, email 
address, job title, 
company affiliation

- User creation and 
idenfitication 

- Login to Control Panel

 Art. 6(1)(f) – Legitimate 
interest		 As long as a person 
remains an active user in 
the Control Panel 
IP address, browser data 
(via cookies) 		 - Service optimization 
- Statistical analysis 		 Art. 6(1)(f) – Legitimate 
interest 		 13 months (as a general 
rule)
Login credentials 
(cookies) 		 - Providing secure access 
to customer areas 
- Fraud prevention		 Art. 6(1)(f) – Legitimate 
interest 		 Session-based (until 
session closes or cookie 
data is deleted) 
Events and actions of 
Control Panel usage 
(user behavior and 
usage data) with time 
stamps 		 - Audit logging 
- Prevention and combat 
of misuse 
- Security		 Art. 6(1)(f) – Legitimate 
Interest 		 13 months (as a general 
rule) 
 Technical identifiers 
(e.g., user IDs)		  - User tracking  Art. 6(1)(f) – Legitimate 
interest 		 As long as a person 
remains an active user in 
the Control Panel 

 

5. Cookies Data in relation to visits on the website www.raptorservices.com 

When visiting Raptor’s Control Panel, cookies are used. Cookies are small text files that are stored through your browser on your device, used by websites to make a user’s experience more efficient. The data is used to optimize the website in relation to the visitors’ needs. The login to the customer area on the website requires cookies to remember your choices. Selected employees at Raptor Services A/S have access to the collected data. The data is used for and disclosed in the form of statistics, etc., without specifying individual IP addresses. The purpose of processing statistics obtained from cookies is to provide a better website. This site uses different types of cookies. Some cookies are placed by third party services that appear on the Control Panel. If you want to learn more about what cookies we use, you can check out our cookie information.


6. Data Access and Disclosure 
Access to personal data is restricted to employees and subcontractors who require it to perform specific tasks, based on the principle of least privilege. All third-party processors operate under legally binding Data Processing Agreements. 


Our primary hosting and data storage provider is Microsoft, with additional services from: 
  • Sentry.io
    Note that data transferred to Sentry.io is limited to IP-addresses and user-agent-ID's, which for Sentry.io does not constitute personal  data, as they do not have the means likely to be used to identify the data subject. 

Certain data transfers may occur to processors based in the United States, under mechanisms such as the Data Privacy Framework (DPF) and/or Standard Contractual Clauses or other lawful transfer tools compliant with Chapter V of the GDPR. 
For a full list of data processors, contact our Compliance Officer. 

* Note that these third-party processors offer AI services in their main services. We therefore refer to the table below in this Privacy Policy, “AI-Enabled Service Providers and Compliance Measures”. 

 7. Data Security 
We maintain appropriate technical and organizational measures (TOMs) to protect personal data, including: 

  • Encryption (in transit and at rest)
  • Role-based access controls
  • Regular data backups
  • Employee confidentiality protocols 


In the event of a data breach likely to result in high risk to individuals, we will notify affected parties and supervisory authorities without undue delay, as required by GDPR Art. 33 and 34. 

8. Your rights under the GDPR 
You have the right to: 

  • Access your personal data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Erase data (aka “right to be forgotten”, Art. 17)
  • Restrict processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing (Art. 21) 

To exercise your rights, contact our Compliance Officer (see Section 2). We will respond within one month, or within two months for complex requests. Unfounded or excessive requests may be refused or subject to a fee. Note that due to the nature of our services, some of the above-mentioned rights are either irrelevant or impossible. For those cases, we have relevant measures to ensure that your rights are respected to the greatest possible extent. This may entail deletion of your user, if your request for using your data subject rights is valid and reasonable under GDPR.


9. Complaints 
You may send a complaint to the Danish Data Protection Authority (Datatilsynet): 
Email: dt@datatilsynet.dk
Website: www.datatilsynet.dk
Address: Carl Jacobsens Vej 35, 2500 Valby 
Phone: +45 33 19 32 00 


10. Change of Privacy Policy 
This Privacy Policy may be updated to reflect legal or operational changes. Significant changes will be communicated through our website or by email. The current version is always available at www.raptorservices.com/privacy-policy

11. AI-Enabled Service Providers and Compliance Measures 
This annex provides detailed information regarding the AI-powered services used by Raptor Services A/S, including their functions, data handling practices, and the safeguards in place to ensure compliance with the General Data Protection Regulation (GDPR), ePrivacy Directive, and the EU Artificial Intelligence Act (AI Act). 

Overview of AI-Enabled Vendors 
There are no AI-enabled vendors relevant for the processing of data on the Control Panel. 


Risk Classification Under the EU AI Act 
Not relevant 


Data Protection and AI Governance Measures 
The following controls have been implemented to ensure compliant use of AI 
services: 


Transparency and Accountability 

  • AI involvement is clearly disclosed in relevant interactions (e.g., newsletters 
    or auto-generated content).
  • Human oversight is maintained over all automated outputs.
  • Users can request explanations about automated processing and decisions. 


Data Minimization and Purpose Limitation
  • Only personal data necessary for the AI system’s defined purpose is processed.
  • AI tools are restricted contractually from training on client data for generalized model improvement. 


Data Processing Agreements and Safeguards 

  • Signed Data Processing Agreements (DPAs) with both HubSpot and Contractbook.
  • Data Privacy Framework is the transfer tool for transfers to third countries.
  • Internal DPIAs are conducted when AI use introduces higher risks to data subjects. 


Security and Integrity 

  • AI models used by processors are secured against unauthorized access and model drift.
  • Logging and audit trails are maintained to monitor AI decisions and system performance.