Privacy Policy Background

Privacy Policy

Privacy Policy – Business Customers

Here you can read how we at NoveNorth ApS handle your personal data as a business customer, effective from July 7, 2025 for both existing and new business customers.

At NoveNorth, we protect and respect your data and privacy. When you want to become a customer at NoveNorth, we as data controller process your personal data.

This Privacy Policy applies to you as an individual with connection to a company that has or is considering a customer relationship with NoveNorth ApS. You may, for example, be authorized signatory, beneficial owner, director, employee, guarantor, surety, pledgor or third party with connection to our business customers.

The Privacy Policy describes how we process your personal data, for example when your company enters into an agreement with us.

1. What is personal data?

Personal data is any form of information that can be attributed to you. When your company becomes a customer with us, we register contact and identification information on management and beneficial owners – information that individually or in combination can be attributed to individuals connected to the company.

2. How do we process your personal data?

We process your personal data confidentially and in accordance with the Data Protection Act, EU's General Data Protection Regulation (GDPR), the Danish Data Protection Agency's guidelines and other relevant legislation.

We receive personal data, for example, when you fill out our contact form, send us information in correspondence, or when we obtain data from publicly available sources such as the CVR register (Virk.dk), the Central Person Register, the Danish Financial Supervisory Authority's PEP list, Experian or credit information agencies.

We collect and process both ordinary (non-sensitive) and in certain cases sensitive personal data:

Examples of ordinary information:

  • Name, address, phone number, email
  • Information about possible status as Politically Exposed Person (PEP) or close associate
  • Financial information (e.g. for sole proprietorships)

We may also register sensitive information, for example if your PEP status follows from political affiliation, or if we in connection with legally required procedures register publicly available information relating to criminal matters.

Furthermore, we process CPR number (and CVR number) in connection with identity verification (cf. the Anti-Money Laundering Act) and mandatory reporting to SKAT (cf. the Tax Control Act).

3. Purpose and legal basis

We process your personal data for the following purposes:

  • Establishment of customer relationship
  • Credit assessment
  • Ongoing administration of the customer relationship
  • Marketing (only with your consent)
  • Termination and completion of customer relationship
  • Compliance with applicable legislation

The legal basis for the processing is:

  • Performance of contracts and agreements (GDPR art. 6, subsection 1, letter b)
  • Compliance with legal requirements, e.g. the Anti-Money Laundering Act, the Tax Control Act, the Bookkeeping Act (GDPR art. 6, subsection 1, letter c)
  • Your consent, e.g. for marketing (GDPR art. 6, subsection 1, letter a)

You can withdraw your consent at any time.

4. Storage

We store your information as long as you are a customer with us. Upon termination, the information is stored for 5 years plus the current year, cf. applicable legislation.

If you do not become a customer, we store your information for up to 6 months. If you have given consent to marketing, we store your contact information for 2 years or until consent is withdrawn.

5. Automated decisions

We do not use personal data for automated individual decisions.

6. Protection of your information

We have implemented appropriate technical and organizational measures to protect your information against, for example, unauthorized access, accidental deletion or misuse.

7. Your rights

You have the right to:

  • Access to what information we process about you
  • Have incorrect information corrected
  • Request deletion or restriction
  • Object to certain processing
  • Receive your information in a structured format (data portability)

We store documentation of your use of rights for 2 years.

You exercise your rights by contacting our data protection officer.

8. Disclosure and transfer

We disclose your information to:

  • Public authorities, e.g. SKAT or other authorities when legally required
  • Data processors, e.g. IT suppliers who store or process data on our behalf

We only use data processors in the EU/EEA or in countries that can offer adequate protection.

9. Withdrawal of consent

You can always withdraw your consent to marketing by contacting us. Withdrawal does not affect previous processing.

10. Confidentiality

Our employees have a duty of confidentiality. Your information is not disclosed without authorization.

11. Contact

If you have questions or wish to exercise your rights, contact us:

NoveNorth ApS

CVR no. 44335956

Amaliegade 6, 2 tv

1256 Copenhagen K

Email: databeskyttelse@novenorth.com

12. Data controller

NoveNorth ApS, CVR no. 44335956, is the data controller for the processing of your information.

13. Complaint

You can complain to the Danish Data Protection Agency if you are dissatisfied with our processing of your information. See more at www.datatilsynet.dk.

14. Changes

We may update this privacy policy. Changes will be communicated directly to you if they significantly affect your rights.

Last updated: July 7, 2025.