Privacy Policy

Introduction

OrbitHarvester AS ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard the data we collect from users of our website and services.

This policy applies to all visitors and users of our website at orbitharvester.world and our e-commerce logistics optimization services. By using our website or services, you consent to the practices described in this Privacy Policy.

Data Controller Information

The data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

Data Collection

We collect various types of information to provide and improve our services. The data we collect includes:

Personal Information

• Name and contact details (email address, phone number, postal address)
• Company information (company name, position, industry)
• Communication preferences and marketing consents
• Information provided in contact forms, enquiries, and communications

Technical Information

• IP address and location data
• Browser type, version, and settings
• Device information and operating system
• Website usage data and navigation patterns
• Cookies and similar tracking technologies

Service-Related Information

• Information about your logistics operations and requirements
• Project details and consultation notes
• Performance metrics and optimization results
• Feedback and service evaluation data

How We Use Your Information

We use of your data is based on legitimate legal grounds under GDPR. Here's how we use your information and the legal basis for each purpose:

Service Provision (Contract Performance)

• Providing logistics optimization consultations and services
• Responding to enquiries and customer support requests
• Processing and fulfilling service agreements
• Communicating about projects and deliverables

Legitimate Business Interests

• Improving our website functionality and user experience
• Analysing service performance and customer satisfaction
• Developing new services and optimization methodologies
• Protecting against fraud and security threats

Legal Compliance

• Complying with applicable laws and regulations
• Maintaining records for tax and accounting purposes
• Responding to legal requests and court orders

Consent-Based Processing

• Sending marketing communications and newsletters
• Using cookies for analytics and advertising purposes
• Sharing case studies and success stories (with explicit consent)

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

Our website uses various types of cookies including necessary cookies for website functionality, analytics cookies to understand user behaviour, and marketing cookies for advertising purposes. For detailed information about the specific cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

Service Providers

We may share information with trusted third-party service providers who assist us in operating our website, conducting our business, or serving our users, including:

• Website hosting and technical infrastructure providers
• Email marketing and communication platforms
• Analytics and performance measurement tools
• Professional advisors (legal, accounting, consulting)

Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

• Comply with legal obligations or court orders
• Protect our rights, property, or safety
• Investigate fraud or security incidents
• Enforce our terms of service or other agreements

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our data retention periods are based on:

• Customer Data: Retained for the duration of our business relationship and up to 7 years thereafter for legal and accounting purposes
• Marketing Data: Retained until you withdraw consent or for 3 years from last engagement
• Website Analytics: Retained for up to 26 months in accordance with Google Analytics settings
• Communication Records: Retained for 3 years for customer service and quality purposes

When personal information is no longer needed, we securely delete or anonymise it in accordance with our data retention and disposal procedures.

Your Rights

Under the General Data Protection Regulation (GDPR) and other applicable privacy laws, you have several rights regarding your personal information:

Access and Portability

• Right to access your personal data and receive a copy
• Right to data portability in a structured, commonly used format

Correction and Deletion

• Right to rectify inaccurate or incomplete personal data
• Right to erasure ("right to be forgotten") in certain circumstances

Processing Restrictions

• Right to restrict processing in specific situations
• Right to object to processing based on legitimate interests
• Right to withdraw consent for consent-based processing

To exercise any of these rights, please contact us using the information provided in the "Contact Information" section below. We will respond to your request within one month of receipt.

Data Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Staff training on data protection and security
• Secure backup and disaster recovery procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining reasonable security measures.

International Data Transfers

As we operate primarily within the European Economic Area (EEA), most of your personal data is processed within the EEA. If we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognising equivalent protection levels
• Certification schemes and codes of conduct

Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website
• Updating the "Last updated" date at the top of this policy
• Sending email notifications for significant changes (where applicable)

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us using the following information:

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe we have not handled your personal data in accordance with applicable data protection laws.

Supervisory Authority

If you have concerns about our data processing practices, you may contact the relevant supervisory authority: