Privacy and cookie policy
Privacy notice
Version 13.11.2025
This Privacy Notice (“Policy”) applies to all business partners, customers, suppliers, and similar external stakeholders. Please read it carefully to understand how Troldtekt collects, uses, and protects your personal data.
1. Purpose and scope
Troldtekt A/S, including all subsidiaries and affiliated group companies (“Troldtekt”), is committed to complying with all applicable national and international data protection laws. We maintain high ethical standards and believe that safeguarding personal data is essential to protecting the interests of our business, employees, stakeholders, and society.
Troldtekt processes personal data strictly in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection laws.
2. Personal data protection
2.1 Data controller and data processor
Troldtekt acts both as Data Controller and Data Processor and is responsible for ensuring that personal data is processed in accordance with applicable laws. A designated Personal Data Responsible oversees global compliance and supports local implementation of data protection rules and procedures.
For questions about our processing of personal data, please contact the Personal Data Responsible:
Lasse Schulz Nielsen
Phone: +45 44 14 49 76
Email: lsn@kingspanacoustics.com
2.2 Processing of personal data
Troldtekt processes personal data only within a business-to-business context. We do not process consumer data.
This Policy applies to category (1): business partners, customers, suppliers, and similar contacts. Employees are covered by a separate internal privacy policy.
2.2.1 Types of personal data
We may process the following personal data:
· Name
· Company name
· Job title
· Email address
· Telephone number
2.2.2 Purpose of processing
We process personal data for legitimate business purposes, including:
· Registering contacts in CRM or similar systems
· Distributing courtesy gifts (where permitted)
· Sending newsletters or updates
· Corresponding about projects
· Providing technical information and updates
· Fulfilling legal and contractual obligations
· Managing and handling claims
· Determining, defending, or pursuing legal rights
2.2.3 Data minimisation
We ensure that only the personal data necessary for the specific purpose is collected and processed. We limit data storage time, restrict access to authorised employees, and consider anonymisation or pseudonymisation whenever possible.
Some data must be collected by law or to fulfil contractual or operational obligations.
2.2.4 Accuracy and control
We strive to keep all personal data accurate and up to date. We therefore ask business partners, customers, and suppliers to inform us if their personal data changes or needs to be corrected or deleted.
3. Rights of the data subject
Individuals whose personal data we process (“Registered”) have the following rights under the GDPR:
· Right of access to their personal data
· Right to object to processing
· Right to rectification of inaccurate information
· Right to restriction of processing
· Right to erasure (“right to be forgotten”), unless another legal basis allows continued processing
· Right to data portability, where applicable
To exercise these rights, please contact the Personal Data Responsible.
If you disagree with how we process your personal data, you may contact us, lodge a complaint with your local Data Protection Authority, or take legal action through the courts. A list of national Data Authorities can be found here.
4. Security
We use IT systems and internal security policies designed to ensure that personal data is accessible only to relevant employees and protected against unauthorised access, alteration, loss, or destruction. Our IT Policy contains specific instructions and measures to safeguard your data.
5. Transfer of personal data
5.1 Transfer to third parties
We may transfer personal data to third parties in or outside your country when necessary for legitimate business purposes and always in compliance with applicable laws.
Any transfer must be justified, necessary, and compatible with the original purposes for which the data was collected. We ensure appropriate contractual safeguards, including data processing agreements, information security measures, and guarantees of compliance with data protection rights.
5.2 Intercompany transfers
Troldtekt regularly transfers personal data between group companies as part of daily business operations. Intercompany data processing agreements are in place to ensure GDPR-compliant protection across the entire Troldtekt group.
6. Retention of personal data
We retain personal data only for as long as necessary to fulfil the purposes described in this Policy or to comply with legal obligations.
7. Storage
All personal data is stored securely. Essential documents and financial records required for continuity of business are backed up daily and stored off-site.
8. Deletion
We identify and delete records that have reached the end of their retention period. Paper documents are shredded, and electronic records are deleted in coordination with the IT Department.
9. Implementation and compliance
Troldtekt seeks to ensure compliance with this Policy in any joint venture or commercial arrangement. We provide training, including e-learning programs, to ensure employees understand and follow the Policy.
Suspected or actual breaches must be reported to the Personal Data Responsible. Reports are treated confidentially and investigated promptly.
Hard copies of this Policy are available upon request. Breaches by employees may result in disciplinary action.
10. Cookies
When you use the Troldtekt website, we may collect information through first-party or third-party cookies for functional, statistical, or marketing purposes. More information is available in our Cookie Policy, including how to deactivate certain cookies.
11. Amendments
We may update this Policy in response to changes in legislation, technology, functionality, or our website.
